ELSA-2022-1045

ULN >
Oracle Linux Errata repository >
ELSA-2022-1045

ELSA-2022-1045 - httpd security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-03-24

Description

[2.4.6-97.0.5.5]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-97.5]
- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling
vulnerability in Apache HTTP Server 2.4.52 and earlier

Related CVEs

CVE-2022-22720

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	httpd-2.4.6-97.0.5.el7_9.5.src.rpm	a26f97bb3a372c66d5fabce9de3bc382	-
	httpd-2.4.6-97.0.5.el7_9.5.aarch64.rpm	97e215086041d8935ebf163c1bd45d9b	-
	httpd-devel-2.4.6-97.0.5.el7_9.5.aarch64.rpm	5f427912228c62b7d673c4a436ff78ce	-
	httpd-manual-2.4.6-97.0.5.el7_9.5.noarch.rpm	9c918cde0815a5014e0e97a04ede8afc	-
	httpd-tools-2.4.6-97.0.5.el7_9.5.aarch64.rpm	90d481722b42b03c2ba063990d01e2f5	-
	mod_ldap-2.4.6-97.0.5.el7_9.5.aarch64.rpm	6847894449e72770a777e6a847f78155	-
	mod_proxy_html-2.4.6-97.0.5.el7_9.5.aarch64.rpm	952145fe530c463bd61e6b9def6a0a25	-
	mod_session-2.4.6-97.0.5.el7_9.5.aarch64.rpm	0cf61af87d1ea2934dff327e4e0a1377	-
	mod_ssl-2.4.6-97.0.5.el7_9.5.aarch64.rpm	1f8bbf68fe3b274d6e85324fb9c57983	-

Oracle Linux 7 (x86_64)	httpd-2.4.6-97.0.5.el7_9.5.src.rpm	a26f97bb3a372c66d5fabce9de3bc382	-
	httpd-2.4.6-97.0.5.el7_9.5.x86_64.rpm	50cb1b9a63e7a91be8b87a2add5f0237	-
	httpd-devel-2.4.6-97.0.5.el7_9.5.x86_64.rpm	f11f322fd7a3815119b1d6a1c74b3516	-
	httpd-manual-2.4.6-97.0.5.el7_9.5.noarch.rpm	9c918cde0815a5014e0e97a04ede8afc	-
	httpd-tools-2.4.6-97.0.5.el7_9.5.x86_64.rpm	18f2a0c316cbf6cd75517387bddf6faf	-
	mod_ldap-2.4.6-97.0.5.el7_9.5.x86_64.rpm	8084e08c4793bd5d6f1a80ad0ff0f4c3	-
	mod_proxy_html-2.4.6-97.0.5.el7_9.5.x86_64.rpm	76aa79de6a0f94d7b64e1f1af6a964c8	-
	mod_session-2.4.6-97.0.5.el7_9.5.x86_64.rpm	886db9d88b73154e7d844df1787ecf7a	-
	mod_ssl-2.4.6-97.0.5.el7_9.5.x86_64.rpm	2e70ac7b0cc623854f587298f9beddb0	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691