Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server.
Security Fix(es):
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages.
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.(CVE-2026-43951)
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.
This issue affects Apache HTTP Server: from through 2.4.67.
Users are recommended to upgrade to version 2.4.68, which fixes the issue.(CVE-2026-44119)
{
"severity": "Medium"
}{
"aarch64": [
"httpd-2.4.43-39.oe2003sp4.aarch64.rpm",
"httpd-debuginfo-2.4.43-39.oe2003sp4.aarch64.rpm",
"httpd-debugsource-2.4.43-39.oe2003sp4.aarch64.rpm",
"httpd-devel-2.4.43-39.oe2003sp4.aarch64.rpm",
"httpd-tools-2.4.43-39.oe2003sp4.aarch64.rpm",
"mod_ldap-2.4.43-39.oe2003sp4.aarch64.rpm",
"mod_md-2.4.43-39.oe2003sp4.aarch64.rpm",
"mod_proxy_html-2.4.43-39.oe2003sp4.aarch64.rpm",
"mod_session-2.4.43-39.oe2003sp4.aarch64.rpm",
"mod_ssl-2.4.43-39.oe2003sp4.aarch64.rpm"
],
"noarch": [
"httpd-filesystem-2.4.43-39.oe2003sp4.noarch.rpm",
"httpd-help-2.4.43-39.oe2003sp4.noarch.rpm"
],
"x86_64": [
"httpd-2.4.43-39.oe2003sp4.x86_64.rpm",
"httpd-debuginfo-2.4.43-39.oe2003sp4.x86_64.rpm",
"httpd-debugsource-2.4.43-39.oe2003sp4.x86_64.rpm",
"httpd-devel-2.4.43-39.oe2003sp4.x86_64.rpm",
"httpd-tools-2.4.43-39.oe2003sp4.x86_64.rpm",
"mod_ldap-2.4.43-39.oe2003sp4.x86_64.rpm",
"mod_md-2.4.43-39.oe2003sp4.x86_64.rpm",
"mod_proxy_html-2.4.43-39.oe2003sp4.x86_64.rpm",
"mod_session-2.4.43-39.oe2003sp4.x86_64.rpm",
"mod_ssl-2.4.43-39.oe2003sp4.x86_64.rpm"
],
"src": [
"httpd-2.4.43-39.oe2003sp4.src.rpm"
]
}