FEDORA-2020-0d3d3f5072 created by luhliarik 2 months ago for Fedora 31
stable

This release includes the latest stable version of Apache httpd, version 2.4.46. A security issue is addressed in this update:

  • CVE-2020-11984 mod_proxy_uwsgi: Malicious request may result in information disclosure or RCE of existing file on the server running under a malicious process environment.

For the full list of changes in this release, see https://downloads.apache.org/httpd/CHANGES_2.4.46

How to install

sudo dnf upgrade --advisory=FEDORA-2020-0d3d3f5072

This update has been submitted for testing by luhliarik.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update's test gating status has been changed to 'waiting'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

jorton edited this update.

2 months ago

This update has been pushed to testing.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
2 months ago
modified
2 months ago
BZ#1820775 CVE-2020-1927 httpd: mod_rewrite configurations vulnerable to open redirect [fedora-all]
0
0
BZ#1820776 CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value [fedora-all]
0
0
BZ#1866581 httpd-2.4.46 is available
0
0
BZ#1868147 CVE-2020-11985 httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite [fedora-all]
0
0
BZ#1868148 CVE-2020-11984 httpd: mod_proxy_uswgi buffer overflow [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case HTTPd