Stay Connected:

ELSA-2015-0325

ELSA-2015-0325 - httpd security, bug fix, and enhancement update

Type:SECURITY
Impact:LOW
Release Date:2015-03-11

Description


[2.4.6-31.0.1]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-31]
- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled
instead of hardcoding it (#1168050)
- mod_proxy: support Unix Domain Sockets (#1168081)

[2.4.6-30]
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)

[2.4.6-29]
- rebuild against proper version of OpenSSL (#1080125)

[2.4.6-28]
- set vstring based on /etc/os-release (#1114123)

[2.4.6-27]
- fix the dependency on openssl-libs to match the fix for #1080125

[2.4.6-26]
- allow 'es to be seen under virtual hosts (#1131847)

[2.4.6-25]
- do not use hardcoded curve for ECDHE suites (#1080125)

[2.4.6-24]
- allow reverse-proxy to be set via SetHandler (#1136290)

[2.4.6-23]
- fix possible crash in SIGINT handling (#1131006)

[2.4.6-22]
- ab: fix integer overflow when printing stats with lot of requests (#1092420)

[2.4.6-21]
- add pre_htaccess so mpm-itk can be build as separate module (#1059143)

[2.4.6-20]
- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)


Related CVEs


CVE-2013-5704
CVE-2014-3581

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) httpd-2.4.6-31.0.1.el7.src.rpm2c3a0d15050ebc261178780532b6faf6be0ab6c0f6cf9f7dbc7d5957ebeca351ELSA-2024-7101ol7_x86_64_latest_archive
httpd-2.4.6-31.0.1.el7.src.rpm2c3a0d15050ebc261178780532b6faf6be0ab6c0f6cf9f7dbc7d5957ebeca351ELSA-2024-7101ol7_x86_64_optional_archive
httpd-2.4.6-31.0.1.el7.src.rpm2c3a0d15050ebc261178780532b6faf6be0ab6c0f6cf9f7dbc7d5957ebeca351ELSA-2024-7101ol7_x86_64_u1_base
httpd-2.4.6-31.0.1.el7.x86_64.rpme088544c4709319f6e1ca049709982dd84ede90a5729533cbf0dd4e68c50a8e3ELSA-2024-7101ol7_x86_64_latest_archive
httpd-2.4.6-31.0.1.el7.x86_64.rpme088544c4709319f6e1ca049709982dd84ede90a5729533cbf0dd4e68c50a8e3ELSA-2024-7101ol7_x86_64_u1_base
httpd-devel-2.4.6-31.0.1.el7.x86_64.rpm038fbe0f43ee814d8f722f3acfb3054f0f3b36f688ad33a6a53024020ad433c9ELSA-2024-7101ol7_x86_64_latest_archive
httpd-devel-2.4.6-31.0.1.el7.x86_64.rpm038fbe0f43ee814d8f722f3acfb3054f0f3b36f688ad33a6a53024020ad433c9ELSA-2024-7101ol7_x86_64_u1_base
httpd-manual-2.4.6-31.0.1.el7.noarch.rpm839bbb45fee521c89723ce336b401ed8a0ed5bae60b6b36eaae2a8b7716b9fd0ELSA-2024-7101ol7_x86_64_latest_archive
httpd-manual-2.4.6-31.0.1.el7.noarch.rpm839bbb45fee521c89723ce336b401ed8a0ed5bae60b6b36eaae2a8b7716b9fd0ELSA-2024-7101ol7_x86_64_u1_base
httpd-tools-2.4.6-31.0.1.el7.x86_64.rpm4d7b76848d9ddf8aa032fd46c41a96cf0af9516e08c3300b0bdfc4097edb76d9ELSA-2024-7101ol7_x86_64_latest_archive
httpd-tools-2.4.6-31.0.1.el7.x86_64.rpm4d7b76848d9ddf8aa032fd46c41a96cf0af9516e08c3300b0bdfc4097edb76d9ELSA-2024-7101ol7_x86_64_u1_base
mod_ldap-2.4.6-31.0.1.el7.x86_64.rpm1d258b0be9f5aab2948e5fe2288b5a9dbd9b0eba66945218a9065b0927bbed93ELSA-2024-7101ol7_x86_64_optional_archive
mod_proxy_html-2.4.6-31.0.1.el7.x86_64.rpmbc602df231a326339db093a194dd0321dbeed326d166ba1700a0aefb0ce06376ELSA-2024-7101ol7_x86_64_optional_archive
mod_session-2.4.6-31.0.1.el7.x86_64.rpm667b7f69f8356eec71c973078912aaf1b53851466d4da9ad252463509ecbb1a1ELSA-2024-7101ol7_x86_64_optional_archive
mod_ssl-2.4.6-31.0.1.el7.x86_64.rpmc08cfd7f6d61f4d181045ee966b1499830a1d45bbb10949ab7dfa0743430625eELSA-2024-7101ol7_x86_64_latest_archive
mod_ssl-2.4.6-31.0.1.el7.x86_64.rpmc08cfd7f6d61f4d181045ee966b1499830a1d45bbb10949ab7dfa0743430625eELSA-2024-7101ol7_x86_64_u1_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights