Fedora alert FEDORA-2025-494d9f64cb (mod_http2)

From:
             
 
updates--- via package-announce <package-announce@lists.fedoraproject.org>
To:
             
 
package-announce@lists.fedoraproject.org
Subject:
             
 
[SECURITY] Fedora 41 Update: mod_http2-2.0.35-1.fc41
Date:
             
 
Wed, 22 Oct 2025 01:31:59 +0000
Message-ID:
             
 
<20251022013159.BEC7E7EC8A@bastion01.rdu3.fedoraproject.org>
Archive-link:
             
 
Article
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-494d9f64cb
2025-10-22 01:31:30.739304+00:00
--------------------------------------------------------------------------------

Name        : mod_http2
Product     : Fedora 41
Version     : 2.0.35
Release     : 1.fc41
URL         : https://icing.github.io/mod_h2/
Summary     : module implementing HTTP/2 for Apache 2
Description :
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on
top of libnghttp2 for httpd 2.4 servers.

--------------------------------------------------------------------------------
Update Information:

version update
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct  6 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.0.35-1
- new version 2.0.35
* Thu Jul 24 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
* Tue Jun  3 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.0.32-1
- new version 2.0.32
* Fri Jan 17 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.29-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2384234 - CVE-2025-49630 mod_http2: untrusted input from a client causes an assertion
to fail in the Apache mod_proxy_http2 module [fedora-41]
        https://bugzilla.redhat.com/show_bug.cgi?id=2384234
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-494d9f64cb' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



Attachment: None (type=text/plain)
-- 
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond...
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/package-ann...
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue