Описание
ELSA-2011-1391: httpd security and bug fix update (MODERATE)
[2.2.15-9.0.1.el6_1.3]
- replace index.html with Oracle's index page
- update vstring in specfile
[2.2.15-9.3]
- add security fixes for CVE-2011-3347, CVE-2011-3368 (#743901)
- fix regressions in CVE-2011-3192 patch (#736592)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
httpd
2.2.15-9.0.1.el6_1.3
httpd-devel
2.2.15-9.0.1.el6_1.3
httpd-manual
2.2.15-9.0.1.el6_1.3
httpd-tools
2.2.15-9.0.1.el6_1.3
mod_ssl
2.2.15-9.0.1.el6_1.3
Oracle Linux i686
httpd
2.2.15-9.0.1.el6_1.3
httpd-devel
2.2.15-9.0.1.el6_1.3
httpd-manual
2.2.15-9.0.1.el6_1.3
httpd-tools
2.2.15-9.0.1.el6_1.3
mod_ssl
2.2.15-9.0.1.el6_1.3
Связанные CVE
Связанные уязвимости
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when ...
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.