ELSA-2019-2343

ULN >
Oracle Linux Errata repository >
ELSA-2019-2343

ELSA-2019-2343 - httpd security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2019-08-13

Description

[2.4.6-90.0.1]
- replace index.html with Oracles index page oracle_index.html
Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation
in mod_auth_digest
- Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control
bypass due to race condition
- Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency

Related CVEs

CVE-2019-0217

CVE-2019-0220

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	httpd-2.4.6-90.0.1.el7.src.rpm	e4796d49b853954fed32bb2e3fb6746b4f5ef58989fe22a68b3143512235bb25	ELSA-2024-7101	ol7_aarch64_latest
	httpd-2.4.6-90.0.1.el7.src.rpm	e4796d49b853954fed32bb2e3fb6746b4f5ef58989fe22a68b3143512235bb25	ELSA-2024-7101	ol7_aarch64_u7_base
	httpd-2.4.6-90.0.1.el7.aarch64.rpm	f524ee3747ac65599c07d5a8f82350512a5a7462b268dfa03636463570ea9ca6	ELSA-2024-7101	ol7_aarch64_latest
	httpd-2.4.6-90.0.1.el7.aarch64.rpm	f524ee3747ac65599c07d5a8f82350512a5a7462b268dfa03636463570ea9ca6	ELSA-2024-7101	ol7_aarch64_u7_base
	httpd-devel-2.4.6-90.0.1.el7.aarch64.rpm	ddc3d27ec4314e76f4ac5b75f380c4c5ee86123d17c7b6a75da080d44c6cccb7	ELSA-2024-7101	ol7_aarch64_latest
	httpd-devel-2.4.6-90.0.1.el7.aarch64.rpm	ddc3d27ec4314e76f4ac5b75f380c4c5ee86123d17c7b6a75da080d44c6cccb7	ELSA-2024-7101	ol7_aarch64_u7_base
	httpd-manual-2.4.6-90.0.1.el7.noarch.rpm	55d24fe40b408f7a3615b86abaa018955d025eed8e4702166ee17232896e1c92	ELSA-2024-7101	ol7_aarch64_latest
	httpd-manual-2.4.6-90.0.1.el7.noarch.rpm	55d24fe40b408f7a3615b86abaa018955d025eed8e4702166ee17232896e1c92	ELSA-2024-7101	ol7_aarch64_u7_base
	httpd-tools-2.4.6-90.0.1.el7.aarch64.rpm	613812dc5bbc5393bd771f0abc431bc3aff342ee185ee33fd0c44947056f982c	ELSA-2024-7101	ol7_aarch64_latest
	httpd-tools-2.4.6-90.0.1.el7.aarch64.rpm	613812dc5bbc5393bd771f0abc431bc3aff342ee185ee33fd0c44947056f982c	ELSA-2024-7101	ol7_aarch64_u7_base
	mod_ldap-2.4.6-90.0.1.el7.aarch64.rpm	41e2d1376eb3a8ece6c3803e8f46120a02f005269bc3d52d99361a6c553c71aa	ELSA-2024-7101	ol7_aarch64_optional_latest
	mod_proxy_html-2.4.6-90.0.1.el7.aarch64.rpm	5aff28911c1ca7104d436fa73bb835c2b9a03724d275153534176d4f3fdc2774	ELSA-2024-7101	ol7_aarch64_optional_latest
	mod_session-2.4.6-90.0.1.el7.aarch64.rpm	e936f3ab197b12d17e98b2389c63e578c551c0bffc8dd860fe1ca354e744e8c2	ELSA-2024-7101	ol7_aarch64_latest
	mod_session-2.4.6-90.0.1.el7.aarch64.rpm	e936f3ab197b12d17e98b2389c63e578c551c0bffc8dd860fe1ca354e744e8c2	ELSA-2024-7101	ol7_aarch64_u7_base
	mod_ssl-2.4.6-90.0.1.el7.aarch64.rpm	6617613cee490c87f7de930dce22b5b9e143c600467a66670cb9139ce61cf389	ELSA-2024-7101	ol7_aarch64_latest
	mod_ssl-2.4.6-90.0.1.el7.aarch64.rpm	6617613cee490c87f7de930dce22b5b9e143c600467a66670cb9139ce61cf389	ELSA-2024-7101	ol7_aarch64_u7_base

Oracle Linux 7 (x86_64)	httpd-2.4.6-90.0.1.el7.src.rpm	e4796d49b853954fed32bb2e3fb6746b4f5ef58989fe22a68b3143512235bb25	ELSA-2024-7101	ol7_x86_64_latest
	httpd-2.4.6-90.0.1.el7.src.rpm	e4796d49b853954fed32bb2e3fb6746b4f5ef58989fe22a68b3143512235bb25	ELSA-2024-7101	ol7_x86_64_u7_base
	httpd-2.4.6-90.0.1.el7.x86_64.rpm	b17f05c81008f8b571497f791bb453c2954a58665a66939db6e340e0c49ee95e	ELSA-2024-7101	ol7_x86_64_latest
	httpd-2.4.6-90.0.1.el7.x86_64.rpm	b17f05c81008f8b571497f791bb453c2954a58665a66939db6e340e0c49ee95e	ELSA-2024-7101	ol7_x86_64_u7_base
	httpd-devel-2.4.6-90.0.1.el7.x86_64.rpm	81d5029259baa41b8edc9349f33942bba90f0b9e86259c3a68b8729f59dc784a	ELSA-2024-7101	ol7_x86_64_latest
	httpd-devel-2.4.6-90.0.1.el7.x86_64.rpm	81d5029259baa41b8edc9349f33942bba90f0b9e86259c3a68b8729f59dc784a	ELSA-2024-7101	ol7_x86_64_u7_base
	httpd-manual-2.4.6-90.0.1.el7.noarch.rpm	55d24fe40b408f7a3615b86abaa018955d025eed8e4702166ee17232896e1c92	ELSA-2024-7101	ol7_x86_64_latest
	httpd-manual-2.4.6-90.0.1.el7.noarch.rpm	55d24fe40b408f7a3615b86abaa018955d025eed8e4702166ee17232896e1c92	ELSA-2024-7101	ol7_x86_64_u7_base
	httpd-tools-2.4.6-90.0.1.el7.x86_64.rpm	2ac89818c784c723d89d44bb1c4edfb4e930f234550bdec1a928248c58a5e16e	ELSA-2024-7101	ol7_x86_64_latest
	httpd-tools-2.4.6-90.0.1.el7.x86_64.rpm	2ac89818c784c723d89d44bb1c4edfb4e930f234550bdec1a928248c58a5e16e	ELSA-2024-7101	ol7_x86_64_u7_base
	mod_ldap-2.4.6-90.0.1.el7.x86_64.rpm	009eec66833cee633a1ede0d29b3e0466072324c90bda5ea719d19a76f4af348	ELSA-2024-7101	ol7_x86_64_optional_latest
	mod_proxy_html-2.4.6-90.0.1.el7.x86_64.rpm	85efbe2fc57cb6490f81a6155dd968154a39dce21faf01d623c7c669e1913c44	ELSA-2024-7101	ol7_x86_64_optional_latest
	mod_session-2.4.6-90.0.1.el7.x86_64.rpm	5dc9015ee817fe4cbe3e14b3930c0cca0def22e368db8a02f89926e8e5b3d7de	ELSA-2024-7101	ol7_x86_64_latest
	mod_session-2.4.6-90.0.1.el7.x86_64.rpm	5dc9015ee817fe4cbe3e14b3930c0cca0def22e368db8a02f89926e8e5b3d7de	ELSA-2024-7101	ol7_x86_64_u7_base
	mod_ssl-2.4.6-90.0.1.el7.x86_64.rpm	051c993e8198ecedf3174e59ac046c5c70c91365d64d1ba2d263fc3e139d8412	ELSA-2024-7101	ol7_x86_64_latest
	mod_ssl-2.4.6-90.0.1.el7.x86_64.rpm	051c993e8198ecedf3174e59ac046c5c70c91365d64d1ba2d263fc3e139d8412	ELSA-2024-7101	ol7_x86_64_u7_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691