Stay Connected:

ELSA-2020-1121

ELSA-2020-1121 - httpd security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2020-04-06

Description


[2.4.6-93.0.1]
- replace index.html with Oracles index page oracle_index.html

[2.4.6-93]
- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect
expiry time

[2.4.6-92]
- htpasswd: add SHA-2 crypt() support (#1486889)

[2.4.6-91]
- Resolves: #1630886 - scriptlet can fail if hostname is not installed
- Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in
mod_authnz_ldap when using too small Accept-Language values
- Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after
failure in reading the HTTP request
- Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch
directive
- Resolves: #1633152 - mod_session missing apr-util-openssl
- Resolves: #1649470 - httpd response contains garbage in Content-Type header
- Resolves: #1724034 - Unexpected OCSP in proxy SSL connection


Related CVEs


CVE-2017-15710
CVE-2018-1301
CVE-2018-17199

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) httpd-2.4.6-93.0.1.el7.src.rpm3a6874c0b62fc4867c96c97f89affc81ELBA-2020-5033
httpd-2.4.6-93.0.1.el7.aarch64.rpme305964c576d3aff8ac25ac04e1f7935ELBA-2020-5033
httpd-devel-2.4.6-93.0.1.el7.aarch64.rpma78d1fb2eb658ee1b38327e6f03f509bELBA-2020-5033
httpd-manual-2.4.6-93.0.1.el7.noarch.rpm8ff6663b355790e5b51b5f2aa3521352ELBA-2020-5033
httpd-tools-2.4.6-93.0.1.el7.aarch64.rpm16d70a41c04ac1748a5a6c88697fa3b5ELBA-2020-5033
mod_ldap-2.4.6-93.0.1.el7.aarch64.rpmbd72ae8fd46388b3b126333f61678956ELBA-2020-5033
mod_proxy_html-2.4.6-93.0.1.el7.aarch64.rpmc43843acdce737485893923ea1dd7021ELBA-2020-5033
mod_session-2.4.6-93.0.1.el7.aarch64.rpm2896c9e5eaddd8cfcfd3828073b9a215ELBA-2020-5033
mod_ssl-2.4.6-93.0.1.el7.aarch64.rpm72e706ef391d6234d9842380d473c393ELBA-2020-5033
Oracle Linux 7 (x86_64) httpd-2.4.6-93.0.1.el7.src.rpm3a6874c0b62fc4867c96c97f89affc81ELBA-2020-5033
httpd-2.4.6-93.0.1.el7.x86_64.rpma4be83f82fad0d7112935f370794eee2ELBA-2020-5033
httpd-devel-2.4.6-93.0.1.el7.x86_64.rpm9e83509574ad1de5f40f6df5c7fe3520ELBA-2020-5033
httpd-manual-2.4.6-93.0.1.el7.noarch.rpm8ff6663b355790e5b51b5f2aa3521352ELBA-2020-5033
httpd-tools-2.4.6-93.0.1.el7.x86_64.rpm2ee774167456e7219f6e50b2c4bfa69eELBA-2020-5033
mod_ldap-2.4.6-93.0.1.el7.x86_64.rpmd8ab2205f3bb3dfab60aa00753b5683dELBA-2020-5033
mod_proxy_html-2.4.6-93.0.1.el7.x86_64.rpmf6fbe18692c462d50403da24d2fcff56ELBA-2020-5033
mod_session-2.4.6-93.0.1.el7.x86_64.rpm03640b5c0a18214f84fa84f8ba6ddff7ELBA-2020-5033
mod_ssl-2.4.6-93.0.1.el7.x86_64.rpm35573c64aa5e19307422063eb40313b7ELBA-2020-5033



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights