Oracle Linux 10: ELSA-2025-23932 httpd Important Security Fix

oracle

December 24, 2025

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[2.4.63-4.0.1.3] - Replace index.html with Oracle's index page oracle_index.html. [2.4.63-4.3] - Resolves: RHEL-135052 - httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo (CVE-2025-66200) - Resolves: RHEL-135035 - httpd: Apache HTTP Server: CGI environment variable override (CVE-2025-65082) - Resolves: RHEL-134467 - httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... (CVE-2025-58098) [2.4.63-4.2] - Resolves: RHEL-125894 - mod_ssl: allow more fine grained SSL SNI vhost check to avoid unnecessary 421 errors after CVE-2025-23048 fix

Topics Covered

security advisory security issue httpd important Oracle attack surface

SRPMs

Warning: Undefined array key "references" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/4180874_8ef039c68d1d756f705e7dee9ba3d15b on line 11

http://oss.oracle.com/ol10/SRPMS-updates/httpd-2.4.63-4.0.1.el10_1.3.src.rpm

x86_64

httpd-2.4.63-4.0.1.el10_1.3.x86_64.rpm httpd-core-2.4.63-4.0.1.el10_1.3.x86_64.rpm httpd-devel-2.4.63-4.0.1.el10_1.3.x86_64.rpm httpd-filesystem-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-manual-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-tools-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_ldap-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_lua-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_proxy_html-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_session-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_ssl-2.4.63-4.0.1.el10_1.3.x86_64.rpm

aarch64

httpd-2.4.63-4.0.1.el10_1.3.aarch64.rpm httpd-core-2.4.63-4.0.1.el10_1.3.aarch64.rpm httpd-devel-2.4.63-4.0.1.el10_1.3.aarch64.rpm httpd-filesystem-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-manual-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-tools-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_ldap-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_lua-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_proxy_html-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_session-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_ssl-2.4.63-4.0.1.el10_1.3.aarch64.rpm

Severity

important

Lowest

Low

Medium

High

Critical

Related CVEs: CVE-2025-58098 CVE-2025-65082 CVE-2025-66200

Topics Covered

security advisory security issue httpd important Oracle attack surface

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Oracle Linux 10: ELSA-2025-23932 httpd Important Security Fix

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Oracle Linux 10: ELSA-2025-23932 httpd Important Security Fix

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!