ELSA-2015-1666
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-1666
ELSA-2015-1666 - httpd24-httpd security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2016-02-04 |
Description
[2.4.12-6.0.1.el7.1]
- replace index.html with Oracles index page oracle_index.html
- update vstring in specfile
[2.4.12-6.1]
- core: fix chunk header parsing defect (CVE-2015-3183)
- core: replace of ap_some_auth_required with ap_some_authn_required
and ap_force_authn hook (CVE-2015-3185)
- core: fix pointer dereference crash with ErrorDocument 400 pointing
to a local URL-path (CVE-2015-0253)
- mod_lua: fix possible mod_lua crash due to websocket bug (CVE-2015-0228)
[2.4.12-6]
- remove old sslsninotreq patch (#1199040)
[2.4.12-5]
- fix wrong path to document root in httpd.conf (#1196559)
[2.4.12-4]
- fix SELinux context of httpd-scl-wrapper (#1193456)
[2.4.12-3]
- include apr_skiplist and build against system APR/APR-util (#1187646)
[2.4.12-2]
- rebuild against new APR/APR-util (#1187646)
[2.4.12-1]
- update to version 2.4.12
- fix possible crash in SIGINT handling (#1184034)
[2.4.10-2]
- allow enabling additional SCLs using service-environment file
- enable mod_request by default for mod_auth_form
- move disabled-by-default modules from 00-base.conf to 00-optional.conf
[2.4.10-1]
- update to 2.4.10
- remove mod_proxy_html obsolete (#1174790)
- remove dbmmanage from httpd-tools (#1151375)
- add slash before root_libexecdir macro (#1149076)
- ab: fix integer overflow when printing stats with lot of requests (#1091650)
- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1079925)
Related CVEs
| CVE-2015-3183 |
| CVE-2015-3185 |
| CVE-2015-0228 |
| CVE-2015-0253 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | httpd24-httpd-2.4.12-6.0.1.el7.1.src.rpm | d24104890e86971a2377b2127bd3b0fb | - |
| httpd24-httpd-2.4.12-6.0.1.el7.1.x86_64.rpm | 2497fe2f281a17136bd2d9c3c24d71d4 | - | |
| httpd24-httpd-devel-2.4.12-6.0.1.el7.1.x86_64.rpm | 33800b83833620f0e6a78085d82f9bef | - | |
| httpd24-httpd-manual-2.4.12-6.0.1.el7.1.noarch.rpm | 333a48087d1af86b2ae0ae446a9308d9 | - | |
| httpd24-httpd-tools-2.4.12-6.0.1.el7.1.x86_64.rpm | 9777af49110c4e5a6b75b02668ecd6d3 | - | |
| httpd24-mod_ldap-2.4.12-6.0.1.el7.1.x86_64.rpm | fdff37cb2f580fa8ed84afd0b57f78d7 | - | |
| httpd24-mod_proxy_html-2.4.12-6.0.1.el7.1.x86_64.rpm | d61373e24e44d18e28e578f011414f9c | - | |
| httpd24-mod_session-2.4.12-6.0.1.el7.1.x86_64.rpm | 9f8124887d7e52c1cd676677e4a5ccc5 | - | |
| httpd24-mod_ssl-2.4.12-6.0.1.el7.1.x86_64.rpm | 893306939b219019b0409e15859c5813 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
