FEDORA-2018-c3dc008c54 created by jorton a year ago for Fedora 27
stable

This update includes the latest upstream release, httpd 2.4.34, with multiple bug fixes and enhancements. See http://www.apache.org/dist/httpd/CHANGES_2.4.34 for more information on the changes in this version.

A security vulnerability is addressed in this update:

  • mod_md: DoS via Coredumps on specially crafted requests (CVE-2018-8011)

The following changes are also included in this update:

  • The post-transaction scriptlet to restart httpd.service no longer blocks waiting for the restart to complete.
  • mod_ssl now supports loading private keys (and associated certificates) from a PKCS#11 provider. Use a pkcs11: URI in the SSLCertificateKeyFile (and optionally SSLCertificateFile) directive(s).
  • An example Lua-based server-status.conf is packaged in the docdir
  • httpd now Obsoletes mod_proxy_uwsgi (#1599113)
  • mod_systemd now logs listening ports at startup

How to install

sudo dnf upgrade --advisory=FEDORA-2018-c3dc008c54
This update has been submitted for testing by jorton. a year ago
This update has been pushed to testing. a year ago
jorton edited this update. a year ago
jorton edited this update. a year ago
User Icon bojan commented & provided feedback a year ago
karma

Works here.

jorton edited this update. a year ago
User Icon carlwgeorge commented & provided feedback a year ago
karma

The obsoletes for #1599113 look good to me.

jorton edited this update. a year ago
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes a year ago
User Icon mstevens commented & provided feedback a year ago
karma

works fine

This update has been submitted for batched by bodhi. a year ago
This update has been submitted for stable by bodhi. a year ago
This update has been pushed to stable. a year ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-2
Stable by Karma
2
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
modified
a year ago
BZ#1599113 httpd: obsolete mod_proxy_uwsgi
0
0
BZ#1601160 httpd-2.4.34 is available
0
0
BZ#1605093 CVE-2018-8011 httpd: mod_md: NULL pointer dereference causing httpd child process crash [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case HTTPd