Oracle Linux 7 ELSA-2022-0143 Critical Security Update: HTTPD Issues
oracle
January 19, 2022
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Summary
[2.4.6-97.0.5.4] - mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690] - replace index.html with Oracle's index page oracle_index.html [2.4.6-97.4] - Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input - Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session [2.4.6-97.3] - Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow when parsing multipart content
Topics Covered
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates/httpd-2.4.6-97.0.5.el7_9.4.src.rpm
x86_64
aarch64
httpd-2.4.6-97.0.5.el7_9.4.aarch64.rpm httpd-devel-2.4.6-97.0.5.el7_9.4.aarch64.rpm httpd-manual-2.4.6-97.0.5.el7_9.4.noarch.rpm httpd-tools-2.4.6-97.0.5.el7_9.4.aarch64.rpm mod_session-2.4.6-97.0.5.el7_9.4.aarch64.rpm mod_ssl-2.4.6-97.0.5.el7_9.4.aarch64.rpm mod_ldap-2.4.6-97.0.5.el7_9.4.aarch64.rpm mod_proxy_html-2.4.6-97.0.5.el7_9.4.aarch64.rpm
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs: CVE-2021-26691
CVE-2021-34798
CVE-2021-39275
CVE-2021-44790
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!