ELSA-2022-9005

ULN >
Oracle Linux Errata repository >
ELSA-2022-9005

ELSA-2022-9005 - httpd:2.4 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2022-01-06

Description

httpd
[2.4.37-43.0.2]
- scoreboard: fix null pointer deference [Orabug: 33690670][CVE-2021-34798]
- fix ap_escape_quote logic [Orabug: 33690686][CVE-2021-39275]

Related CVEs

CVE-2021-34798

CVE-2021-39275

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.src.rpm	8db1fde19ed22f77fc9499ddca25041e082d2c18b85477a9a9e52cd5b1723829	-	ol8_aarch64_appstream
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm	a825aa32e247302cfffb427b8ceaf978d4e2f1d294d7f523d6ea1aadb124bf2d	-	ol8_aarch64_appstream
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.src.rpm	964586d1cb6f8a232b71f89b8f82f4970b2c0e1c1300d1fac8d7a902dfe879cb	-	ol8_aarch64_appstream
	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	d709231db2e2dacc90687602e6fb14da80db450bdc96a5630ef564326faa51b4	-	ol8_aarch64_appstream
	httpd-devel-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	00cb83f8330a16c81782ceab64b2f6c5e90206361f544adb0d5921cf848b23ee	-	ol8_aarch64_appstream
	httpd-filesystem-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	e57bfe28c27190d06036eb127f9ed83a6691774d96b64d7891e710f6760f1001	-	ol8_aarch64_appstream
	httpd-manual-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	5592487f2d545785b5290d07619375b59e00765c6d3d81648034ab02fc125162	-	ol8_aarch64_appstream
	httpd-tools-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	98a35c60ee4f6b834229afc850672fd26adda82a20699d735141fab5847fa3fc	-	ol8_aarch64_appstream
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.aarch64.rpm	48c211ad4477b6c8230e9683533f757a3549be1d1e25f509cdfce3a8d2f318b6	-	ol8_aarch64_appstream
	mod_ldap-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	86affdf6143ba190379b4800c4d68d989e201c27e5809ee21f00bd11cfecfe24	-	ol8_aarch64_appstream
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.aarch64.rpm	59828ad0b80a3834a86568cf0b9789c1f921dfc22ea814250ce6846afb30ba5f	-	ol8_aarch64_appstream
	mod_proxy_html-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	f70773fdfb6d84460a0f811a0496fa43d651955691b52bb4b1ca5dcd5ddc1df8	-	ol8_aarch64_appstream
	mod_session-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	ac8133e61cf30fb184f0c2f3901732245a90885f6aacd55f9c4bd9b1dbd6c4ec	-	ol8_aarch64_appstream
	mod_ssl-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.aarch64.rpm	f760df267e0fddb09ecf2f5555ce666fe3bfe534f3e5d447a895139429d177ee	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.src.rpm	8db1fde19ed22f77fc9499ddca25041e082d2c18b85477a9a9e52cd5b1723829	-	ol8_x86_64_appstream
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm	a825aa32e247302cfffb427b8ceaf978d4e2f1d294d7f523d6ea1aadb124bf2d	-	ol8_x86_64_appstream
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.src.rpm	964586d1cb6f8a232b71f89b8f82f4970b2c0e1c1300d1fac8d7a902dfe879cb	-	ol8_x86_64_appstream
	httpd-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	593841fc1dd2d54dd19af7af6eb7276535ce289144eb63603a78e2d6444a48af	-	ol8_x86_64_appstream
	httpd-devel-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	d3de9ed4f471a2734d7968547c6e078de6186a1f4cad68e45b6935af4360caa1	-	ol8_x86_64_appstream
	httpd-filesystem-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	e57bfe28c27190d06036eb127f9ed83a6691774d96b64d7891e710f6760f1001	-	ol8_x86_64_appstream
	httpd-manual-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.noarch.rpm	5592487f2d545785b5290d07619375b59e00765c6d3d81648034ab02fc125162	-	ol8_x86_64_appstream
	httpd-tools-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	78708304376637edd6cf6458809169ab57db2459b34503a0ea15d849ed7a0519	-	ol8_x86_64_appstream
	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.x86_64.rpm	2aaaad69193253ef2e42e24a199ca542ce5a5958773ab46180b297744cfa4706	-	ol8_x86_64_appstream
	mod_ldap-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	afeb5469f47d56219862e60fa59b9e5530ca80b3766474d9fbde57f6ffd8bc74	-	ol8_x86_64_appstream
	mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.x86_64.rpm	145c47237014a0d3b92273ad9863060c4dde48fd83ccdc814e191954d78ebe22	-	ol8_x86_64_appstream
	mod_proxy_html-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	fff97219c0b86e33efeefe4092b05ecd10e032488b326bb40d7620bbacb2048e	-	ol8_x86_64_appstream
	mod_session-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	b4ffe279e1aab3a0d7d78cbbd58efdbd51b096a3a76c6129dc83ee5cb429810c	-	ol8_x86_64_appstream
	mod_ssl-2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f.x86_64.rpm	668453ecf7e67195ffde144ee1195f52cc94974930b5ff4a37632e06ceea1ed7	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691