Stay Connected:

ELSA-2020-3958

ELSA-2020-3958 - httpd security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2020-10-06

Description


[2.4.6-95.0.1]
- replace index.html with Oracles index page oracle_index.html

[2.4.6-95]
- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized
value

[2.4.6-94]
- Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing
newline in the file name
- Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect
- Resolves: #1724879 - httpd terminates all SSL connections using an abortive
shutdown
- Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive
- Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in
mod_cache_socache can allow a remote attacker to cause a denial of service
- Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in
mod_session can allow a remote user to modify session data for CGI applications


Related CVEs


CVE-2018-1303
CVE-2020-1927
CVE-2017-15715
CVE-2018-1283
CVE-2019-10098
CVE-2020-1934

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) httpd-2.4.6-95.0.1.el7.src.rpm2e6ae99106ddcda51bc14d2c16b6719eELBA-2020-5033
httpd-2.4.6-95.0.1.el7.aarch64.rpm277e9f27f345b526775ba2ce986e899dELBA-2020-5033
httpd-devel-2.4.6-95.0.1.el7.aarch64.rpm9a2ee8b114baabc89e3c0b6cfd87b8a2ELBA-2020-5033
httpd-manual-2.4.6-95.0.1.el7.noarch.rpm97e9972a353308e5c093df886d286d4bELBA-2020-5033
httpd-tools-2.4.6-95.0.1.el7.aarch64.rpm118394df8c8bc175ed9795d3dc387df3ELBA-2020-5033
mod_ldap-2.4.6-95.0.1.el7.aarch64.rpm51051487050011596e29d7892e2aed0fELBA-2020-5033
mod_proxy_html-2.4.6-95.0.1.el7.aarch64.rpm9ebb046f7cb3dd3c391f3cdabf009467ELBA-2020-5033
mod_session-2.4.6-95.0.1.el7.aarch64.rpm756ab287429b5b34a94390979eb39ce4ELBA-2020-5033
mod_ssl-2.4.6-95.0.1.el7.aarch64.rpmcb5f61f16fa5dbf24a4d4deeb5999cf7ELBA-2020-5033
Oracle Linux 7 (x86_64) httpd-2.4.6-95.0.1.el7.src.rpm2e6ae99106ddcda51bc14d2c16b6719eELBA-2020-5033
httpd-2.4.6-95.0.1.el7.x86_64.rpm6d6145d1557572dc56497789203ffd94ELBA-2020-5033
httpd-devel-2.4.6-95.0.1.el7.x86_64.rpmea95c36824b2fc483681602fda689f88ELBA-2020-5033
httpd-manual-2.4.6-95.0.1.el7.noarch.rpm97e9972a353308e5c093df886d286d4bELBA-2020-5033
httpd-tools-2.4.6-95.0.1.el7.x86_64.rpm7288980b8db3cc1d9c29d94d697ffc18ELBA-2020-5033
mod_ldap-2.4.6-95.0.1.el7.x86_64.rpmdc6c9e493cb396c7ba319df14039a572ELBA-2020-5033
mod_proxy_html-2.4.6-95.0.1.el7.x86_64.rpm6fe479eaf345816fa3d3c11398b9bd76ELBA-2020-5033
mod_session-2.4.6-95.0.1.el7.x86_64.rpmeb678fdb1de00e09335b1a592bc8b479ELBA-2020-5033
mod_ssl-2.4.6-95.0.1.el7.x86_64.rpm2afeb400893080150c8876ab2aea36feELBA-2020-5033



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights