Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Oracle Linux 8 ELSA-2022-0258 Critical Httpd Exploits Update

oracle
Calendar Grey January 25, 2022
Oracle Linux Logo Esm H88
Oracle Linux Security Update ELSA-2022-0258 provides critical patches for httpd, mitigating vulnerabilities and potential threats.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

httpd [2.4.37-43.1.0.1] - scoreboard: fix null pointer deference [Orabug: 33690670][CVE-2021-34798] - fix ap_escape_quote logic [Orabug: 33690686][CVE-2021-39275] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle's index page oracle_index.html. [2.4.37-43.1] - Resolves: #2035062 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content mod_http2 [1.15.7-3] - Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd: mod_http2 concurrent pool usage mod_md

Topics%20covered

Topics Covered

security advisory httpd critical issues important update exploit prevention Oracle Linux

SRPMs


Warning: Undefined array key "references" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3929718_8ef039c68d1d756f705e7dee9ba3d15b on line 11

https://oss.oracle.com:443/ol8/SRPMS-updates/httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm

x86_64

httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm httpd-filesystem-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-manual-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.x86_64.rpm mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.x86_64.rpm mod_proxy_html-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_session-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_ssl-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm

aarch64

httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm httpd-filesystem-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-manual-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.aarch64.rpm mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.aarch64.rpm mod_proxy_html-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_session-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_ssl-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2021-44790

Topics%20covered

Topics Covered

security advisory httpd critical issues important update exploit prevention Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here