Oracle Linux 7 ELSA-2023-1593 Critical: Httpd HTTP Request Splitting
oracle
April 5, 2023
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Summary
[2.4.6-98.0.3] - mod_proxy: ap_proxy_http_request() to clear hop-by-hop first and fixup last [CVE-2022-31813][Orabug: 34381850] - mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690] [2.4.6-98.0.1] - replace index.html with Oracle's index page oracle_index.html [2.4.6-97.7] - Resolves: #2177742 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates//httpd-2.4.6-98.0.3.el7_9.7.src.rpm
x86_64
httpd-2.4.6-98.0.3.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.0.3.el7_9.7.x86_64.rpm httpd-manual-2.4.6-98.0.3.el7_9.7.noarch.rpm httpd-tools-2.4.6-98.0.3.el7_9.7.x86_64.rpm mod_ldap-2.4.6-98.0.3.el7_9.7.x86_64.rpm mod_proxy_html-2.4.6-98.0.3.el7_9.7.x86_64.rpm mod_session-2.4.6-98.0.3.el7_9.7.x86_64.rpm mod_ssl-2.4.6-98.0.3.el7_9.7.x86_64.rpm
aarch64
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2023-25690
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!