You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa httpd

Sigurnosni nedostaci programskog paketa httpd

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2020-08-31 15:48:37.485806

Name : httpd
Product : Fedora 32
Version : 2.4.46
Release : 1.fc32
Summary : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, efficient, and extensible
web server.

Update Information:

This release includes the latest stable version of Apache **httpd**, version
**2.4.46**. A security issue is addressed in this update: * **CVE-2020-11984**
mod_proxy_uwsgi: Malicious request may result in information disclosure or RCE
of existing file on the server running under a malicious process environment.
For the full list of changes in this release, see

* Tue Aug 25 2020 Lubos Uhliarik <> – 2.4.46-1
– new version 2.4.46
– remove obsolete parts of this spec file
– fix systemd detection patch
* Tue Jul 28 2020 Fedora Release Engineering <> – 2.4.43-7
– Rebuilt for

[ 1 ] Bug #1820775 – CVE-2020-1927 httpd: mod_rewrite configurations vulnerable to open redirect [fedora-all]
[ 2 ] Bug #1820776 – CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value [fedora-all]
[ 3 ] Bug #1866581 – httpd-2.4.46 is available
[ 4 ] Bug #1868147 – CVE-2020-11985 httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite [fedora-all]
[ 5 ] Bug #1868148 – CVE-2020-11984 httpd: mod_proxy_uswgi buffer overflow [fedora-all]

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-189a1e6c3e’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorBruno Varga
Cert idNCERT-REF-2020-09-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa lucene

Otkriveni su sigurnosni nedostaci u programskom paketu lucene za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija...