ELSA-2022-1915

ULN >
Oracle Linux Errata repository >
ELSA-2022-1915

ELSA-2022-1915 - httpd:2.4 security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2022-05-17

Description

mod_http2
[1.15.7-5]
- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference
or SSRF in forward proxy configurations

[1.15.7-4]
- Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd:
Request splitting via HTTP/2 method injection and mod_proxy

mod_md

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.src.rpm	d55ec9f7e85b67acceaaf3269b2bc487	-
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.src.rpm	93d30528c44414db63745c546d1fa47b	-
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm	d4bbe6c1fcdd8f809bd286308de3a0bc	-
	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	978336985f753da289a41c5d0549245b	-
	httpd-devel-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	6d3603fa45bfa450958bca3df121f92d	-
	httpd-filesystem-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	629dc9ce516447b363797b2cb30d3c75	-
	httpd-manual-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	ffeb18fca46be3648ff4be0686213864	-
	httpd-tools-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	4267adad6b9dfde9c4cbd0fef0ac55e7	-
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.aarch64.rpm	24cfd54660c58cc570572c00e8bb871b	-
	mod_ldap-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	cbb3de6fe0bb905d5ab5d624ffed30ed	-
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.aarch64.rpm	b349fe48e242e2c2ae5af10a13664a88	-
	mod_proxy_html-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	c05be554b2b67792257d72acca717911	-
	mod_session-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	a5f731869d2fe5982cde831028a18a74	-
	mod_ssl-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	9baac5bf665a4969fb8237312f188754	-

Oracle Linux 8 (x86_64)	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.src.rpm	d55ec9f7e85b67acceaaf3269b2bc487	-
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.src.rpm	93d30528c44414db63745c546d1fa47b	-
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm	d4bbe6c1fcdd8f809bd286308de3a0bc	-
	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	1cdc881e3b43e2a1dd8162a2a039cdbf	-
	httpd-devel-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	d971c7d7a635a5e0dd98cbe9d642a5c3	-
	httpd-filesystem-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	629dc9ce516447b363797b2cb30d3c75	-
	httpd-manual-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	ffeb18fca46be3648ff4be0686213864	-
	httpd-tools-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	18eddc31c1dd78cc3550f2737ccc89f0	-
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.x86_64.rpm	65bcfc22399339c0e3cf32ab56b36b17	-
	mod_ldap-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	ce0d9f802da9ef9284ddb309c5f2f9e3	-
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.x86_64.rpm	909f339e1848be0fc4ffe01e7edd7ccc	-
	mod_proxy_html-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	65b3a3e8171c3109a3d5eba176a33f3c	-
	mod_session-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	01e12ce6e908c24b6f4074414f6ba883	-
	mod_ssl-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	dd56a5a8640f1191f1e651d0ea088ba0	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691