ELSA-2021-1809

Описание

httpd [2.4.37-39.0.1]

• Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262]
• Replace index.html with Oracles index page oracle_index.html

[2.4.37-39]

• prevent htcacheclean from while break when first file processed

[2.4.37-38]

• Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache

[2.4.37-37]

• Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key

[2.4.37-36]

• Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel
• Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()

[2.4.37-35]

• Resolves: #1651376 - centralizing default index.html for httpd

[2.4.37-33]

• Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues
• Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server
• Resolves: #1680118 - unorderly connection close when client attempts renegotiation

[2.4.37-31]

• Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time
• Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow
• Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package
• Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive
• Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout
• Resolves: #1891829 - mod_proxy_hcheck Doesnt perform checks when in a balancer

mod_http2 [1.15.7-3]

• Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd: mod_http2 concurrent pool usage

mod_md [1:2.0.8-8]

• Resolves: #1832844 - mod_md does not work with ACME server that does not provide keyChange or revokeCert resources