Описание
ELSA-2022-1045: httpd security update (IMPORTANT)
[2.4.6-97.0.5.5]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]
- replace index.html with Oracle's index page oracle_index.html
[2.4.6-97.5]
- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
httpd
2.4.6-97.0.5.el7_9.5
httpd-devel
2.4.6-97.0.5.el7_9.5
httpd-manual
2.4.6-97.0.5.el7_9.5
httpd-tools
2.4.6-97.0.5.el7_9.5
mod_ldap
2.4.6-97.0.5.el7_9.5
mod_proxy_html
2.4.6-97.0.5.el7_9.5
mod_session
2.4.6-97.0.5.el7_9.5
mod_ssl
2.4.6-97.0.5.el7_9.5
Oracle Linux x86_64
httpd
2.4.6-97.0.5.el7_9.5
httpd-devel
2.4.6-97.0.5.el7_9.5
httpd-manual
2.4.6-97.0.5.el7_9.5
httpd-tools
2.4.6-97.0.5.el7_9.5
mod_ldap
2.4.6-97.0.5.el7_9.5
mod_proxy_html
2.4.6-97.0.5.el7_9.5
mod_session
2.4.6-97.0.5.el7_9.5
mod_ssl
2.4.6-97.0.5.el7_9.5
Связанные CVE
Связанные уязвимости
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache HTTP Server 2.4.52 and earlier fails to close inbound connectio ...