ELSA-2024-4726

ELSA-2024-4726 - httpd security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-07-23

Description


[2.4.57-11.0.1]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.57-11]
- Resolves: RHEL-45792 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)

[2.4.57-9]
- Resolves: RHEL-45766 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45749 - httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45818 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45771 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)


Related CVEs


CVE-2024-38474
CVE-2024-38473
CVE-2024-38477
CVE-2024-39573
CVE-2024-38475

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) httpd-2.4.57-11.0.1.el9_4.src.rpm181a359013b8a1dd393699c2117aebbd-ol9_aarch64_appstream
httpd-2.4.57-11.0.1.el9_4.aarch64.rpm08cf65982206665f8e5e04693a094622-ol9_aarch64_appstream
httpd-core-2.4.57-11.0.1.el9_4.aarch64.rpm65a8253b893929066703b16a79886fd9-ol9_aarch64_appstream
httpd-devel-2.4.57-11.0.1.el9_4.aarch64.rpm4c498e2eb684855de67e698ac8266eb4-ol9_aarch64_appstream
httpd-filesystem-2.4.57-11.0.1.el9_4.noarch.rpm8c1df1208d35a4d55804517dc0caba71-ol9_aarch64_appstream
httpd-manual-2.4.57-11.0.1.el9_4.noarch.rpm3797c2d267a44771cfbc04dcd4dc70db-ol9_aarch64_appstream
httpd-tools-2.4.57-11.0.1.el9_4.aarch64.rpm451f9d7112e7fe74fe8b65e10bcb5781-ol9_aarch64_appstream
mod_ldap-2.4.57-11.0.1.el9_4.aarch64.rpm5189dd2bf5be99646def192213966151-ol9_aarch64_appstream
mod_lua-2.4.57-11.0.1.el9_4.aarch64.rpma0183ee95b537c3966912c8479b0a356-ol9_aarch64_appstream
mod_proxy_html-2.4.57-11.0.1.el9_4.aarch64.rpmc43f8de995aba9241804ff8bb80d33d6-ol9_aarch64_appstream
mod_session-2.4.57-11.0.1.el9_4.aarch64.rpm434fd566efd64c865e6977003d6d2b0e-ol9_aarch64_appstream
mod_ssl-2.4.57-11.0.1.el9_4.aarch64.rpmba957aa88f22c562aab4535e89b9e251-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) httpd-2.4.57-11.0.1.el9_4.src.rpm181a359013b8a1dd393699c2117aebbd-ol9_x86_64_appstream
httpd-2.4.57-11.0.1.el9_4.x86_64.rpm530e5fa31f8d9986b0e410f47a5ee199-ol9_x86_64_appstream
httpd-core-2.4.57-11.0.1.el9_4.x86_64.rpmb36eb70c78db4ecd7fc531bc1f830e5e-ol9_x86_64_appstream
httpd-devel-2.4.57-11.0.1.el9_4.x86_64.rpmb7490fd85b0e1ea950430d83e0db6960-ol9_x86_64_appstream
httpd-filesystem-2.4.57-11.0.1.el9_4.noarch.rpm8c1df1208d35a4d55804517dc0caba71-ol9_x86_64_appstream
httpd-manual-2.4.57-11.0.1.el9_4.noarch.rpm3797c2d267a44771cfbc04dcd4dc70db-ol9_x86_64_appstream
httpd-tools-2.4.57-11.0.1.el9_4.x86_64.rpm222b48790222f74a58b6f6d5f8b01002-ol9_x86_64_appstream
mod_ldap-2.4.57-11.0.1.el9_4.x86_64.rpm0a2de4b0bd31bf253a621763ea06d0db-ol9_x86_64_appstream
mod_lua-2.4.57-11.0.1.el9_4.x86_64.rpm2a7fb73553a07d943e341ee386ba9504-ol9_x86_64_appstream
mod_proxy_html-2.4.57-11.0.1.el9_4.x86_64.rpm1cb82f75c79af79208606935183346f1-ol9_x86_64_appstream
mod_session-2.4.57-11.0.1.el9_4.x86_64.rpm991b35dc9e291a9e879755ceeef251cf-ol9_x86_64_appstream
mod_ssl-2.4.57-11.0.1.el9_4.x86_64.rpmcaab7410e16dfb4735d498a882ab9e5c-ol9_x86_64_appstream


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete