ELSA-2022-9005

ULN >
Oracle Linux Errata repository >
ELSA-2022-9005

ELSA-2022-9005 - httpd:2.4 security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-01-06

Description

httpd
[2.4.37-43.0.2]
- scoreboard: fix null pointer deference [Orabug: 33690670][CVE-2021-34798]
- fix ap_escape_quote logic [Orabug: 33690686][CVE-2021-39275]

Related CVEs

CVE-2021-34798

CVE-2021-39275

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.src.rpm	c6c9fd22c6744d6a97a01821b77faa61	-
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm	e320fdccb7dc34b2dc9965af2f24d07b	-
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.src.rpm	14a256c7954eaccd0c33deb8b19f4928	-
	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	efea52e87ed0e09ff9215b520b383eda	-
	httpd-devel-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	160e020c1b3a554dc646787051906289	-
	httpd-filesystem-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	0a48dd7047916cb6a6a3fbe79a7ddea7	-
	httpd-manual-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	1c5a234b9b1d8653b38bfc18b1317d63	-
	httpd-tools-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	4ae7c6beeee0ee7769a83297df84cbbe	-
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.aarch64.rpm	c96f1ce00150115f21de9ae2b1292791	-
	mod_ldap-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	7817a9e087cf85fdded776c5c45cd6ef	-
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.aarch64.rpm	ef9ada4ee3b92e532ee360897b872fd7	-
	mod_proxy_html-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	550d19edd64c17d9960233e8898f9c53	-
	mod_session-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	4db012078fdafc32fed0764675446556	-
	mod_ssl-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	47a863f83c88837189833ba228f543eb	-

Oracle Linux 8 (x86_64)	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.src.rpm	c6c9fd22c6744d6a97a01821b77faa61	-
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm	e320fdccb7dc34b2dc9965af2f24d07b	-
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.src.rpm	14a256c7954eaccd0c33deb8b19f4928	-
	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	03f33cd7c24441a15dbc6eafe31aa4a5	-
	httpd-devel-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	a68ed294eebe93877abae310531a9446	-
	httpd-filesystem-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	0a48dd7047916cb6a6a3fbe79a7ddea7	-
	httpd-manual-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	1c5a234b9b1d8653b38bfc18b1317d63	-
	httpd-tools-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	77dbf76c0fee6350bede27fbacb03554	-
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.x86_64.rpm	63cf91b96c95af5dcba2af37b59ba747	-
	mod_ldap-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	2af23d67a628a772a9f3cdb28a4255f6	-
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.x86_64.rpm	4281a45471c608328e2ecc8c05fc1e70	-
	mod_proxy_html-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	fe01f9e1650d22f8cd5a22c3a183fe48	-
	mod_session-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	6812e0f8e38fb28f071af896af66a16a	-
	mod_ssl-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	bfd50fcfb96558c47a2b43f7c8c3a371	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691