ELSA-2013-0512

ULN >
Oracle Linux Errata repository >
ELSA-2013-0512

ELSA-2013-0512 - httpd security, bug fix, and enhancement update

Type:	SECURITY
Impact:	LOW
Release Date:	2013-02-22

Description

[2.2.15-26.0.1.el6]
- replace index.html with Oracle's index page oracle_index.html
update vstring in specfile

[2.2.15-26]
- htcacheclean: exit with code 4 also for 'restart' action (#805810)

[2.2.15-25]
- htcacheclean: exit with code 4 if nonprivileged user runs initscript (#805810)
- rotatelogs: omit the second arg when invoking a post-rotate program (#876923)

[2.2.15-24]
- mod_ssl: improved patch for mod_nss fallback (w/mharmsen, #805720)

[2.2.15-23]
- mod_log_config: fix cookie parsing substring mismatch (#867268)

[2.2.15-22]
- mod_cache: fix header merging for 304 case, thanks to Roy Badami (#868283)
- mod_cache: fix handling of 304 responses (#868253)

[2.2.15-21]
- mod_proxy_ajp: ignore flushing if headers have not been sent (#853160)
- mod_proxy_ajp: do not mark worker in error state when one request
timeouts (#864317)
- mod_ssl: do not run post script if all files are already created (#752618)

[2.2.15-20]
- add htcacheclean init script (Jan Kaluza, #805810)

[2.2.15-19]
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
is not configured. (#805720)

[2.2.15-18]
- add security fix for CVE-2012-2687 (#850794)

[2.2.15-17]
- mod_proxy: allow change BalancerMember state in web interface (#748400)
- mod_proxy: Tone down 'worker [URL] used by another worker' warning (#787247)
- mod_proxy: add support for 'failonstatus' option (#824571)
- mod_proxy: avoid DNS lookup on hostname from request URI if
ProxyRemote* is configured (#837086)
- rotatelogs: create files even if they are empty (#757739)
- rotatelogs: option to rotate files into a custom location (#757735)
- rotatelogs: add support for -L option (#838493)
- fix handling of long chunk-line (#842376)
- add server aliases to 'httpd -S' output (#833092)
- omit %posttrans daemon restart if
/etc/sysconfig/httpd-disable-posttrans exists (#833064)
- mod_ldap: treat LDAP_UNAVAILABLE as a transient error (#829689)
- ab: fix double free when SSL request fails in verbose mode (#837613)
- mod_cache: do not cache partial results (#822587)
- mod_ldap: add LDAPReferrals directive alias (#796958)
- mod_ssl: add _userID DN variable suffix for NID_userId (#842375)
- mod_ssl: fix test for missing decrypted private keys, and ensure that
the keypair matches (#848954)
- mod_authnz_ldap: set AUTHORIZE_* variables in LDAP authorization (#828896)
- relax checks for status-line validity (#853348)

[2.2.15-16]
- add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031,
CVE-2011-3607 (#787599)
- obviates fix for CVE-2011-3638, patch removed

Related CVEs

CVE-2012-2687

CVE-2008-0455

CVE-2012-4557

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (i386)	httpd-2.2.15-26.0.1.el6.src.rpm	6044c11c4afa1df03f9cb8744a2ae53ec523ed443cb9709a7a0000ed5de30655	ELSA-2022-9714	ol6_i386_latest_archive
	httpd-2.2.15-26.0.1.el6.src.rpm	6044c11c4afa1df03f9cb8744a2ae53ec523ed443cb9709a7a0000ed5de30655	ELSA-2022-9714	ol6_u4_i386_base
	httpd-2.2.15-26.0.1.el6.i686.rpm	e939595deb94d9df9a9e492bb34cc3bcfec18a1ef5749d9c5a332b11d1c9b94a	ELSA-2022-9714	ol6_i386_latest_archive
	httpd-2.2.15-26.0.1.el6.i686.rpm	e939595deb94d9df9a9e492bb34cc3bcfec18a1ef5749d9c5a332b11d1c9b94a	ELSA-2022-9714	ol6_u4_i386_base
	httpd-devel-2.2.15-26.0.1.el6.i686.rpm	c2cfa7ea99af2ff9952b4a3f7950be507796c451bd27a261aed1cd0b7119300a	ELSA-2022-9714	ol6_i386_latest_archive
	httpd-devel-2.2.15-26.0.1.el6.i686.rpm	c2cfa7ea99af2ff9952b4a3f7950be507796c451bd27a261aed1cd0b7119300a	ELSA-2022-9714	ol6_u4_i386_base
	httpd-manual-2.2.15-26.0.1.el6.noarch.rpm	667d94828ebc42e40e9e4ae01e3d2156775214219f2ed400f7be5b40cb3c9d44	ELSA-2022-9714	ol6_i386_latest_archive
	httpd-manual-2.2.15-26.0.1.el6.noarch.rpm	667d94828ebc42e40e9e4ae01e3d2156775214219f2ed400f7be5b40cb3c9d44	ELSA-2022-9714	ol6_u4_i386_base
	httpd-tools-2.2.15-26.0.1.el6.i686.rpm	b663e230d5f800eb4fcd119343d5b15514ab7e07d553a69f1d77011d0f8d5bdb	ELSA-2022-9714	ol6_i386_latest_archive
	httpd-tools-2.2.15-26.0.1.el6.i686.rpm	b663e230d5f800eb4fcd119343d5b15514ab7e07d553a69f1d77011d0f8d5bdb	ELSA-2022-9714	ol6_u4_i386_base
	mod_ssl-2.2.15-26.0.1.el6.i686.rpm	b90867c1b3216a0dbd292d18eb4f943528b1b023beabdc4716cf17881d8f51fe	ELSA-2022-9714	ol6_i386_latest_archive
	mod_ssl-2.2.15-26.0.1.el6.i686.rpm	b90867c1b3216a0dbd292d18eb4f943528b1b023beabdc4716cf17881d8f51fe	ELSA-2022-9714	ol6_u4_i386_base

Oracle Linux 6 (x86_64)	httpd-2.2.15-26.0.1.el6.src.rpm	6044c11c4afa1df03f9cb8744a2ae53ec523ed443cb9709a7a0000ed5de30655	ELSA-2022-9714	ol6_u4_x86_64_base
	httpd-2.2.15-26.0.1.el6.src.rpm	6044c11c4afa1df03f9cb8744a2ae53ec523ed443cb9709a7a0000ed5de30655	ELSA-2022-9714	ol6_x86_64_latest_archive
	httpd-2.2.15-26.0.1.el6.x86_64.rpm	dffbe46081817784a2bb077b93805081637da6538365b1bfca768fb4ab96dd9d	ELSA-2022-9714	ol6_u4_x86_64_base
	httpd-2.2.15-26.0.1.el6.x86_64.rpm	dffbe46081817784a2bb077b93805081637da6538365b1bfca768fb4ab96dd9d	ELSA-2022-9714	ol6_x86_64_latest_archive
	httpd-devel-2.2.15-26.0.1.el6.i686.rpm	c2cfa7ea99af2ff9952b4a3f7950be507796c451bd27a261aed1cd0b7119300a	ELSA-2022-9714	ol6_u4_x86_64_base
	httpd-devel-2.2.15-26.0.1.el6.i686.rpm	c2cfa7ea99af2ff9952b4a3f7950be507796c451bd27a261aed1cd0b7119300a	ELSA-2022-9714	ol6_x86_64_latest_archive
	httpd-devel-2.2.15-26.0.1.el6.x86_64.rpm	1af5b1358cf0e809d8f953f439a6e464c654b1cb8dc111cb24db48676a40fe26	ELSA-2022-9714	ol6_u4_x86_64_base
	httpd-devel-2.2.15-26.0.1.el6.x86_64.rpm	1af5b1358cf0e809d8f953f439a6e464c654b1cb8dc111cb24db48676a40fe26	ELSA-2022-9714	ol6_x86_64_latest_archive
	httpd-manual-2.2.15-26.0.1.el6.noarch.rpm	667d94828ebc42e40e9e4ae01e3d2156775214219f2ed400f7be5b40cb3c9d44	ELSA-2022-9714	ol6_u4_x86_64_base
	httpd-manual-2.2.15-26.0.1.el6.noarch.rpm	667d94828ebc42e40e9e4ae01e3d2156775214219f2ed400f7be5b40cb3c9d44	ELSA-2022-9714	ol6_x86_64_latest_archive
	httpd-tools-2.2.15-26.0.1.el6.x86_64.rpm	1b94d8c644b7a6094dbea9059eb57476a3727504b3e7ad37d9bac3bed75679ba	ELSA-2022-9714	ol6_u4_x86_64_base
	httpd-tools-2.2.15-26.0.1.el6.x86_64.rpm	1b94d8c644b7a6094dbea9059eb57476a3727504b3e7ad37d9bac3bed75679ba	ELSA-2022-9714	ol6_x86_64_latest_archive
	mod_ssl-2.2.15-26.0.1.el6.x86_64.rpm	83fdf58078c1ab0e34f81579a52120bccc3297bb9802fe435d374716fa28bf71	ELSA-2022-9714	ol6_u4_x86_64_base
	mod_ssl-2.2.15-26.0.1.el6.x86_64.rpm	83fdf58078c1ab0e34f81579a52120bccc3297bb9802fe435d374716fa28bf71	ELSA-2022-9714	ol6_x86_64_latest_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691