Stay Connected:

ELSA-2021-3856

ELSA-2021-3856 - httpd security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2021-10-14

Description


[2.4.6-97.0.1.1]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-97.1]
- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted
request uri-path containing 'unix:'


Related CVEs


CVE-2021-40438

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) httpd-2.4.6-97.0.1.el7_9.1.src.rpm7769166fbcf3947ed5fc055c08422c8d-
httpd-2.4.6-97.0.1.el7_9.1.aarch64.rpm82567de5fb0518819ba9988ce66d2cba-
httpd-devel-2.4.6-97.0.1.el7_9.1.aarch64.rpm4cc5034d56725c95d324f3bd35ff3181-
httpd-manual-2.4.6-97.0.1.el7_9.1.noarch.rpm9a58400ab6a7740c621d2d9298dda03d-
httpd-tools-2.4.6-97.0.1.el7_9.1.aarch64.rpmc81a64042b7f0a29f0a3a738ccc8708c-
mod_ldap-2.4.6-97.0.1.el7_9.1.aarch64.rpmb418d4df18994d6aaf3c93327b88f576-
mod_proxy_html-2.4.6-97.0.1.el7_9.1.aarch64.rpmf5dc69b1bc4ac523b4e93b5790941e5f-
mod_session-2.4.6-97.0.1.el7_9.1.aarch64.rpmed9253c6cb503ba39b43c4416a1a743e-
mod_ssl-2.4.6-97.0.1.el7_9.1.aarch64.rpm224393c182b18a9021cc1736e6f04de4-
Oracle Linux 7 (x86_64) httpd-2.4.6-97.0.1.el7_9.1.src.rpm7769166fbcf3947ed5fc055c08422c8d-
httpd-2.4.6-97.0.1.el7_9.1.x86_64.rpm3045ae63fb3f170f370ecbd0bbad2adb-
httpd-devel-2.4.6-97.0.1.el7_9.1.x86_64.rpm8e9b677d73a29ae5b04abc15ebe5f026-
httpd-manual-2.4.6-97.0.1.el7_9.1.noarch.rpm9a58400ab6a7740c621d2d9298dda03d-
httpd-tools-2.4.6-97.0.1.el7_9.1.x86_64.rpm5910b1e09982c5b297da1263fd289954-
mod_ldap-2.4.6-97.0.1.el7_9.1.x86_64.rpm39477ee6372880480daf54e905cf2414-
mod_proxy_html-2.4.6-97.0.1.el7_9.1.x86_64.rpm296c413726d4c1e8b5234553f23c17fb-
mod_session-2.4.6-97.0.1.el7_9.1.x86_64.rpm77e535b33cb2b08dba8dc09d0b9dffc3-
mod_ssl-2.4.6-97.0.1.el7_9.1.x86_64.rpm72c09dffcc91e060c66e1775d7d73e51-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights