Stay Connected:

ELSA-2023-1670

ELSA-2023-1670 - httpd and mod_http2 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2023-04-06

Description


httpd
[2.4.53-7.0.1.5]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.53-7.5]
- Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with
mod_rewrite and mod_proxy

mod_http2
[1.15.19-3.5]
- Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with
mod_rewrite and mod_proxy

[1.15.19-3]
- Resolves: #2066311 - CVE-2021-44224 httpd: possible NULL dereference or SSRF
in forward proxy configurations


Related CVEs


CVE-2023-25690

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) httpd-2.4.53-7.0.1.el9_1.5.src.rpmc7c0452c607292fcc79049ff92b62b6320d724f66afccdce3ce9863090c54f33-ol9_aarch64_appstream
mod_http2-1.15.19-3.el9_1.5.src.rpme173acf9058e8f46fec80f66e0087d74d4d293fca69a1a7caf80b1b2d2de099b-ol9_aarch64_appstream
httpd-2.4.53-7.0.1.el9_1.5.aarch64.rpm4ec620d97047914b0a420eaf018958e1a7ef2d839d761e3700d52617b858472c-ol9_aarch64_appstream
httpd-core-2.4.53-7.0.1.el9_1.5.aarch64.rpm88177fd90493da3a0da9bff485ab0239545f8cc4cef18d78e18d22e83d3314d7-ol9_aarch64_appstream
httpd-devel-2.4.53-7.0.1.el9_1.5.aarch64.rpme9c931e218b331012734873a9a127b229e274f66b70c6e42711f4da8d0be0d36-ol9_aarch64_appstream
httpd-filesystem-2.4.53-7.0.1.el9_1.5.noarch.rpm333b01a9158189c0488c662831c05e9cdaad37357c37319cab433ddd8293d448-ol9_aarch64_appstream
httpd-manual-2.4.53-7.0.1.el9_1.5.noarch.rpm6332310a937ccc77fa73d26df821c3537995662cfc6287ea902c78d8f930613f-ol9_aarch64_appstream
httpd-tools-2.4.53-7.0.1.el9_1.5.aarch64.rpm06ef0e6862a51bd7c2a5edcd7c6b46510180fd53bdf84d103c0b0d1ebc25024c-ol9_aarch64_appstream
mod_http2-1.15.19-3.el9_1.5.aarch64.rpm2fe8117a250885642f5d064baeb47c141813d633fffd009f3778fe40b8cc89e5-ol9_aarch64_appstream
mod_ldap-2.4.53-7.0.1.el9_1.5.aarch64.rpm1418addacaddb4bac8e1d9a8225dac5c2253ace2ce61c14e1b09891257c9017d-ol9_aarch64_appstream
mod_lua-2.4.53-7.0.1.el9_1.5.aarch64.rpm7ef5913465b7064279ebb693b26ff529e2d62f89fe3c1557442a822c22799b03-ol9_aarch64_appstream
mod_proxy_html-2.4.53-7.0.1.el9_1.5.aarch64.rpm7448c385a7fd08004100e8047df4cff00457804e851183eab5ff3ea618257917-ol9_aarch64_appstream
mod_session-2.4.53-7.0.1.el9_1.5.aarch64.rpm9032907acb1bf0b0c9cbc3d447477f057f22cea4cd64e7c783075e1dd6ce6cfe-ol9_aarch64_appstream
mod_ssl-2.4.53-7.0.1.el9_1.5.aarch64.rpme22777b45e2f76480a50b0359144a52dcc394ddcc22339c5908493ad4da1a864-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) httpd-2.4.53-7.0.1.el9_1.5.src.rpmc7c0452c607292fcc79049ff92b62b6320d724f66afccdce3ce9863090c54f33-ol9_x86_64_appstream
mod_http2-1.15.19-3.el9_1.5.src.rpme173acf9058e8f46fec80f66e0087d74d4d293fca69a1a7caf80b1b2d2de099b-ol9_x86_64_appstream
httpd-2.4.53-7.0.1.el9_1.5.x86_64.rpmccb2cb4da58049d78eec6285cb92734895fc283665714e7a907cfb512a842d3c-ol9_x86_64_appstream
httpd-core-2.4.53-7.0.1.el9_1.5.x86_64.rpm5752975ea602fcff488873e0b7d5802623bf284441bee5d53e637e4236e6ef7e-ol9_x86_64_appstream
httpd-devel-2.4.53-7.0.1.el9_1.5.x86_64.rpm44edf81a77e6bddec494543264ae88f72d8f012150ddc7c05ccb1e0634fb2a18-ol9_x86_64_appstream
httpd-filesystem-2.4.53-7.0.1.el9_1.5.noarch.rpm333b01a9158189c0488c662831c05e9cdaad37357c37319cab433ddd8293d448-ol9_x86_64_appstream
httpd-manual-2.4.53-7.0.1.el9_1.5.noarch.rpm6332310a937ccc77fa73d26df821c3537995662cfc6287ea902c78d8f930613f-ol9_x86_64_appstream
httpd-tools-2.4.53-7.0.1.el9_1.5.x86_64.rpmd7b9eae24f6c59a3a8ac78972b5d5ce376f563e46de59fc6334f91cce6096019-ol9_x86_64_appstream
mod_http2-1.15.19-3.el9_1.5.x86_64.rpmbb201f1cb63b5efcc2531556f259b49c3137417e9bc2aabbe267954464bf103c-ol9_x86_64_appstream
mod_ldap-2.4.53-7.0.1.el9_1.5.x86_64.rpm8738b9c109e2fe9375a18eab8bdb25e2208c183bd9457b7e2464fe27f3e85a41-ol9_x86_64_appstream
mod_lua-2.4.53-7.0.1.el9_1.5.x86_64.rpm9d212b351f27d2a53d851a9930272851c181e773229e1b2daaa64aadda907c56-ol9_x86_64_appstream
mod_proxy_html-2.4.53-7.0.1.el9_1.5.x86_64.rpm8d1cc53418972df2eb94419df5588552dc2d0ac57b8ade3b9b41c78c681b70ae-ol9_x86_64_appstream
mod_session-2.4.53-7.0.1.el9_1.5.x86_64.rpmbfc104c7352d5b09a1560c128737bc63eded3428da4215d07170593e9c3f1c57-ol9_x86_64_appstream
mod_ssl-2.4.53-7.0.1.el9_1.5.x86_64.rpmaadeb96b23c83866482af85e86d034e5ddfd1168c46ecbeb5d64c0c1b6ef573c-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights