ELSA-2022-1045

ELSA-2022-1045 - httpd security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2022-03-24

Description


[2.4.6-97.0.5.5]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-97.5]
- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling
vulnerability in Apache HTTP Server 2.4.52 and earlier


Related CVEs


CVE-2022-22720

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) httpd-2.4.6-97.0.5.el7_9.5.src.rpma26f97bb3a372c66d5fabce9de3bc382-
httpd-2.4.6-97.0.5.el7_9.5.aarch64.rpm97e215086041d8935ebf163c1bd45d9b-
httpd-devel-2.4.6-97.0.5.el7_9.5.aarch64.rpm5f427912228c62b7d673c4a436ff78ce-
httpd-manual-2.4.6-97.0.5.el7_9.5.noarch.rpm9c918cde0815a5014e0e97a04ede8afc-
httpd-tools-2.4.6-97.0.5.el7_9.5.aarch64.rpm90d481722b42b03c2ba063990d01e2f5-
mod_ldap-2.4.6-97.0.5.el7_9.5.aarch64.rpm6847894449e72770a777e6a847f78155-
mod_proxy_html-2.4.6-97.0.5.el7_9.5.aarch64.rpm952145fe530c463bd61e6b9def6a0a25-
mod_session-2.4.6-97.0.5.el7_9.5.aarch64.rpm0cf61af87d1ea2934dff327e4e0a1377-
mod_ssl-2.4.6-97.0.5.el7_9.5.aarch64.rpm1f8bbf68fe3b274d6e85324fb9c57983-
Oracle Linux 7 (x86_64) httpd-2.4.6-97.0.5.el7_9.5.src.rpma26f97bb3a372c66d5fabce9de3bc382-
httpd-2.4.6-97.0.5.el7_9.5.x86_64.rpm50cb1b9a63e7a91be8b87a2add5f0237-
httpd-devel-2.4.6-97.0.5.el7_9.5.x86_64.rpmf11f322fd7a3815119b1d6a1c74b3516-
httpd-manual-2.4.6-97.0.5.el7_9.5.noarch.rpm9c918cde0815a5014e0e97a04ede8afc-
httpd-tools-2.4.6-97.0.5.el7_9.5.x86_64.rpm18f2a0c316cbf6cd75517387bddf6faf-
mod_ldap-2.4.6-97.0.5.el7_9.5.x86_64.rpm8084e08c4793bd5d6f1a80ad0ff0f4c3-
mod_proxy_html-2.4.6-97.0.5.el7_9.5.x86_64.rpm76aa79de6a0f94d7b64e1f1af6a964c8-
mod_session-2.4.6-97.0.5.el7_9.5.x86_64.rpm886db9d88b73154e7d844df1787ecf7a-
mod_ssl-2.4.6-97.0.5.el7_9.5.x86_64.rpm2e70ac7b0cc623854f587298f9beddb0-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete