ELSA-2022-0143

ULN >
Oracle Linux Errata repository >
ELSA-2022-0143

ELSA-2022-0143 - httpd security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2022-01-18

Description

[2.4.6-97.0.5.4]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-97.4]
- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via
malformed requests
- Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in
ap_escape_quotes() via malicious input
- Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session

[2.4.6-97.3]
- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow
when parsing multipart content

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	httpd-2.4.6-97.0.5.el7_9.4.src.rpm	b70e47f6694af53b155a24d33972d1ff29b05090de75d8e2a9c419318503be1e	ELSA-2024-7101	ol7_aarch64_latest
	httpd-2.4.6-97.0.5.el7_9.4.src.rpm	b70e47f6694af53b155a24d33972d1ff29b05090de75d8e2a9c419318503be1e	ELSA-2024-7101	ol7_aarch64_optional_latest
	httpd-2.4.6-97.0.5.el7_9.4.src.rpm	b70e47f6694af53b155a24d33972d1ff29b05090de75d8e2a9c419318503be1e	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-2.4.6-97.0.5.el7_9.4.aarch64.rpm	7f7e89e6eefa227c6509939f8130f59b4f7b77555dcdf246dcd26e10402da45f	ELSA-2024-7101	ol7_aarch64_latest
	httpd-2.4.6-97.0.5.el7_9.4.aarch64.rpm	7f7e89e6eefa227c6509939f8130f59b4f7b77555dcdf246dcd26e10402da45f	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-devel-2.4.6-97.0.5.el7_9.4.aarch64.rpm	75a74bf6014b3b9fdd02c095ec5dbc9418f9f691b9d924b11e6140e00d34b37c	ELSA-2024-7101	ol7_aarch64_latest
	httpd-devel-2.4.6-97.0.5.el7_9.4.aarch64.rpm	75a74bf6014b3b9fdd02c095ec5dbc9418f9f691b9d924b11e6140e00d34b37c	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-manual-2.4.6-97.0.5.el7_9.4.noarch.rpm	85b369a490809420a2eb399596292c9f459758fe2cdd08fc32119d35ce576df5	ELSA-2024-7101	ol7_aarch64_latest
	httpd-manual-2.4.6-97.0.5.el7_9.4.noarch.rpm	85b369a490809420a2eb399596292c9f459758fe2cdd08fc32119d35ce576df5	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-tools-2.4.6-97.0.5.el7_9.4.aarch64.rpm	989e3703448f22d4bcc3701afbd06fd15e01293f57983a27b0428bb04f871630	ELSA-2024-7101	ol7_aarch64_latest
	httpd-tools-2.4.6-97.0.5.el7_9.4.aarch64.rpm	989e3703448f22d4bcc3701afbd06fd15e01293f57983a27b0428bb04f871630	ELSA-2024-7101	ol7_aarch64_u9_patch
	mod_ldap-2.4.6-97.0.5.el7_9.4.aarch64.rpm	2539a8c6ad42e76278772c150ff86b9010d18ac58984d7e8cc6db720e93f4db3	ELSA-2024-7101	ol7_aarch64_optional_latest
	mod_proxy_html-2.4.6-97.0.5.el7_9.4.aarch64.rpm	3b9f074dc2494f03c564c25f5d6f49fecab2d1183ee0a054e6d56a71e5f93d8f	ELSA-2024-7101	ol7_aarch64_optional_latest
	mod_session-2.4.6-97.0.5.el7_9.4.aarch64.rpm	3ae10870b558cfdb19d06be269c6fd8c1a7b87098c30849a9aa2d95b76e31ae8	ELSA-2024-7101	ol7_aarch64_latest
	mod_session-2.4.6-97.0.5.el7_9.4.aarch64.rpm	3ae10870b558cfdb19d06be269c6fd8c1a7b87098c30849a9aa2d95b76e31ae8	ELSA-2024-7101	ol7_aarch64_u9_patch
	mod_ssl-2.4.6-97.0.5.el7_9.4.aarch64.rpm	d46541a3b271177b7ca99f88552fe39f1b01a3cd41f847af44d7ac77fc89e305	ELSA-2024-7101	ol7_aarch64_latest
	mod_ssl-2.4.6-97.0.5.el7_9.4.aarch64.rpm	d46541a3b271177b7ca99f88552fe39f1b01a3cd41f847af44d7ac77fc89e305	ELSA-2024-7101	ol7_aarch64_u9_patch

Oracle Linux 7 (x86_64)	httpd-2.4.6-97.0.5.el7_9.4.src.rpm	b70e47f6694af53b155a24d33972d1ff29b05090de75d8e2a9c419318503be1e	ELSA-2024-7101	ol7_x86_64_latest
	httpd-2.4.6-97.0.5.el7_9.4.src.rpm	b70e47f6694af53b155a24d33972d1ff29b05090de75d8e2a9c419318503be1e	ELSA-2024-7101	ol7_x86_64_optional_latest
	httpd-2.4.6-97.0.5.el7_9.4.src.rpm	b70e47f6694af53b155a24d33972d1ff29b05090de75d8e2a9c419318503be1e	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-2.4.6-97.0.5.el7_9.4.x86_64.rpm	650c4bcce00bc99461a85d517158465adffb0050f6e1de8e7b3e9b510ae6c0d2	ELSA-2024-7101	ol7_x86_64_latest
	httpd-2.4.6-97.0.5.el7_9.4.x86_64.rpm	650c4bcce00bc99461a85d517158465adffb0050f6e1de8e7b3e9b510ae6c0d2	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-devel-2.4.6-97.0.5.el7_9.4.x86_64.rpm	f2990cf19c59a1ff8d0578b4f3b48e81e412d8002f1f5e96d777ad683f877cc1	ELSA-2024-7101	ol7_x86_64_latest
	httpd-devel-2.4.6-97.0.5.el7_9.4.x86_64.rpm	f2990cf19c59a1ff8d0578b4f3b48e81e412d8002f1f5e96d777ad683f877cc1	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-manual-2.4.6-97.0.5.el7_9.4.noarch.rpm	85b369a490809420a2eb399596292c9f459758fe2cdd08fc32119d35ce576df5	ELSA-2024-7101	ol7_x86_64_latest
	httpd-manual-2.4.6-97.0.5.el7_9.4.noarch.rpm	85b369a490809420a2eb399596292c9f459758fe2cdd08fc32119d35ce576df5	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-tools-2.4.6-97.0.5.el7_9.4.x86_64.rpm	d64b5d16756e89829de8f6d7a02e611cd39f6657c6aab68150313a0fab62a4cd	ELSA-2024-7101	ol7_x86_64_latest
	httpd-tools-2.4.6-97.0.5.el7_9.4.x86_64.rpm	d64b5d16756e89829de8f6d7a02e611cd39f6657c6aab68150313a0fab62a4cd	ELSA-2024-7101	ol7_x86_64_u9_patch
	mod_ldap-2.4.6-97.0.5.el7_9.4.x86_64.rpm	51d5b975bf727d60a1f41f9799cb476983783a27b42ebc9bea5ec31832d9b320	ELSA-2024-7101	ol7_x86_64_optional_latest
	mod_proxy_html-2.4.6-97.0.5.el7_9.4.x86_64.rpm	76a4cace7edffeeb75626a6120326be1494cedf2f36cc9df3aa090eb67ebd7d8	ELSA-2024-7101	ol7_x86_64_optional_latest
	mod_session-2.4.6-97.0.5.el7_9.4.x86_64.rpm	ff1958fdc69e85c675a0e44cd2f6f46314d7c580b2995c51e0eea69a1798d489	ELSA-2024-7101	ol7_x86_64_latest
	mod_session-2.4.6-97.0.5.el7_9.4.x86_64.rpm	ff1958fdc69e85c675a0e44cd2f6f46314d7c580b2995c51e0eea69a1798d489	ELSA-2024-7101	ol7_x86_64_u9_patch
	mod_ssl-2.4.6-97.0.5.el7_9.4.x86_64.rpm	788aadf7ff8638e3da790691d9db1b0dc337ef9d218ef0258c285727858f7564	ELSA-2024-7101	ol7_x86_64_latest
	mod_ssl-2.4.6-97.0.5.el7_9.4.x86_64.rpm	788aadf7ff8638e3da790691d9db1b0dc337ef9d218ef0258c285727858f7564	ELSA-2024-7101	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691