Описание
ELSA-2014-0370: httpd security update (MODERATE)
[2.2.15-30.0.1.el6_5]
- replace index.html with Oracle's index page oracle_index.html update vstring in specfile
[2.2.15-30]
- mod_dav: add security fix for CVE-2013-6438 (#1078174)
- mod_log_config: add security fix for CVE-2014-0098 (#1078174)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
httpd
2.2.15-30.0.1.el6_5
httpd-devel
2.2.15-30.0.1.el6_5
httpd-manual
2.2.15-30.0.1.el6_5
httpd-tools
2.2.15-30.0.1.el6_5
mod_ssl
2.2.15-30.0.1.el6_5
Oracle Linux i686
httpd
2.2.15-30.0.1.el6_5
httpd-devel
2.2.15-30.0.1.el6_5
httpd-manual
2.2.15-30.0.1.el6_5
httpd-tools
2.2.15-30.0.1.el6_5
mod_ssl
2.2.15-30.0.1.el6_5
Связанные CVE
Связанные уязвимости
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.