ELSA-2024-4726

ULN >
Oracle Linux Errata repository >
ELSA-2024-4726

ELSA-2024-4726 - httpd security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-07-23

Description

[2.4.57-11.0.1]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.57-11]
- Resolves: RHEL-45792 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)

[2.4.57-9]
- Resolves: RHEL-45766 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45749 - httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45818 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45771 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	httpd-2.4.57-11.0.1.el9_4.src.rpm	181a359013b8a1dd393699c2117aebbd	-	ol9_aarch64_appstream
	httpd-2.4.57-11.0.1.el9_4.aarch64.rpm	08cf65982206665f8e5e04693a094622	-	ol9_aarch64_appstream
	httpd-core-2.4.57-11.0.1.el9_4.aarch64.rpm	65a8253b893929066703b16a79886fd9	-	ol9_aarch64_appstream
	httpd-devel-2.4.57-11.0.1.el9_4.aarch64.rpm	4c498e2eb684855de67e698ac8266eb4	-	ol9_aarch64_appstream
	httpd-filesystem-2.4.57-11.0.1.el9_4.noarch.rpm	8c1df1208d35a4d55804517dc0caba71	-	ol9_aarch64_appstream
	httpd-manual-2.4.57-11.0.1.el9_4.noarch.rpm	3797c2d267a44771cfbc04dcd4dc70db	-	ol9_aarch64_appstream
	httpd-tools-2.4.57-11.0.1.el9_4.aarch64.rpm	451f9d7112e7fe74fe8b65e10bcb5781	-	ol9_aarch64_appstream
	mod_ldap-2.4.57-11.0.1.el9_4.aarch64.rpm	5189dd2bf5be99646def192213966151	-	ol9_aarch64_appstream
	mod_lua-2.4.57-11.0.1.el9_4.aarch64.rpm	a0183ee95b537c3966912c8479b0a356	-	ol9_aarch64_appstream
	mod_proxy_html-2.4.57-11.0.1.el9_4.aarch64.rpm	c43f8de995aba9241804ff8bb80d33d6	-	ol9_aarch64_appstream
	mod_session-2.4.57-11.0.1.el9_4.aarch64.rpm	434fd566efd64c865e6977003d6d2b0e	-	ol9_aarch64_appstream
	mod_ssl-2.4.57-11.0.1.el9_4.aarch64.rpm	ba957aa88f22c562aab4535e89b9e251	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	httpd-2.4.57-11.0.1.el9_4.src.rpm	181a359013b8a1dd393699c2117aebbd	-	ol9_x86_64_appstream
	httpd-2.4.57-11.0.1.el9_4.x86_64.rpm	530e5fa31f8d9986b0e410f47a5ee199	-	ol9_x86_64_appstream
	httpd-core-2.4.57-11.0.1.el9_4.x86_64.rpm	b36eb70c78db4ecd7fc531bc1f830e5e	-	ol9_x86_64_appstream
	httpd-devel-2.4.57-11.0.1.el9_4.x86_64.rpm	b7490fd85b0e1ea950430d83e0db6960	-	ol9_x86_64_appstream
	httpd-filesystem-2.4.57-11.0.1.el9_4.noarch.rpm	8c1df1208d35a4d55804517dc0caba71	-	ol9_x86_64_appstream
	httpd-manual-2.4.57-11.0.1.el9_4.noarch.rpm	3797c2d267a44771cfbc04dcd4dc70db	-	ol9_x86_64_appstream
	httpd-tools-2.4.57-11.0.1.el9_4.x86_64.rpm	222b48790222f74a58b6f6d5f8b01002	-	ol9_x86_64_appstream
	mod_ldap-2.4.57-11.0.1.el9_4.x86_64.rpm	0a2de4b0bd31bf253a621763ea06d0db	-	ol9_x86_64_appstream
	mod_lua-2.4.57-11.0.1.el9_4.x86_64.rpm	2a7fb73553a07d943e341ee386ba9504	-	ol9_x86_64_appstream
	mod_proxy_html-2.4.57-11.0.1.el9_4.x86_64.rpm	1cb82f75c79af79208606935183346f1	-	ol9_x86_64_appstream
	mod_session-2.4.57-11.0.1.el9_4.x86_64.rpm	991b35dc9e291a9e879755ceeef251cf	-	ol9_x86_64_appstream
	mod_ssl-2.4.57-11.0.1.el9_4.x86_64.rpm	caab7410e16dfb4735d498a882ab9e5c	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691