ELSA-2015-1666
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-1666
ELSA-2015-1666 - httpd24-httpd security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2016-02-04 |
Description
[2.4.12-6.0.1.el7.1]
- replace index.html with Oracles index page oracle_index.html
- update vstring in specfile
[2.4.12-6.1]
- core: fix chunk header parsing defect (CVE-2015-3183)
- core: replace of ap_some_auth_required with ap_some_authn_required
and ap_force_authn hook (CVE-2015-3185)
- core: fix pointer dereference crash with ErrorDocument 400 pointing
to a local URL-path (CVE-2015-0253)
- mod_lua: fix possible mod_lua crash due to websocket bug (CVE-2015-0228)
[2.4.12-6]
- remove old sslsninotreq patch (#1199040)
[2.4.12-5]
- fix wrong path to document root in httpd.conf (#1196559)
[2.4.12-4]
- fix SELinux context of httpd-scl-wrapper (#1193456)
[2.4.12-3]
- include apr_skiplist and build against system APR/APR-util (#1187646)
[2.4.12-2]
- rebuild against new APR/APR-util (#1187646)
[2.4.12-1]
- update to version 2.4.12
- fix possible crash in SIGINT handling (#1184034)
[2.4.10-2]
- allow enabling additional SCLs using service-environment file
- enable mod_request by default for mod_auth_form
- move disabled-by-default modules from 00-base.conf to 00-optional.conf
[2.4.10-1]
- update to 2.4.10
- remove mod_proxy_html obsolete (#1174790)
- remove dbmmanage from httpd-tools (#1151375)
- add slash before root_libexecdir macro (#1149076)
- ab: fix integer overflow when printing stats with lot of requests (#1091650)
- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1079925)
Related CVEs
| CVE-2015-0228 |
| CVE-2015-3185 |
| CVE-2015-0253 |
| CVE-2015-3183 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | httpd24-httpd-2.4.12-6.0.1.el7.1.src.rpm | 09fc5a730d705c5cd02a8ae791d70cb8cd00db84cdb6047625ce62b3ba2a5ff1 | - | ol7_x86_64_SoftwareCollections |
| httpd24-httpd-2.4.12-6.0.1.el7.1.x86_64.rpm | 07d489bc985d6e36dc02931f5bb2761527e9f7c4d675cf6f48c43248cea3a48b | - | ol7_x86_64_SoftwareCollections | |
| httpd24-httpd-devel-2.4.12-6.0.1.el7.1.x86_64.rpm | d02541353959e8ce947bb5d41717190182040e794bdff7993ec6e7ed9e9bb23c | - | ol7_x86_64_SoftwareCollections | |
| httpd24-httpd-manual-2.4.12-6.0.1.el7.1.noarch.rpm | a5f99395591c2dbda040426f138f1963515b927eabc737c958c53fc5ef459bb7 | - | ol7_x86_64_SoftwareCollections | |
| httpd24-httpd-tools-2.4.12-6.0.1.el7.1.x86_64.rpm | 72eb69108835620977b08c39382a865404886bd19c8a2bd645fea872bf161222 | - | ol7_x86_64_SoftwareCollections | |
| httpd24-mod_ldap-2.4.12-6.0.1.el7.1.x86_64.rpm | 8bea66083480d07653c1e8d00a1eba95ac1b2dd2da7cc1647f51a9fc4cdb171c | - | ol7_x86_64_SoftwareCollections | |
| httpd24-mod_proxy_html-2.4.12-6.0.1.el7.1.x86_64.rpm | 361b781663bd6d1ee4deec1563f80436270b999bbed69ed72e7ce96e1692e744 | - | ol7_x86_64_SoftwareCollections | |
| httpd24-mod_session-2.4.12-6.0.1.el7.1.x86_64.rpm | 17f4ed40e2ae14ef5c97d6ac429f693928cfe643fb79ddd22f3c162e9546586e | - | ol7_x86_64_SoftwareCollections | |
| httpd24-mod_ssl-2.4.12-6.0.1.el7.1.x86_64.rpm | c70ed8c5f82285e1293a784d06628a196de0531db311c1a25483e1bda62dbdd7 | - | ol7_x86_64_SoftwareCollections | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
