Описание
ELSA-2013-1156: httpd security update (MODERATE)
[2.2.15-29.0.1.el6_4]
- replace index.html with Oracle's index page oracle_index.html update vstring in specfile
[2.2.15-29]
- mod_dav: add security fix for CVE-2013-1896 (#991368)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
httpd
2.2.15-29.0.1.el6_4
httpd-devel
2.2.15-29.0.1.el6_4
httpd-manual
2.2.15-29.0.1.el6_4
httpd-tools
2.2.15-29.0.1.el6_4
mod_ssl
2.2.15-29.0.1.el6_4
Oracle Linux i686
httpd
2.2.15-29.0.1.el6_4
httpd-devel
2.2.15-29.0.1.el6_4
httpd-manual
2.2.15-29.0.1.el6_4
httpd-tools
2.2.15-29.0.1.el6_4
mod_ssl
2.2.15-29.0.1.el6_4
Oracle Linux 5
Oracle Linux ia64
httpd
2.2.3-82.0.1.el5_9
httpd-devel
2.2.3-82.0.1.el5_9
httpd-manual
2.2.3-82.0.1.el5_9
mod_ssl
2.2.3-82.0.1.el5_9
Oracle Linux x86_64
httpd
2.2.3-82.0.1.el5_9
httpd-devel
2.2.3-82.0.1.el5_9
httpd-manual
2.2.3-82.0.1.el5_9
mod_ssl
2.2.3-82.0.1.el5_9
Oracle Linux i386
httpd
2.2.3-82.0.1.el5_9
httpd-devel
2.2.3-82.0.1.el5_9
httpd-manual
2.2.3-82.0.1.el5_9
mod_ssl
2.2.3-82.0.1.el5_9
Связанные CVE
Связанные уязвимости
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly de ...
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.