Описание
ELSA-2023-0852: httpd:2.4 security and bug fix update (MODERATE)
httpd [2.4.37-51.0.1.1]
- Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262]
- Replace index.html with Oracle's index page oracle_index.html
[2.4.37-51.1]
- Resolves: #2165967 - prevent sscg creating /dhparams.pem
- Resolves: #2165976 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte
- Resolves: #2165977 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
- Resolves: #2165978 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module httpd:2.4 is enabled
httpd
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-devel
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-filesystem
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-manual
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-tools
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_http2
1.15.7-5.module+el8.6.0+20548+01710940
mod_ldap
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_md
2.0.8-8.module+el8.5.0+20475+4f6a8fd5
mod_proxy_html
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_session
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_ssl
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
Oracle Linux x86_64
Module httpd:2.4 is enabled
httpd
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-devel
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-filesystem
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-manual
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
httpd-tools
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_http2
1.15.7-5.module+el8.6.0+20548+01710940
mod_ldap
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_md
2.0.8-8.module+el8.5.0+20475+4f6a8fd5
mod_proxy_html
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_session
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
mod_ssl
2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1