ELSA-2022-1915

ULN >
Oracle Linux Errata repository >
ELSA-2022-1915

ELSA-2022-1915 - httpd:2.4 security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2022-05-17

Description

mod_http2
[1.15.7-5]
- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference
or SSRF in forward proxy configurations

[1.15.7-4]
- Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd:
Request splitting via HTTP/2 method injection and mod_proxy

mod_md

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.src.rpm	6f8260c81d758ba138da1b7ff17051d715535835f608fbee6f7fab59b324526c	-	ol8_aarch64_appstream
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.src.rpm	7097d12585cbfc92e4bfeb7429d65c23c66641dc478a293cea54e60eb89ad646	-	ol8_aarch64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm	77cb415f475a17a3208416ca7974c44f69ff0f2e2b6f5efcadb167d625b8f69b	-	ol8_aarch64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm	77cb415f475a17a3208416ca7974c44f69ff0f2e2b6f5efcadb167d625b8f69b	-	ol8_aarch64_appstream_developer
	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	fee938e08ed400516c2e4c85fbf7aa5d04811482f81894d1a3e8e921bd4cfc6a	-	ol8_aarch64_appstream
	httpd-devel-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	ddd0340c068bf1ee3add600f50c8c769dd1d67b8c664271fc8888224b3efcfac	-	ol8_aarch64_appstream
	httpd-filesystem-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	83085a8d156f4edb8a8d601975ff0a0be8f4cbc388b75fd3cd864b862630a63a	-	ol8_aarch64_appstream
	httpd-manual-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	a9728bcf05c129eb40e5d5d6cc98b1532ec8917c2c00291316c80c9dff4fce78	-	ol8_aarch64_appstream
	httpd-tools-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	056eb89289ab0a29994cfbac57407720e602d5aef7e4b52ba753098f4703f63d	-	ol8_aarch64_appstream
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.aarch64.rpm	835163b2ce324e919d8818a3d58e6f539c3c7de04e221bd99e6a4f11151609c2	-	ol8_aarch64_appstream
	mod_ldap-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	cac81a799d37819403689e52acdd4654366062c16d62cf80b9f7ff4cff7faac7	-	ol8_aarch64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.aarch64.rpm	97c8600bacc26dbeba30ce5cf83654348b37390c4c585336a03ea5d6c6417484	-	ol8_aarch64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.aarch64.rpm	97c8600bacc26dbeba30ce5cf83654348b37390c4c585336a03ea5d6c6417484	-	ol8_aarch64_appstream_developer
	mod_proxy_html-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	9493dc1b035ca8f135311314cdf24ad9d362135f29935c37d643b0ca9bb0403b	-	ol8_aarch64_appstream
	mod_session-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	eb9080cdc76f808f792e27ece0e53e9f87e54fcfacb46ceb4cd901493653802a	-	ol8_aarch64_appstream
	mod_ssl-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.aarch64.rpm	aed2317fafc3772c2aedc41a73f852e01eb2b6c99771ba5f1d83012903b08f1f	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.src.rpm	6f8260c81d758ba138da1b7ff17051d715535835f608fbee6f7fab59b324526c	-	ol8_x86_64_appstream
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.src.rpm	7097d12585cbfc92e4bfeb7429d65c23c66641dc478a293cea54e60eb89ad646	-	ol8_x86_64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm	77cb415f475a17a3208416ca7974c44f69ff0f2e2b6f5efcadb167d625b8f69b	-	ol8_x86_64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm	77cb415f475a17a3208416ca7974c44f69ff0f2e2b6f5efcadb167d625b8f69b	-	ol8_x86_64_appstream_developer
	httpd-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	b1f92d2f39ca0d35b2aed23bec4ac60feb4bec1c85d9e3d7ce4c667ce3ff3c04	-	ol8_x86_64_appstream
	httpd-devel-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	8adfd7e556ed8ffa1a3e78997aec7071fd372ddbbd9d22c1dc320c30b3f3d31e	-	ol8_x86_64_appstream
	httpd-filesystem-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	83085a8d156f4edb8a8d601975ff0a0be8f4cbc388b75fd3cd864b862630a63a	-	ol8_x86_64_appstream
	httpd-manual-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.noarch.rpm	a9728bcf05c129eb40e5d5d6cc98b1532ec8917c2c00291316c80c9dff4fce78	-	ol8_x86_64_appstream
	httpd-tools-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	b262faa98fdea5b7bd9d5814d2492208555bcfc4d4d76d58da8fd5263d533d37	-	ol8_x86_64_appstream
	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.x86_64.rpm	ca8c0763ffddc969870ff6066a024ddcc5f6e6e47356010f506b699507e3618c	-	ol8_x86_64_appstream
	mod_ldap-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	4d27080d7e41aba322a11ce7400e9a4dbf2608549e244308806e543e379fcea6	-	ol8_x86_64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.x86_64.rpm	b82d8f3ba74d9b384ac1f3557beac8bdc03cdcce1f34b6d3f87251acd182b9fb	-	ol8_x86_64_appstream
	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.x86_64.rpm	b82d8f3ba74d9b384ac1f3557beac8bdc03cdcce1f34b6d3f87251acd182b9fb	-	ol8_x86_64_appstream_developer
	mod_proxy_html-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	c9b3ac731e5376a50c909ed086faaf89cebb68c250313dac96ff6a898b518c20	-	ol8_x86_64_appstream
	mod_session-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	d233e23a259aed913da8120ee6d349169be3739a0eebe30ffd0e95abad6e8867	-	ol8_x86_64_appstream
	mod_ssl-2.4.37-47.0.1.module+el8.6.0+20649+083145da.1.x86_64.rpm	4ed972e761017f13e7b178d8f4fb0c756064d7e9a2358616c0e228a6f6bbafc8	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691