{"id":"MGASA-2024-0258","summary":"Updated apache packages fix security vulnerabilities","details":"Serving WebSocket protocol upgrades over a HTTP/2 connection could\nresult in a Null Pointer dereference, leading to a crash of the server\nprocess, degrading performance. (CVE-2024-36387)\nEncoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier\nallows request URLs with incorrect encoding to be sent to backend\nservices, potentially bypassing authentication via crafted requests.\n(CVE-2024-38473)\nSubstitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59\nand earlier allows attacker to execute scripts in directories permitted\nby the configuration but not directly reachable by any URL or source\ndisclosure of scripts meant to only to be executed as CGI. Some\nRewriteRules that capture and substitute unsafely will now fail unless\nrewrite flag \"UnsafeAllow3F\" is specified. (CVE-2024-38474)\nImproper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59\nand earlier allows an attacker to map URLs to filesystem locations that\nare permitted to be served by the server but are not\nintentionally/directly reachable by any URL, resulting in code execution\nor source code disclosure. Substitutions in server context that use a\nbackreferences or variables as the first segment of the substitution are\naffected.  Some unsafe RewiteRules will be broken by this change and the\nrewrite flag \"UnsafePrefixStat\" can be used to opt back in once ensuring\nthe substitution is appropriately constrained. (CVE-2024-38475)\nVulnerability in core of Apache HTTP Server 2.4.59 and earlier are\nvulnerably to information disclosure, SSRF or local script execution via\nbackend applications whose response headers are malicious or\nexploitable.  (CVE-2024-38476)\nNull pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and\nearlier allows an attacker to crash the server via a malicious request.\n(CVE-2024-38477)\nPotential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier\nallows an attacker to cause unsafe RewriteRules to unexpectedly setup\nURL's to be handled by mod_proxy. (CVE-2024-39573)\nA regression in the core of Apache HTTP Server 2.4.60 ignores some use\nof the legacy content-type based configuration of handlers.\n\"AddType\" and similar configuration, under some circumstances where\nfiles are requested indirectly, result in source code disclosure of local\ncontent. For example, PHP scripts may be served instead of interpreted.\n(CVE-2024-39884)\n","modified":"2026-02-04T02:21:19.551657Z","published":"2024-07-09T07:01:06Z","related":["CVE-2024-36387","CVE-2024-38473","CVE-2024-38474","CVE-2024-38475","CVE-2024-38476","CVE-2024-38477","CVE-2024-39573","CVE-2024-39884"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0258.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33353"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/4"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/6"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/7"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/8"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/9"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/10"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/01/11"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2024/07/03/8"}],"affected":[{"package":{"name":"apache","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/apache?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.61-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0258.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}