Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

Oracle Linux 9 ELSA-2025-23919 Addresses Critical Vulnerabilities in httpd

oracle
Calendar Grey December 24, 2025
Oracle Linux Logo Esm H88
Updates for Oracle Linux 9 include important fixes for httpd, addressing server-side vulnerabilities and ensuring functionality.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[2.4.62-7.0.1.3] - Replace index.html with Oracle's index page oracle_index.html. [2.4.62-7.3] - Resolves: RHEL-135063 - httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo (CVE-2025-66200) - Resolves: RHEL-135048 - httpd: Apache HTTP Server: CGI environment variable override (CVE-2025-65082) - Resolves: RHEL-134480 - httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... (CVE-2025-58098) [2.4.62-7.2] - Resolves: RHEL-123850 - mod_proxy_hcheck may stop healthchecks after a child process is reclaimed [2.4.62-7.1] - Resolves: RHEL-125884 - mod_ssl: allow more fine grained SSL SNI vhost check to avoid unnecessary 421 errors after CVE-2025-23048 fix - mod_ssl: add conf.d/snipolicy.conf to set 'SSLVHostSNIPolicy authonly' default

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/httpd-2.4.62-7.0.1.el9_7.3.src.rpm

x86_64

httpd-2.4.62-7.0.1.el9_7.3.x86_64.rpm httpd-core-2.4.62-7.0.1.el9_7.3.x86_64.rpm httpd-devel-2.4.62-7.0.1.el9_7.3.x86_64.rpm httpd-filesystem-2.4.62-7.0.1.el9_7.3.noarch.rpm httpd-manual-2.4.62-7.0.1.el9_7.3.noarch.rpm httpd-tools-2.4.62-7.0.1.el9_7.3.x86_64.rpm mod_ldap-2.4.62-7.0.1.el9_7.3.x86_64.rpm mod_lua-2.4.62-7.0.1.el9_7.3.x86_64.rpm mod_proxy_html-2.4.62-7.0.1.el9_7.3.x86_64.rpm mod_session-2.4.62-7.0.1.el9_7.3.x86_64.rpm mod_ssl-2.4.62-7.0.1.el9_7.3.x86_64.rpm

aarch64

httpd-2.4.62-7.0.1.el9_7.3.aarch64.rpm httpd-core-2.4.62-7.0.1.el9_7.3.aarch64.rpm httpd-devel-2.4.62-7.0.1.el9_7.3.aarch64.rpm httpd-filesystem-2.4.62-7.0.1.el9_7.3.noarch.rpm httpd-manual-2.4.62-7.0.1.el9_7.3.noarch.rpm httpd-tools-2.4.62-7.0.1.el9_7.3.aarch64.rpm mod_ldap-2.4.62-7.0.1.el9_7.3.aarch64.rpm mod_lua-2.4.62-7.0.1.el9_7.3.aarch64.rpm mod_proxy_html-2.4.62-7.0.1.el9_7.3.aarch64.rpm mod_session-2.4.62-7.0.1.el9_7.3.aarch64.rpm mod_ssl-2.4.62-7.0.1.el9_7.3.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2025-58098 CVE-2025-65082 CVE-2025-66200

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.