Stay Connected:

ELSA-2023-0970

ELSA-2023-0970 - httpd security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2023-02-28

Description


[2.4.53-7.0.1]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.53-7.1]
- Resolves: #2165975 - prevent sscg creating /dhparams.pem
- Resolves: #2165970 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte
- Resolves: #2165973 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
- Resolves: #2165974 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling


Related CVEs


CVE-2022-37436
CVE-2022-36760
CVE-2006-20001

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) httpd-2.4.53-7.0.1.el9_1.1.src.rpm27a7307d0538536008945615c9da1944c218d19ef69eabe57ef6ee69a8c9f5d2-ol9_aarch64_appstream
httpd-2.4.53-7.0.1.el9_1.1.aarch64.rpm7a2ebd58a02ba63aa3fd3124ccfdd19296415cd552c3f9a0963f7c14d9d2c201-ol9_aarch64_appstream
httpd-core-2.4.53-7.0.1.el9_1.1.aarch64.rpmd418d4e42e26b18347bbf78b5b5bf4e1446d9f246561850bf1792db7f422e614-ol9_aarch64_appstream
httpd-devel-2.4.53-7.0.1.el9_1.1.aarch64.rpmf69f789f0bff97a00c8846988925e372c475f36209128f7f5ea6b2220bb81a63-ol9_aarch64_appstream
httpd-filesystem-2.4.53-7.0.1.el9_1.1.noarch.rpmd213e48fc89b48b287e14e320a38d352460cc737f16eac2eff9682c3466eacc8-ol9_aarch64_appstream
httpd-manual-2.4.53-7.0.1.el9_1.1.noarch.rpm21641919e065c3e265bb88e761703643f7973c1b6983fb521f257c3269555c38-ol9_aarch64_appstream
httpd-tools-2.4.53-7.0.1.el9_1.1.aarch64.rpm8cd5e26c7cd08ec753ad57d5f03f7f44ab5c18107a1d885df019ab68b919d567-ol9_aarch64_appstream
mod_ldap-2.4.53-7.0.1.el9_1.1.aarch64.rpmfb1987e2f626f9a70da5f6713622c32a0e8e6e98471fccdae3974185c6958c2e-ol9_aarch64_appstream
mod_lua-2.4.53-7.0.1.el9_1.1.aarch64.rpm9862ca7ffb0877bb1b43375383008d9aad08decca53721cd6c2941dd8d855524-ol9_aarch64_appstream
mod_proxy_html-2.4.53-7.0.1.el9_1.1.aarch64.rpmc231db3c72b8860711df103d9b64e89690c04eb73ab353fda94d7bbf3447dc42-ol9_aarch64_appstream
mod_session-2.4.53-7.0.1.el9_1.1.aarch64.rpm6aa1faac64b52b3a4a5100bff8135653dbfcd3ca05ff2ec1ad2e35c01d72e297-ol9_aarch64_appstream
mod_ssl-2.4.53-7.0.1.el9_1.1.aarch64.rpmbd208e43456a1044345c65d6aa10540cdb84c301a5b12f93b7b5b936d7a32cea-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) httpd-2.4.53-7.0.1.el9_1.1.src.rpm27a7307d0538536008945615c9da1944c218d19ef69eabe57ef6ee69a8c9f5d2-ol9_x86_64_appstream
httpd-2.4.53-7.0.1.el9_1.1.x86_64.rpm8cb6ea8456fb9224770bea8ff84b29f94a59d7fc3011a993193b1fcd76a5dbf6-ol9_x86_64_appstream
httpd-core-2.4.53-7.0.1.el9_1.1.x86_64.rpm107b72acd8052ea6f38c107be8948e7ef0c29b977b61b4a7ac991a4e5b556896-ol9_x86_64_appstream
httpd-devel-2.4.53-7.0.1.el9_1.1.x86_64.rpmf955ffedb0a70712fad594b256b50224a94ede33e3bef97995a12d0bfd54da63-ol9_x86_64_appstream
httpd-filesystem-2.4.53-7.0.1.el9_1.1.noarch.rpmd213e48fc89b48b287e14e320a38d352460cc737f16eac2eff9682c3466eacc8-ol9_x86_64_appstream
httpd-manual-2.4.53-7.0.1.el9_1.1.noarch.rpm21641919e065c3e265bb88e761703643f7973c1b6983fb521f257c3269555c38-ol9_x86_64_appstream
httpd-tools-2.4.53-7.0.1.el9_1.1.x86_64.rpma81a8e67a23cea81652ac3f59eb884cc823b8fd03de50aee08282fd5bdf7d364-ol9_x86_64_appstream
mod_ldap-2.4.53-7.0.1.el9_1.1.x86_64.rpme890b39a09046f08644fa1532be067f3c994087934c2301cd9de5f6932667279-ol9_x86_64_appstream
mod_lua-2.4.53-7.0.1.el9_1.1.x86_64.rpm9df21e8f24d2d7dc75f1b6ae2cf8823e169de66eb5bd14bb8e14904e3234a8f5-ol9_x86_64_appstream
mod_proxy_html-2.4.53-7.0.1.el9_1.1.x86_64.rpm493640583e5b5964de4c44ed89b92e7b0e874c8d4fb2719a2f92feed61aa8722-ol9_x86_64_appstream
mod_session-2.4.53-7.0.1.el9_1.1.x86_64.rpm166456c67144d243ab8284e902442da68198d19c9170c000a7066d7b6247c7c7-ol9_x86_64_appstream
mod_ssl-2.4.53-7.0.1.el9_1.1.x86_64.rpmde1bf1f45d5da122e3ed0dae307ccf9edecdf1e956322dbe0ed4fa316584244f-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights