ELSA-2024-4726

ULN >
Oracle Linux Errata repository >
ELSA-2024-4726

ELSA-2024-4726 - httpd security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-07-23

Description

[2.4.57-11.0.1]
- Replace index.html with Oracle's index page oracle_index.html.

[2.4.57-11]
- Resolves: RHEL-45792 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)

[2.4.57-9]
- Resolves: RHEL-45766 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45749 - httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45818 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45771 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	httpd-2.4.57-11.0.1.el9_4.src.rpm	e89d6f0472de6410858bee57906cf87200ea6d77f0e5765a540cf3b557115340	-	ol9_aarch64_appstream
	httpd-2.4.57-11.0.1.el9_4.aarch64.rpm	f1692a9098b2e484f2e42b80a449aff51f2c1a5db5c1eea47f5de6a495ab469b	-	ol9_aarch64_appstream
	httpd-core-2.4.57-11.0.1.el9_4.aarch64.rpm	475073871872ca7629a5e6ccd7922b67fd2fb76b1a181cdc4a6b722d0917034a	-	ol9_aarch64_appstream
	httpd-devel-2.4.57-11.0.1.el9_4.aarch64.rpm	9d202d2937a8783475cd02706452d29fb1807fb85b340d71d34f9e825c7f43a2	-	ol9_aarch64_appstream
	httpd-filesystem-2.4.57-11.0.1.el9_4.noarch.rpm	fff649fd9e290ce2eb3825308c6befb639c414848fabfee121c712883afc7fb2	-	ol9_aarch64_appstream
	httpd-manual-2.4.57-11.0.1.el9_4.noarch.rpm	b07e2a666f2c66b7d3977beedcec18788c720f21374edc699b95c597adfcd103	-	ol9_aarch64_appstream
	httpd-tools-2.4.57-11.0.1.el9_4.aarch64.rpm	8eec9689ce7b715887a9317c2e80a1dc796e9216ea15abbc2f21f2919c9349d5	-	ol9_aarch64_appstream
	mod_ldap-2.4.57-11.0.1.el9_4.aarch64.rpm	bfd029a0c569653f47ce4a277545b08a0d9e7f6509ee13c68d133f426aeeba6e	-	ol9_aarch64_appstream
	mod_lua-2.4.57-11.0.1.el9_4.aarch64.rpm	1d1222c927cb28096902dd4de1d95f7670b43e19a68f1f7a00df45301ab53287	-	ol9_aarch64_appstream
	mod_proxy_html-2.4.57-11.0.1.el9_4.aarch64.rpm	98c23f1f3e1f9127f3923195dd9f0789b3bf347475dc928fad72285b57cfd8da	-	ol9_aarch64_appstream
	mod_session-2.4.57-11.0.1.el9_4.aarch64.rpm	8113ad684cec8656086f0b0916a6dfa05e648cdb22d7af512aa821d651cdc19c	-	ol9_aarch64_appstream
	mod_ssl-2.4.57-11.0.1.el9_4.aarch64.rpm	08c25ea38b550b59c201385110424e8094584bde75ee85bdfabc6398e3345d9c	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	httpd-2.4.57-11.0.1.el9_4.src.rpm	e89d6f0472de6410858bee57906cf87200ea6d77f0e5765a540cf3b557115340	-	ol9_x86_64_appstream
	httpd-2.4.57-11.0.1.el9_4.x86_64.rpm	3e39276afc77b43b1ce8a529cd310ac74ef5a2dba1fe9b819dafa8b761229ba1	-	ol9_x86_64_appstream
	httpd-core-2.4.57-11.0.1.el9_4.x86_64.rpm	4f48f67d7e8e2569036e17cab2cf7a36984c9ec3ada9b7d00f974c7f2ba0c5ac	-	ol9_x86_64_appstream
	httpd-devel-2.4.57-11.0.1.el9_4.x86_64.rpm	c8bb1b55d2491ad4c6485acdf1daf3c3e4aa388777df4a243e37a676546df2cd	-	ol9_x86_64_appstream
	httpd-filesystem-2.4.57-11.0.1.el9_4.noarch.rpm	fff649fd9e290ce2eb3825308c6befb639c414848fabfee121c712883afc7fb2	-	ol9_x86_64_appstream
	httpd-manual-2.4.57-11.0.1.el9_4.noarch.rpm	b07e2a666f2c66b7d3977beedcec18788c720f21374edc699b95c597adfcd103	-	ol9_x86_64_appstream
	httpd-tools-2.4.57-11.0.1.el9_4.x86_64.rpm	a6a181a7f2beaa9fae9ddb2cb27782688088ac0d6aa696cb97ea1fedc5ab7cc2	-	ol9_x86_64_appstream
	mod_ldap-2.4.57-11.0.1.el9_4.x86_64.rpm	45d7ff55f2465e65732ffdb746afdb21d0c75a220068c8d4b1b1b1100d4f8762	-	ol9_x86_64_appstream
	mod_lua-2.4.57-11.0.1.el9_4.x86_64.rpm	6e8c9ff09ebc71267da9edfa8959b12640ed1c63337066d26e95eecf297d5f4f	-	ol9_x86_64_appstream
	mod_proxy_html-2.4.57-11.0.1.el9_4.x86_64.rpm	98cc20536489cfaa78f5e7033edb87d072ec6d8703b72ccdd65516740aff1926	-	ol9_x86_64_appstream
	mod_session-2.4.57-11.0.1.el9_4.x86_64.rpm	27e8bd68aba127f06b230f0ef832ff12ee4bd7abf39dbf97417b1c57ce4ba9a0	-	ol9_x86_64_appstream
	mod_ssl-2.4.57-11.0.1.el9_4.x86_64.rpm	f34da5d32a5254bc69f205153b27da632e909ad8e7197080e2ddf6d9d882f486	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691