Description of problem: A bug has been found in mod_ssl where it uses memcpy in place of memmove, which can cause random memory corruption. Whilst this has not been seen in RHEL-5 as yet, future changes to the glibc memcpy implementation may trigger this and break mod_ssl; it would be prudent to fix this in the RHEL-5 httpd. Some change to the Fedora/upstream glibc memcpy implementation (or possibly the gcc inline memcpy) has been triggering new reports of this recently. This is a relatively low-risk change; fix tested succesfully in Fedora. Version-Release number of selected component (if applicable): httpd-2.2.3-43.el5_5.3 How reproducible: currently not known to be, in RHEL5
For reference, Fedora bug 634905.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1067.html