Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Oracle Linux 8 ELSA-2022-0891 moderate: fixes for httpd security issues

oracle
Calendar Grey March 16, 2022
Oracle Linux Logo Esm H88
The ELSA-2022-0891 update for Oracle Linux brings significant improvements to the httpd package, addressing critical security vulnerabilities identified.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

httpd [2.4.37-43.0.2.2] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle's index page oracle_index.html [2.4.37-43.2] - Resolves: #2059256 - CVE-2021-34798 httpd:2.4/httpd: NULL pointer dereference via malformed requests - Resolves: #2059257 - CVE-2021-39275 httpd:2.4/httpd: out-of-bounds write in ap_escape_quotes() via malicious input

Topics%20covered

Topics Covered

security advisory update security fix moderate severity httpd Oracle Linux

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates/httpd-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm

x86_64

httpd-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm httpd-devel-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm httpd-filesystem-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.noarch.rpm httpd-manual-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.noarch.rpm httpd-tools-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.x86_64.rpm mod_ldap-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.x86_64.rpm mod_proxy_html-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm mod_session-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm mod_ssl-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.x86_64.rpm

aarch64

httpd-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm httpd-devel-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm httpd-filesystem-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.noarch.rpm httpd-manual-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.noarch.rpm httpd-tools-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.aarch64.rpm mod_ldap-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.aarch64.rpm mod_proxy_html-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm mod_session-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm mod_ssl-2.4.37-43.0.2.module+el8.5.0+20518+d9453e37.2.aarch64.rpm

Related CVEs: CVE-2021-34798 CVE-2021-39275

Topics%20covered

Topics Covered

security advisory update security fix moderate severity httpd Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here