ELSA-2024-4720

ELSA-2024-4720 - httpd:2.4 security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-07-23

Description


httpd
[2.4.37-65.0.1.1]
- Replace index.html with Oracle's index page oracle_index.html

[2.4.37-65.1]
- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue
in mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
in mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference
in mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF
in mod_rewrite (CVE-2024-39573)

mod_http2
mod_md


Related CVEs


CVE-2024-38475
CVE-2024-38477
CVE-2024-38473
CVE-2024-39573
CVE-2024-38474

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) httpd-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.src.rpm4afebcfc9c0e692431c711bceef3e3bc-ol8_aarch64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.src.rpmcfad3ce0620e49673cb9c5f948265264-ol8_aarch64_appstream
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm57baf2f70c9de0a1ab3a4a39fb97b4a0-ol8_aarch64_appstream
httpd-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpm2a4cd98f5b37fa7ca9b7c13c484ff5c0-ol8_aarch64_appstream
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpmc1028ce19ad2afb9e99f95659a7de0df-ol8_aarch64_appstream
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.noarch.rpm38dcc906b23d30edb71303a6e618045d-ol8_aarch64_appstream
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.noarch.rpm62abf5983129665ff58ff794d6aeffac-ol8_aarch64_appstream
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpm3825474b66cf8a5247bd331d385c767c-ol8_aarch64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.aarch64.rpm7a4232cd2fee5cf07d4b6cfd120ae5e8-ol8_aarch64_appstream
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpmff0921549a898d9b0a922458933a997e-ol8_aarch64_appstream
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.aarch64.rpme0cdd2c7bbe8ba7cf3614b973dd7eb66-ol8_aarch64_appstream
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpm62e573eae1c038a4549fe54516f3bbab-ol8_aarch64_appstream
mod_session-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpm50bed9d5cec572c4b9beb012e03ee1f6-ol8_aarch64_appstream
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.aarch64.rpmc98e1768a9fd6dc592f38382066d7d59-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) httpd-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.src.rpm4afebcfc9c0e692431c711bceef3e3bc-ol8_x86_64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.src.rpmcfad3ce0620e49673cb9c5f948265264-ol8_x86_64_appstream
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm57baf2f70c9de0a1ab3a4a39fb97b4a0-ol8_x86_64_appstream
httpd-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpmc52bed777c308817646e78733d0f04c5-ol8_x86_64_appstream
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpm53db0ad96da080d0da22f2a476db9231-ol8_x86_64_appstream
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.noarch.rpm38dcc906b23d30edb71303a6e618045d-ol8_x86_64_appstream
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.noarch.rpm62abf5983129665ff58ff794d6aeffac-ol8_x86_64_appstream
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpm27f876b93ada64885efa8849f294ebe1-ol8_x86_64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.x86_64.rpmad14667bc0eddafff0e6adcad3f51b6b-ol8_x86_64_appstream
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpme3d80672f07254302e3554dd765ebac6-ol8_x86_64_appstream
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.x86_64.rpm50f77dc288425f1cdee5d05760c7dccb-ol8_x86_64_appstream
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpm9aa2093051ee47f8a357924e56b290b3-ol8_x86_64_appstream
mod_session-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpm0279ab0736bb7ad1e4c904c9267af7ea-ol8_x86_64_appstream
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1.x86_64.rpm4e79a99fb058b401fe91222d6acce2c3-ol8_x86_64_appstream


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete