ALINUX2-SA-2022:0018: httpd security update (Important)

Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:

CVE-2022-22720:
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

aarch64
- httpd-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- httpd-debuginfo-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- httpd-devel-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- httpd-tools-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- mod_ldap-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- mod_proxy_html-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- mod_session-2.4.6-97.1.al7.5.aarch64.rpm → (download)
- mod_ssl-2.4.6-97.1.al7.5.aarch64.rpm → (download)
i686
- httpd-2.4.6-97.1.al7.5.i686.rpm → (download)
- httpd-debuginfo-2.4.6-97.1.al7.5.i686.rpm → (download)
- httpd-devel-2.4.6-97.1.al7.5.i686.rpm → (download)
- httpd-tools-2.4.6-97.1.al7.5.i686.rpm → (download)
- mod_ldap-2.4.6-97.1.al7.5.i686.rpm → (download)
- mod_proxy_html-2.4.6-97.1.al7.5.i686.rpm → (download)
- mod_session-2.4.6-97.1.al7.5.i686.rpm → (download)
- mod_ssl-2.4.6-97.1.al7.5.i686.rpm → (download)
src
- httpd-2.4.6-97.1.al7.5.src.rpm → (download)
x86_64
- httpd-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- httpd-debuginfo-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- httpd-devel-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- httpd-tools-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- mod_ldap-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- mod_proxy_html-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- mod_session-2.4.6-97.1.al7.5.x86_64.rpm → (download)
- mod_ssl-2.4.6-97.1.al7.5.x86_64.rpm → (download)
noarch
- httpd-manual-2.4.6-97.1.al7.5.noarch.rpm → (download)

Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2022:0018

Summary

Severity

Description

References

Updated Packages