ELSA-2024-2278

ELSA-2024-2278 - httpd security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-03

Description

[2.4.57-8.0.1]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.57-8]
- mod_xml2enc: fix media type handling
Resolves: RHEL-17686
- mod_dav: add DavBasePath
Resolves: RHEL-6600

[2.4.57-7]
- Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read
vulnerability (CVE-2023-31122)

[2.4.57-6]
- Resolves: RHEL-5071 - mod_dav_fs: add DavLockDBType
- mod_dav_fs: add global mutex around lockdb interaction

Related CVEs

CVE-2023-31122

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	httpd-2.4.57-8.0.1.el9.src.rpm	e140b8af429ae692e921a13e2d53dc6f14b696648f7c533ae993f2d9c5230f6a	-	ol9_aarch64_appstream
	httpd-2.4.57-8.0.1.el9.aarch64.rpm	aaf8f31926cdde498ee5e993694e8743d162c0333b7d0269cd75f595976da962	-	ol9_aarch64_appstream
	httpd-core-2.4.57-8.0.1.el9.aarch64.rpm	f88c0c466404f1349f43487cdfe5cdd3e1e88759ad1f82f8b1898556f6cc9508	-	ol9_aarch64_appstream
	httpd-devel-2.4.57-8.0.1.el9.aarch64.rpm	b3ed4e80908b62d643ed8f2b6b06d6d5cbfe651875e7760e984e147af7adf635	-	ol9_aarch64_appstream
	httpd-filesystem-2.4.57-8.0.1.el9.noarch.rpm	54fa8144829cf8adfc621fcae332ba5b643689d6272bb5bc1ed8ea3f541e1f6d	-	ol9_aarch64_appstream
	httpd-manual-2.4.57-8.0.1.el9.noarch.rpm	a150aa54adf634669aaa64b8247e6989c283eb148d6bf7db4d609b1c73cbf1cd	-	ol9_aarch64_appstream
	httpd-tools-2.4.57-8.0.1.el9.aarch64.rpm	9e4cb7a0bdbbbc3926997153ed20892ac266ae29d076090a0b7a4660356b40fb	-	ol9_aarch64_appstream
	mod_ldap-2.4.57-8.0.1.el9.aarch64.rpm	cfa2bed097aa2e460ecb8c1dfb639d120b75dae7739225e657880eddccf23622	-	ol9_aarch64_appstream
	mod_lua-2.4.57-8.0.1.el9.aarch64.rpm	f8e93f07570fb35424a258b5860b2514232e2d4a78b618f5b739fa7070223625	-	ol9_aarch64_appstream
	mod_proxy_html-2.4.57-8.0.1.el9.aarch64.rpm	ad5609a773f44a1130683e7f181dbd293e503d9f0c2454a0633cd190661423db	-	ol9_aarch64_appstream
	mod_session-2.4.57-8.0.1.el9.aarch64.rpm	b66e80578be1d9505438976ea12160e098be4099267337fc63bdc1ed199d2970	-	ol9_aarch64_appstream
	mod_ssl-2.4.57-8.0.1.el9.aarch64.rpm	3bc56b813296e1d2e690aad18821e87a94f989ade0ba2c0d6f4361ef11c4acea	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	httpd-2.4.57-8.0.1.el9.src.rpm	e140b8af429ae692e921a13e2d53dc6f14b696648f7c533ae993f2d9c5230f6a	-	ol9_x86_64_appstream
	httpd-2.4.57-8.0.1.el9.x86_64.rpm	305ff3523714f279556d76d1a24f74cc6231e8ac361558e5d6a05ecb42af2698	-	ol9_x86_64_appstream
	httpd-core-2.4.57-8.0.1.el9.x86_64.rpm	0b2789aff9fc54e032840805f2153f4d33eb039b1224cec3889f9bc3b4f5b63c	-	ol9_x86_64_appstream
	httpd-devel-2.4.57-8.0.1.el9.x86_64.rpm	390de7e3d34fe194ca29ca2133abcd7e78bbb79c0d79b2a85152bf6241942ac2	-	ol9_x86_64_appstream
	httpd-filesystem-2.4.57-8.0.1.el9.noarch.rpm	54fa8144829cf8adfc621fcae332ba5b643689d6272bb5bc1ed8ea3f541e1f6d	-	ol9_x86_64_appstream
	httpd-manual-2.4.57-8.0.1.el9.noarch.rpm	a150aa54adf634669aaa64b8247e6989c283eb148d6bf7db4d609b1c73cbf1cd	-	ol9_x86_64_appstream
	httpd-tools-2.4.57-8.0.1.el9.x86_64.rpm	145443ab9f4cc798a4d9a0e4084a79effc694aa76749ea8b0c9aaf8c4b313d5f	-	ol9_x86_64_appstream
	mod_ldap-2.4.57-8.0.1.el9.x86_64.rpm	427d4ecce2f8bdced76b84642ad40c138a0093876e7d177b052141e52475ffe7	-	ol9_x86_64_appstream
	mod_lua-2.4.57-8.0.1.el9.x86_64.rpm	bc7a51efbdd354a071f65223a8819d040c52c1824e5ac880bf3fe130cb193aaa	-	ol9_x86_64_appstream
	mod_proxy_html-2.4.57-8.0.1.el9.x86_64.rpm	158044e69baba35abdb79cc51b2e204a45c2c9497e65b7ecbe6be1162883aaa7	-	ol9_x86_64_appstream
	mod_session-2.4.57-8.0.1.el9.x86_64.rpm	dcbb85d8df60dbe7cb028958624055c9ebbe164034e0e18deb1f75e104d43fb8	-	ol9_x86_64_appstream
	mod_ssl-2.4.57-8.0.1.el9.x86_64.rpm	41e4a4f85551c4ffa424b504fa0cc997220d7f30d06c2b545dcec09b806dd8f3	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team