Stay Connected:

ELSA-2026-22140

ELSA-2026-22140 - httpd:2.4 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-06-01

Description


httpd
[2.4.37-65.0.1.7]
- Replace index.html with Oracle's index page oracle_index.html

mod_http2
[1.15.7-10.5]
- Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by
Memory Increase (CVE-2025-53020)

mod_md
[1:2.0.8-8.2]
- Resolves: RHEL-134487 - httpd:2.4/httpd: Apache HTTP Server: mod_md (ACME),
unintended retry intervals (CVE-2025-55753)


Related CVEs


CVE-2025-53020
CVE-2026-28780
CVE-2026-33007
CVE-2026-33857
CVE-2026-34032
CVE-2026-34059

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.src.rpm0da4116771f01d2ee50d8744679065daaaf1149eba31615de882b296c26cd709-ol8_aarch64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.src.rpm72b89bcd33f7db5872527819729a4dfa27cd14d1838441e95c5b64fe32a6d5d0-ol8_aarch64_appstream
mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.src.rpm9db8343d602b63ce893a5e6337b5adb88a72fb79432779565626f46e0767998b-ol8_aarch64_appstream
httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm69adf6cab66003c45ebac7f5bdcf3ff0d6b4b0b58cd3cdc3043e241cb0ac4d1d-ol8_aarch64_appstream
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm0fff48d4a19497328b3c7df7f3f8e6e8198c19754f5fb0b13020b0891f471336-ol8_aarch64_appstream
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpma2db1bbe623dc1a3dca058655439de1b102c6da1dc5976c0264a4bbd042666a4-ol8_aarch64_appstream
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpm3b37e5b5a30d6215a91d9be70979ba61620a9ea036223b55d60ecb3ed8ce4c81-ol8_aarch64_appstream
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm3256eae5640483432d9f4c2ed2669c9e014169b3d36a27765c6ad6ef6c3b90d1-ol8_aarch64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.aarch64.rpmfa2a68ff53688dbd9232e1c2cf7f2797b5596fdd398bbbe3d7a92f128408fd24-ol8_aarch64_appstream
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm59b0e0603955e6aaa7d493d3dcebb92c776d4952f2a6e92b2d13952457ec948d-ol8_aarch64_appstream
mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.aarch64.rpm0076c2b3d4031d8b44a8267f229206b5b1a1aa912d18fd0506a11e1441a7fd56-ol8_aarch64_appstream
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm69694ce8a852fdf101394f848651e863b1f4895dcb1350cbc3426d8f5ab80833-ol8_aarch64_appstream
mod_session-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm220c5b44f94371cf420f7ea156443a039dc12394457710aca83f944810062203-ol8_aarch64_appstream
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm2d12884841318ed1d030b99fe297dc74338285f1f16a68905c8c77214095741a-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.src.rpm0da4116771f01d2ee50d8744679065daaaf1149eba31615de882b296c26cd709-ol8_x86_64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.src.rpm72b89bcd33f7db5872527819729a4dfa27cd14d1838441e95c5b64fe32a6d5d0-ol8_x86_64_appstream
mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.src.rpm9db8343d602b63ce893a5e6337b5adb88a72fb79432779565626f46e0767998b-ol8_x86_64_appstream
httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm1c41a8f144b502a4dd5e971f0df5122e56421adacb8198a441cf6ba4fe7e6cae-ol8_x86_64_appstream
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpmb90869c1c7ee5a45995410575daabba52436ed469eaab8c95b08b18dd1f9e798-ol8_x86_64_appstream
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpma2db1bbe623dc1a3dca058655439de1b102c6da1dc5976c0264a4bbd042666a4-ol8_x86_64_appstream
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpm3b37e5b5a30d6215a91d9be70979ba61620a9ea036223b55d60ecb3ed8ce4c81-ol8_x86_64_appstream
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm1027c07713d195d9b009e8dae6d9e508d66857e6b3f2f820aca47b85d8be0204-ol8_x86_64_appstream
mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.x86_64.rpm3b4611b938b275cd69dd3469f79447be39f0796b69416be6a6f1cae90c8036f6-ol8_x86_64_appstream
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpmbcc00b73f6fc08763d799143ae37c169f7635accbc8a3e543ad811c036f7fbd8-ol8_x86_64_appstream
mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.x86_64.rpmd840fcfb5901dd6d2d0589f27ddaa733291ebfdd46645f898df94326b1e53f0a-ol8_x86_64_appstream
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpmf86ba489d3eeff4ef0ff36a675ccfab2c0e558327f11447f408cbf50e437c07a-ol8_x86_64_appstream
mod_session-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpmae7035ae2eb06b44f4102cc1d9d8c9f257fc984182f819c20e7aaaf241b8f976-ol8_x86_64_appstream
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm294f87c3b93d4d551f71290ca45ca66c5a42ce849a820f5ba746c2d76d5e466b-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights