ELSA-2023-1593

ULN >
Oracle Linux Errata repository >
ELSA-2023-1593

ELSA-2023-1593 - httpd security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-04-05

Description

[2.4.6-98.0.3]
- mod_proxy: ap_proxy_http_request() to clear hop-by-hop first and
fixup last [CVE-2022-31813][Orabug: 34381850]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]

[2.4.6-98.0.1]
- replace index.html with Oracle's index page oracle_index.html

[2.4.6-97.7]
- Resolves: #2177742 - CVE-2023-25690 httpd: HTTP request splitting with
mod_rewrite and mod_proxy

Related CVEs

CVE-2023-25690

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	httpd-2.4.6-98.0.3.el7_9.7.src.rpm	0af35526b44dac367240da728f679250d8f13d178a0064459af21f3029adf7ac	ELSA-2024-7101	ol7_aarch64_latest
	httpd-2.4.6-98.0.3.el7_9.7.src.rpm	0af35526b44dac367240da728f679250d8f13d178a0064459af21f3029adf7ac	ELSA-2024-7101	ol7_aarch64_optional_latest
	httpd-2.4.6-98.0.3.el7_9.7.src.rpm	0af35526b44dac367240da728f679250d8f13d178a0064459af21f3029adf7ac	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-2.4.6-98.0.3.el7_9.7.aarch64.rpm	31edf7ecbc7c2adb4523b5e9207121cec072cdc6192af1f4dd64403c0eedb5f1	ELSA-2024-7101	ol7_aarch64_latest
	httpd-2.4.6-98.0.3.el7_9.7.aarch64.rpm	31edf7ecbc7c2adb4523b5e9207121cec072cdc6192af1f4dd64403c0eedb5f1	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-devel-2.4.6-98.0.3.el7_9.7.aarch64.rpm	73db6d73df13774284980ca336219f18caa533bea66216558a1a4120dae3b622	ELSA-2024-7101	ol7_aarch64_latest
	httpd-devel-2.4.6-98.0.3.el7_9.7.aarch64.rpm	73db6d73df13774284980ca336219f18caa533bea66216558a1a4120dae3b622	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-manual-2.4.6-98.0.3.el7_9.7.noarch.rpm	2435d10d3f2dd18748e8d135eb71bb349f9d24b6c64ce6a52bda914d21105054	ELSA-2024-7101	ol7_aarch64_latest
	httpd-manual-2.4.6-98.0.3.el7_9.7.noarch.rpm	2435d10d3f2dd18748e8d135eb71bb349f9d24b6c64ce6a52bda914d21105054	ELSA-2024-7101	ol7_aarch64_u9_patch
	httpd-tools-2.4.6-98.0.3.el7_9.7.aarch64.rpm	441cac4f13eac2d66a37a7d63f20c871548f89784c1006f503630c007ea9655e	ELSA-2024-7101	ol7_aarch64_latest
	httpd-tools-2.4.6-98.0.3.el7_9.7.aarch64.rpm	441cac4f13eac2d66a37a7d63f20c871548f89784c1006f503630c007ea9655e	ELSA-2024-7101	ol7_aarch64_u9_patch
	mod_ldap-2.4.6-98.0.3.el7_9.7.aarch64.rpm	25d9e6e0964828428c4be0de0b6377cea34d2ff74b07bd433802557b066c733d	ELSA-2024-7101	ol7_aarch64_optional_latest
	mod_proxy_html-2.4.6-98.0.3.el7_9.7.aarch64.rpm	540eb813bed2ede9bf6552f38d5b01370659be58b7461c710bb07d772b86c41e	ELSA-2024-7101	ol7_aarch64_optional_latest
	mod_session-2.4.6-98.0.3.el7_9.7.aarch64.rpm	f19f526643294c5f40c73290121170ec31cf82f775a7b9267f11956278db4a3e	ELSA-2024-7101	ol7_aarch64_latest
	mod_session-2.4.6-98.0.3.el7_9.7.aarch64.rpm	f19f526643294c5f40c73290121170ec31cf82f775a7b9267f11956278db4a3e	ELSA-2024-7101	ol7_aarch64_u9_patch
	mod_ssl-2.4.6-98.0.3.el7_9.7.aarch64.rpm	e19066201e4b109fb9780fde51cb68a00cc8551fd68f40dda41948c26fb70633	ELSA-2024-7101	ol7_aarch64_latest
	mod_ssl-2.4.6-98.0.3.el7_9.7.aarch64.rpm	e19066201e4b109fb9780fde51cb68a00cc8551fd68f40dda41948c26fb70633	ELSA-2024-7101	ol7_aarch64_u9_patch

Oracle Linux 7 (x86_64)	httpd-2.4.6-98.0.3.el7_9.7.src.rpm	0af35526b44dac367240da728f679250d8f13d178a0064459af21f3029adf7ac	ELSA-2024-7101	ol7_x86_64_latest
	httpd-2.4.6-98.0.3.el7_9.7.src.rpm	0af35526b44dac367240da728f679250d8f13d178a0064459af21f3029adf7ac	ELSA-2024-7101	ol7_x86_64_optional_latest
	httpd-2.4.6-98.0.3.el7_9.7.src.rpm	0af35526b44dac367240da728f679250d8f13d178a0064459af21f3029adf7ac	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-2.4.6-98.0.3.el7_9.7.x86_64.rpm	4956ee0b5bc2639556fc57777adaf1c70e5f7038425c205c3d8c33e410019ab3	ELSA-2024-7101	ol7_x86_64_latest
	httpd-2.4.6-98.0.3.el7_9.7.x86_64.rpm	4956ee0b5bc2639556fc57777adaf1c70e5f7038425c205c3d8c33e410019ab3	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-devel-2.4.6-98.0.3.el7_9.7.x86_64.rpm	687acfe291bfc89322edd0f029b286e12191c41a601ee346ed6afc314262a18e	ELSA-2024-7101	ol7_x86_64_latest
	httpd-devel-2.4.6-98.0.3.el7_9.7.x86_64.rpm	687acfe291bfc89322edd0f029b286e12191c41a601ee346ed6afc314262a18e	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-manual-2.4.6-98.0.3.el7_9.7.noarch.rpm	2435d10d3f2dd18748e8d135eb71bb349f9d24b6c64ce6a52bda914d21105054	ELSA-2024-7101	ol7_x86_64_latest
	httpd-manual-2.4.6-98.0.3.el7_9.7.noarch.rpm	2435d10d3f2dd18748e8d135eb71bb349f9d24b6c64ce6a52bda914d21105054	ELSA-2024-7101	ol7_x86_64_u9_patch
	httpd-tools-2.4.6-98.0.3.el7_9.7.x86_64.rpm	aefdcd58631c21ebba50b660ab28488a485a6e8e469b24fc0c3b872d4f058468	ELSA-2024-7101	ol7_x86_64_latest
	httpd-tools-2.4.6-98.0.3.el7_9.7.x86_64.rpm	aefdcd58631c21ebba50b660ab28488a485a6e8e469b24fc0c3b872d4f058468	ELSA-2024-7101	ol7_x86_64_u9_patch
	mod_ldap-2.4.6-98.0.3.el7_9.7.x86_64.rpm	324378b9c08508567f9274d8c2e271bf0a2049dd24daaf226691f93bebafc7c9	ELSA-2024-7101	ol7_x86_64_optional_latest
	mod_proxy_html-2.4.6-98.0.3.el7_9.7.x86_64.rpm	3d0d39a5f4e24dfd08908c0a5c060790d5753c142112cda8622012a8c6df2b7e	ELSA-2024-7101	ol7_x86_64_optional_latest
	mod_session-2.4.6-98.0.3.el7_9.7.x86_64.rpm	c78ef4c85ca128b978ebee45220f3ae6a148cd6309d2cf2da97d6f6c1f6447ff	ELSA-2024-7101	ol7_x86_64_latest
	mod_session-2.4.6-98.0.3.el7_9.7.x86_64.rpm	c78ef4c85ca128b978ebee45220f3ae6a148cd6309d2cf2da97d6f6c1f6447ff	ELSA-2024-7101	ol7_x86_64_u9_patch
	mod_ssl-2.4.6-98.0.3.el7_9.7.x86_64.rpm	a4b49dcdaf3df956c7bfe2fe67bdce0fed30948dcb394911340fd0f1862f0127	ELSA-2024-7101	ol7_x86_64_latest
	mod_ssl-2.4.6-98.0.3.el7_9.7.x86_64.rpm	a4b49dcdaf3df956c7bfe2fe67bdce0fed30948dcb394911340fd0f1862f0127	ELSA-2024-7101	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691