ELSA-2023-0970

ULN >
Oracle Linux Errata repository >
ELSA-2023-0970

ELSA-2023-0970 - httpd security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-02-28

Description

[2.4.53-7.0.1]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.53-7.1]
- Resolves: #2165975 - prevent sscg creating /dhparams.pem
- Resolves: #2165970 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte
- Resolves: #2165973 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
- Resolves: #2165974 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling

Related CVEs

CVE-2022-37436

CVE-2022-36760

CVE-2006-20001

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 9 (aarch64)	httpd-2.4.53-7.0.1.el9_1.1.src.rpm	4066ebcfb8855277283f7f0f247242b7	-
	httpd-2.4.53-7.0.1.el9_1.1.aarch64.rpm	f52cd85ffe79f819f79435f86a828920	-
	httpd-core-2.4.53-7.0.1.el9_1.1.aarch64.rpm	a07779fa7cc45ad5fa2904293cbff0f9	-
	httpd-devel-2.4.53-7.0.1.el9_1.1.aarch64.rpm	942eb6a9ed7b8ca82470ff01f0fdd441	-
	httpd-filesystem-2.4.53-7.0.1.el9_1.1.noarch.rpm	117af26a3076d73b23fb405c896de2df	-
	httpd-manual-2.4.53-7.0.1.el9_1.1.noarch.rpm	fd947be77e56a572226c49962ddf853b	-
	httpd-tools-2.4.53-7.0.1.el9_1.1.aarch64.rpm	51bf7047253b3e9ffe62e076d4f61485	-
	mod_ldap-2.4.53-7.0.1.el9_1.1.aarch64.rpm	6fee322848d6f4f33a18ddfbd166c664	-
	mod_lua-2.4.53-7.0.1.el9_1.1.aarch64.rpm	15494baafc7f4289d4501dad64d89985	-
	mod_proxy_html-2.4.53-7.0.1.el9_1.1.aarch64.rpm	838a5fd6bd7897b567bd2595c2bde3a1	-
	mod_session-2.4.53-7.0.1.el9_1.1.aarch64.rpm	f0a0f172cfc52b4bce1be1b60bf3761a	-
	mod_ssl-2.4.53-7.0.1.el9_1.1.aarch64.rpm	7ec3fe7d2f0b2556f8df326c6cec3c1d	-

Oracle Linux 9 (x86_64)	httpd-2.4.53-7.0.1.el9_1.1.src.rpm	4066ebcfb8855277283f7f0f247242b7	-
	httpd-2.4.53-7.0.1.el9_1.1.x86_64.rpm	4d743250810d08334441f2f9795ca63d	-
	httpd-core-2.4.53-7.0.1.el9_1.1.x86_64.rpm	44e29a8e2d52914a61af5fc8ada0bd67	-
	httpd-devel-2.4.53-7.0.1.el9_1.1.x86_64.rpm	2766645591e044a8400792b53a8d4df7	-
	httpd-filesystem-2.4.53-7.0.1.el9_1.1.noarch.rpm	117af26a3076d73b23fb405c896de2df	-
	httpd-manual-2.4.53-7.0.1.el9_1.1.noarch.rpm	fd947be77e56a572226c49962ddf853b	-
	httpd-tools-2.4.53-7.0.1.el9_1.1.x86_64.rpm	3a961d1b56374bbe23d46f9428dfaa94	-
	mod_ldap-2.4.53-7.0.1.el9_1.1.x86_64.rpm	4a508eb0ef707d88e18177ab76f67582	-
	mod_lua-2.4.53-7.0.1.el9_1.1.x86_64.rpm	12aed1f2b3c00f92ba2fa045a9bec916	-
	mod_proxy_html-2.4.53-7.0.1.el9_1.1.x86_64.rpm	294399ffba7abcb36feb9c0221eeaddc	-
	mod_session-2.4.53-7.0.1.el9_1.1.x86_64.rpm	35964185b2ff0bee7c36cbbfe02b1e3f	-
	mod_ssl-2.4.53-7.0.1.el9_1.1.x86_64.rpm	41f2a6ada02360e0494dd098b7660fdd	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691