- Issued:
- 2011-05-19
- Updated:
- 2011-05-19
RHBA-2011:0706 - httpd bug fix update
Synopsis
httpd bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
Updated httpd packages that fix multiple bugs are now available for Red Hat Enterprise Linux 6.
Description
The Apache HTTP Server is a popular web server.
This update fixes the following bugs:
-
Due to a bug in the filter initialization process, filters configured using the mod_filter module were not handled correctly if a "sub-request" took place. For example, using the "FilterChain" directive to configure the "DEFLATE" compression filter with a Server-Side-Include page could result in pages which were only partially compressed. With this update, filters used with mod_filter operate correctly. (BZ#631849)
-
If arguments passed to the ab benchmarking program triggered a memory allocation failure, ab could terminate unexpectedly with a segmentation fault. With this update, the memory allocation failure is now trapped earlier, and the program exits gracefully with an error message. (BZ#645846)
-
When executing the "service httpd stop" command, a 10-seconds timeout is used before terminating the httpd parent process in case of error. If this timeout was insufficient, resources did not allow the parent process to terminate cleanly and could be leaked. This update introduces the "STOP_TIMEOUT" environment variable, which can be used in the /etc/sysconfig/httpd configuration file to change the timeout. This can be used to allow a longer delay and fix resource leaks if the httpd parent is slow to terminate. (BZ#657480)
-
When configuring the httpd service, using a mod_ldap directive in the "VirtualHost" container caused the HTTP server to stop caching requests to a directory server. This update applies a patch that corrects this error, and the use of mod_ldap directives in the "VirtualHost" context no longer prevents the httpd service from caching LDAP requests. (BZ#676635)
-
Prior to this update, an attempt to use configuration with multiple virtual hosts sharing the same ID and private key file could prevent the httpd service from starting with an error message written to the error_log file. With this update, the underlying source code has been modified to address this issue, and the httpd service now starts as expected. (BZ#676831)
-
When using the prefork Multi-Processing Module (MPM), children processes with persistent connections (that is, with the "KeepAlive" directive set to "On") kept processing new requests even when a graceful restart had been issued. This update applies a patch that corrects this error, and children processes with the persistent connections no longer process new requests when a graceful restart is requested. (BZ#679476)
-
Previously, an attempt to start the httpd service with the mod_ssl module in FIPS mode failed. With this update, an upstream patch has been applied to implement support for the FIPS mode in the mod_ssl module, and httpd no longer fails to start. (BZ#684144)
All users of httpd are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- httpd-2.2.15-9.el6.x86_64.rpm
- httpd-tools-2.2.15-9.el6.s390x.rpm
- mod_ssl-2.2.15-9.el6.s390x.rpm
- httpd-devel-2.2.15-9.el6.s390.rpm
- httpd-tools-2.2.15-9.el6.x86_64.rpm
- httpd-debuginfo-2.2.15-9.el6.ppc64.rpm
- httpd-manual-2.2.15-9.el6.noarch.rpm
- httpd-debuginfo-2.2.15-9.el6.ppc.rpm
- mod_ssl-2.2.15-9.el6.ppc64.rpm
- httpd-tools-2.2.15-9.el6.i686.rpm
- httpd-2.2.15-9.el6.ppc64.rpm
- httpd-debuginfo-2.2.15-9.el6.i686.rpm
- httpd-2.2.15-9.el6.src.rpm
- httpd-devel-2.2.15-9.el6.i686.rpm
- httpd-2.2.15-9.el6.i686.rpm
- mod_ssl-2.2.15-9.el6.i686.rpm
- mod_ssl-2.2.15-9.el6.x86_64.rpm
- httpd-debuginfo-2.2.15-9.el6.x86_64.rpm
- httpd-devel-2.2.15-9.el6.ppc.rpm
- httpd-tools-2.2.15-9.el6.ppc64.rpm
- httpd-debuginfo-2.2.15-9.el6.s390x.rpm
- httpd-2.2.15-9.el6.s390x.rpm
- httpd-devel-2.2.15-9.el6.x86_64.rpm
- httpd-devel-2.2.15-9.el6.s390x.rpm
- httpd-devel-2.2.15-9.el6.ppc64.rpm
- httpd-debuginfo-2.2.15-9.el6.s390.rpm
Fixes
- This content is not included.BZ - 645846
- This content is not included.BZ - 652335
- This content is not included.BZ - 657480
- This content is not included.BZ - 676635
- This content is not included.BZ - 676831
- This content is not included.BZ - 679476
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.