ELBA-2024-8839
- ULN >
- Oracle Linux Errata repository >
- ELBA-2024-8839
ELBA-2024-8839 - httpd:2.4 bug fix and enhancement update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2024-11-05 |
Description
httpd
[2.4.37-65.2.0.1]
- Replace index.html with Oracle's index page oracle_index.html
[2.4.37-65.2]
- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
applications whose response headers are malicious or exploitable (CVE-2024-38476)
- Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix
[2.4.37-65.1]
- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue
in mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
in mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference
in mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF
in mod_rewrite (CVE-2024-39573)
mod_http2
[1.15.7-10.1]
- Resolves: RHEL-46214 - Access logs and ErrorDocument don't work when HTTP431
occurs using http/2 on RHEL8
mod_md
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.src.rpm | dca8b779247ae0f63ca9df611897eb804bf7498fb55198837f09eb1ed018d6d2 | - | ol8_aarch64_appstream |
| mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.src.rpm | 3f1bf352ed68cebb52aa98c06cf45e489defb12f58761056b7c86cc687e835e7 | - | ol8_aarch64_appstream | |
| mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm | b87cd8c00082bf38a8aefb4fbac1eab758639da7e4dfe2387c661fb396a928c0 | - | ol8_aarch64_appstream | |
| httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | b0640e0d901fb3ee4c4dd3cdc0c42f12673b092a1b2b7cc9731e345cae6b8dbf | - | ol8_aarch64_appstream | |
| httpd-devel-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | ed54bd1e0fda0bc14e354f9d9024be66b4c8d9ce3fcc40eb06313dc28fe360df | - | ol8_aarch64_appstream | |
| httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm | 4d1324d6a9a4344243fd41ca80ee196f14e3fa986464a122145cf3c64b7d1477 | - | ol8_aarch64_appstream | |
| httpd-manual-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm | 672fbbc55260cfa24dc018991bfd94fee15595c3dced77b95a23bb0094cdc6af | - | ol8_aarch64_appstream | |
| httpd-tools-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | 5689440bfbd8efe8d928efb65e77697d4769043f71c73d8c8da15ebdf3565f46 | - | ol8_aarch64_appstream | |
| mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.aarch64.rpm | 319929237b830e5192d011ef78d6fc59f241a8a7b6589d665eb10e359e604710 | - | ol8_aarch64_appstream | |
| mod_ldap-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | 8aaf140308f6dce7f2d81536d9a7beed6182dc78fc1218ad5c1b9f9b60c521db | - | ol8_aarch64_appstream | |
| mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.aarch64.rpm | 09a6be461741ad2673d307ce619821ea92b3acadfc247ab13d17267c1c6011a6 | - | ol8_aarch64_appstream | |
| mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | 97613f0139b804df40467a4874fabf5e5ab97e7f949c159da4e1ca1ef6194453 | - | ol8_aarch64_appstream | |
| mod_session-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | b03953007a60cf6bb2813b96a90ccae3aa818be29ed060e7c0442fc2ba25e7cf | - | ol8_aarch64_appstream | |
| mod_ssl-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm | b6247cb2c0e3fe7c5e708e0bd35b0307410c7bb310e012f77ce9b741c17ade1e | - | ol8_aarch64_appstream | |
| Oracle Linux 8 (x86_64) | httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.src.rpm | dca8b779247ae0f63ca9df611897eb804bf7498fb55198837f09eb1ed018d6d2 | - | ol8_x86_64_appstream |
| mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.src.rpm | 3f1bf352ed68cebb52aa98c06cf45e489defb12f58761056b7c86cc687e835e7 | - | ol8_x86_64_appstream | |
| mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm | b87cd8c00082bf38a8aefb4fbac1eab758639da7e4dfe2387c661fb396a928c0 | - | ol8_x86_64_appstream | |
| httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | abae3906804387f2212275f3921f91fe600ea061aed9f20962a66e0fa0039ac1 | - | ol8_x86_64_appstream | |
| httpd-devel-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | 488a2357c5ce82b665b446e70e04c56b81276a05d03032a98c39fc2b199455e8 | - | ol8_x86_64_appstream | |
| httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm | 4d1324d6a9a4344243fd41ca80ee196f14e3fa986464a122145cf3c64b7d1477 | - | ol8_x86_64_appstream | |
| httpd-manual-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm | 672fbbc55260cfa24dc018991bfd94fee15595c3dced77b95a23bb0094cdc6af | - | ol8_x86_64_appstream | |
| httpd-tools-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | 47336fe5b2173717d44c7ca10defa177b27acf74b8577a295f9dab862594f2cf | - | ol8_x86_64_appstream | |
| mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.x86_64.rpm | b8d0b1ca2ece5c13f6617033ccdaa0eeddcc7f45186f3f438a3a41c0d5c43818 | - | ol8_x86_64_appstream | |
| mod_ldap-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | d2f03508f2b58bc13abdbbe043dd4fd7cf8dd4af62a7296b2858bb07c3e698c3 | - | ol8_x86_64_appstream | |
| mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.x86_64.rpm | 48e6e9c15ca6394c944f472135dd176c00267760d8f627ddb37e95407ebacbbb | - | ol8_x86_64_appstream | |
| mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | 93bcbaff6406173b1e932001145620c872c4e6b63d0ebdff8b6e2b5af669f263 | - | ol8_x86_64_appstream | |
| mod_session-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | 16ae99bd26bd0320d9bf3f5de5e45e8cf74f3427be347c3e9aa08da087d9dcc1 | - | ol8_x86_64_appstream | |
| mod_ssl-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm | cc815395f728b847c339e03a3a7a91624a8121acfd4c1431327107bbdddae9fd | - | ol8_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
