{"id":"MGASA-2025-0301","summary":"Updated apache packages fix security vulnerabilities","details":"HTTP response splitting. (CVE-2024-42516)\nSSRF with mod_headers setting Content-Type header. (CVE-2024-43204)\nmod_ssl error log variable escaping. (CVE-2024-47252)\nmod_proxy_http2 denial of service. (CVE-2025-49630)\nmod_ssl access control bypass with session resumption. (CVE-2025-23048)\nmod_ssl TLS upgrade attack. (CVE-2025-49812)\nHTTP/2 DoS by Memory Increase. (CVE-2025-53020)\n'RewriteCond expr' always evaluates to true in 2.4.64. (CVE-2025-54090)\nYou will find the update delay sometimes causes a failure; just restart\nthe service after the update.\n","modified":"2026-04-16T04:42:47.067838817Z","published":"2025-11-18T02:47:26Z","upstream":["CVE-2024-42516","CVE-2024-43204","CVE-2024-47252","CVE-2025-23048","CVE-2025-49630","CVE-2025-49812","CVE-2025-53020","CVE-2025-54090"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2025-0301.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=34464"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/2"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/3"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/4"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/6"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/7"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/8"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/9"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/10/10"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2025/07/24/2"}],"affected":[{"package":{"name":"apache","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/apache?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.65-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0301.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}