Описание
ELSA-2022-9714: httpd security update (IMPORTANT)
[2.2.15-69.0.5]
- handle large writes in ap_rputs [CVE-2022-28614][Orabug: 34317854]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
httpd
2.2.15-69.0.5.el6
httpd-devel
2.2.15-69.0.5.el6
httpd-manual
2.2.15-69.0.5.el6
httpd-tools
2.2.15-69.0.5.el6
mod_ssl
2.2.15-69.0.5.el6
Oracle Linux i686
httpd
2.2.15-69.0.5.el6
httpd-devel
2.2.15-69.0.5.el6
httpd-manual
2.2.15-69.0.5.el6
httpd-tools
2.2.15-69.0.5.el6
mod_ssl
2.2.15-69.0.5.el6
Связанные CVE
Связанные уязвимости
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may ...
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.