-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-f7c75ffee2 2025-12-25 01:07:31.597147+00:00 --------------------------------------------------------------------------------
Name : httpd Product : Fedora 42 Version : 2.4.66 Release : 1.fc42 URL : https://httpd.apache.org/ Summary : Apache HTTP Server Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. -------------------------------------------------------------------------------- Update Information: version update security update -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 9 2025 Luboš Uhliarik <[email protected]> - 2.4.66-1 - new version 2.4.66 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2419768 - httpd-2.4.66 is available https://bugzilla.redhat.com/show_bug.cgi?id=2419768 [ 2 ] Bug #2420206 - CVE-2025-58098 httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2420206 [ 3 ] Bug #2420207 - CVE-2025-58098 httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2420207 [ 4 ] Bug #2420208 - CVE-2025-66200 httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2420208 [ 5 ] Bug #2420209 - CVE-2025-66200 httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2420209 [ 6 ] Bug #2420214 - CVE-2025-65082 httpd: Apache HTTP Server: CGI environment variable override [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2420214 [ 7 ] Bug #2420215 - CVE-2025-65082 httpd: Apache HTTP Server: CGI environment variable override [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2420215 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f7c75ffee2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
-- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
