ELSA-2015-1249

ELSA-2015-1249 - httpd security, bug fix, and enhancement update

Type:SECURITY
Severity:LOW
Release Date:2015-07-28

Description


[2.2.15-45.0.1]
- replace index.html with Oracle's index page oracle_index.html
- update vstring in specfile

[2.2.15-45]
- mod_proxy_balancer: add support for 'drain mode' (N) (#767130)

[2.2.15-44]
- set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES (#1086771)

[2.2.15-43]
- revert DirectoryMatch patch from 2.2.15-40 (#1016963)

[2.2.15-42]
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)

[2.2.15-41]
- fix compilation with older OpenSSL caused by misspelling in patch (#1162268)

[2.2.15-40]
- mod_proxy: do not mix workers shared memory during graceful restart (#1149906)
- mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache
are used and SSL session is resumed (#1149703)
- mod_ssl: log revoked certificates at the INFO level (#1161328)
- mod_ssl: use -extensions v3_req for certificate generation (#906476)
- core: check the config file before restarting the server (#1146194)
- core: do not match files when using DirectoryMatch (#1016963)
- core: improve error message for inaccessible DocumentRoot (#987590)
- rotatelogs: improve support for localtime (#922844)
- mod_deflate: fix decompression of files larger than 4GB (#1057695)
- ab: fix integer overflow when printing stats with lot of requests (#1092419)
- ab: try all addresses instead of failing on first one when not available (#1125269)
- ab: fix read failure when targeting SSL server (#1045477)
- apachectl: support HTTPD_LANG variable from /etc/sysconfig/httpd (#963146)
- do not display 'bomb' icon for files ending with 'core' (#1069625)


Related CVEs


CVE-2013-5704

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) httpd-2.2.15-45.0.1.el6.src.rpm2904150784e566d0c5a378949f142093ELBA-2018-1891
httpd-2.2.15-45.0.1.el6.i686.rpm3669e0f30f84ef147c7311d2b256718dELBA-2018-1891
httpd-devel-2.2.15-45.0.1.el6.i686.rpm9cc71e96ef34e10e75d57808cb094011ELBA-2018-1891
httpd-manual-2.2.15-45.0.1.el6.noarch.rpma1ada837eb9c569509764eec5209e716ELBA-2018-1891
httpd-tools-2.2.15-45.0.1.el6.i686.rpm6fda9f897c793ce32b6d7cad2ed4121aELBA-2018-1891
mod_ssl-2.2.15-45.0.1.el6.i686.rpm0499828a5258fd179f86418158fc98d0ELBA-2018-1891
Oracle Linux 6 (x86_64) httpd-2.2.15-45.0.1.el6.src.rpm2904150784e566d0c5a378949f142093ELBA-2018-1891
httpd-2.2.15-45.0.1.el6.x86_64.rpm6c0e887c2aab355f8a82fdd8f605ed58ELBA-2018-1891
httpd-devel-2.2.15-45.0.1.el6.i686.rpm9cc71e96ef34e10e75d57808cb094011ELBA-2018-1891
httpd-devel-2.2.15-45.0.1.el6.x86_64.rpm60c1fd30741d3c77ea156ade10f0dfb2ELBA-2018-1891
httpd-manual-2.2.15-45.0.1.el6.noarch.rpma1ada837eb9c569509764eec5209e716ELBA-2018-1891
httpd-tools-2.2.15-45.0.1.el6.x86_64.rpmc2c0a81fc35d21b517476c70f569ae4eELBA-2018-1891
mod_ssl-2.2.15-45.0.1.el6.x86_64.rpm0494c56f520ddb6017a2c066159eab8eELBA-2018-1891



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete