FEDORA-2022-b4103753e9 — security update for httpd

stable

httpd-2.4.53-1.fc35

FEDORA-2022-b4103753e9 created by luhliarik a year ago for Fedora 35

new version httpd 2.4.53
fixes CVE-2022-23943, CVE-2022-22721, CVE-2022-22720 and CVE-2022-22719

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2022-b4103753e9

This update has been submitted for testing by luhliarik.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago

imabug provided feedback a year ago

karma

Test Case HTTPd

This update has been pushed to testing.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

atim provided feedback a year ago

karma

This update can be pushed to stable now if the maintainer wishes

a year ago

pwalter commented & provided feedback a year ago

karma

Works

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Builds

httpd-2.4.53-1.fc35

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

BZ#2039437 F34 left vulerable to CVE-2021-44790 and CVE-2021-44224

BZ#2064568 CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds [fedora-all]

BZ#2064571 CVE-2022-22721 httpd: Apache Core Possible buffer overflow with very large or unlimited LimitXMLRequestBody [fedora-all]

BZ#2064576 CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier [fedora-all]

BZ#2064578 CVE-2022-22719 httpd: mod_lua Use of uninitialized value of in r:parsebody [fedora-all]

httpd-2.4.53-1.fc35

Automated Test Results

passed

Test Cases


0	1	Test Case HTTPd