ELSA-2017-2479

ULN >
Oracle Linux Errata repository >
ELSA-2017-2479

ELSA-2017-2479 - httpd security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2017-08-15

Description

[2.4.6-67.0.1.el7_4.2]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-67.2]
- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw()
authentication bypass
- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
- Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection
in mod_auth_digest

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	httpd-2.4.6-67.0.1.el7_4.2.src.rpm	b8cfa1531fb44d7a1dfd4d67561d1453e82f0be11b005f103dca4f6e0ba75a18	ELSA-2024-7101	ol7_x86_64_latest_archive
	httpd-2.4.6-67.0.1.el7_4.2.src.rpm	b8cfa1531fb44d7a1dfd4d67561d1453e82f0be11b005f103dca4f6e0ba75a18	ELSA-2024-7101	ol7_x86_64_optional_archive
	httpd-2.4.6-67.0.1.el7_4.2.src.rpm	b8cfa1531fb44d7a1dfd4d67561d1453e82f0be11b005f103dca4f6e0ba75a18	ELSA-2024-7101	ol7_x86_64_u4_patch
	httpd-2.4.6-67.0.1.el7_4.2.x86_64.rpm	33d7156e034e86abbcb0069697b0e9d8b743db2ffe937d8a10521e638d7e5c77	ELSA-2024-7101	ol7_x86_64_latest_archive
	httpd-2.4.6-67.0.1.el7_4.2.x86_64.rpm	33d7156e034e86abbcb0069697b0e9d8b743db2ffe937d8a10521e638d7e5c77	ELSA-2024-7101	ol7_x86_64_u4_patch
	httpd-devel-2.4.6-67.0.1.el7_4.2.x86_64.rpm	7e8a94c000fafd218be5c8d8932305046807755d8152bc41fc7a22b6fe1ad720	ELSA-2024-7101	ol7_x86_64_latest_archive
	httpd-devel-2.4.6-67.0.1.el7_4.2.x86_64.rpm	7e8a94c000fafd218be5c8d8932305046807755d8152bc41fc7a22b6fe1ad720	ELSA-2024-7101	ol7_x86_64_u4_patch
	httpd-manual-2.4.6-67.0.1.el7_4.2.noarch.rpm	466430cb9f648a28e378af6dd7efe856aaaa65b69126158281b4a51aca109243	ELSA-2024-7101	ol7_x86_64_latest_archive
	httpd-manual-2.4.6-67.0.1.el7_4.2.noarch.rpm	466430cb9f648a28e378af6dd7efe856aaaa65b69126158281b4a51aca109243	ELSA-2024-7101	ol7_x86_64_u4_patch
	httpd-tools-2.4.6-67.0.1.el7_4.2.x86_64.rpm	85336cbebc48e7e8c2ea753f5989acaf0e78855b193f7bced1b104be03216c03	ELSA-2024-7101	ol7_x86_64_latest_archive
	httpd-tools-2.4.6-67.0.1.el7_4.2.x86_64.rpm	85336cbebc48e7e8c2ea753f5989acaf0e78855b193f7bced1b104be03216c03	ELSA-2024-7101	ol7_x86_64_u4_patch
	mod_ldap-2.4.6-67.0.1.el7_4.2.x86_64.rpm	e96babebda8445252e0b1f37642a56370db617c933177ee5090b4fe3e3a071c1	ELSA-2024-7101	ol7_x86_64_optional_archive
	mod_proxy_html-2.4.6-67.0.1.el7_4.2.x86_64.rpm	f85e5df894554e3c0b7f218da4c61c02c1bbb75b582febb17c36bd76f43b3609	ELSA-2024-7101	ol7_x86_64_optional_archive
	mod_session-2.4.6-67.0.1.el7_4.2.x86_64.rpm	24a1ab59582cd257166f42ac79750ed0be44da9b645b39986cd9a9aace2721f6	ELSA-2024-7101	ol7_x86_64_optional_archive
	mod_ssl-2.4.6-67.0.1.el7_4.2.x86_64.rpm	07ac52c2695c800778d8b6a43739e02ad3d67d27dc9ca549f1e4db0837f111d6	ELSA-2024-7101	ol7_x86_64_latest_archive
	mod_ssl-2.4.6-67.0.1.el7_4.2.x86_64.rpm	07ac52c2695c800778d8b6a43739e02ad3d67d27dc9ca549f1e4db0837f111d6	ELSA-2024-7101	ol7_x86_64_u4_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691