Alerts This Week
Warning Icon 1 1,220
Alerts This Week
Warning Icon 1 1,220

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

oracle
Calendar Grey June 3, 2026
Oracle Linux Logo Esm H88
Oracle Linux 8 updates for httpd include critical fixes for important security issues affecting the Apache server.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

httpd [2.4.37-65.0.1.7] - Replace index.html with Oracle's index page oracle_index.html mod_http2 [1.15.7-10.5] - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase (CVE-2025-53020) mod_md [1:2.0.8-8.2] - Resolves: RHEL-134487 - httpd:2.4/httpd: Apache HTTP Server: mod_md (ACME), unintended retry intervals (CVE-2025-55753)

Topics%20covered

Topics Covered

security advisory denial of service apache httpd important Oracle

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates/httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.src.rpm

x86_64

httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm httpd-devel-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpm httpd-manual-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpm httpd-tools-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.x86_64.rpm mod_ldap-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.x86_64.rpm mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm mod_session-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm mod_ssl-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.x86_64.rpm

aarch64

httpd-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm httpd-devel-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpm httpd-manual-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.noarch.rpm httpd-tools-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm mod_http2-1.15.7-10.module+el8.10.0+90899+db89cbcc.5.aarch64.rpm mod_ldap-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm mod_md-2.0.8-8.module+el8.10.0+90899+db89cbcc.2.aarch64.rpm mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm mod_session-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm mod_ssl-2.4.37-65.0.1.module+el8.10.0+90899+db89cbcc.7.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2025-53020 CVE-2026-28780 CVE-2026-33007 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059

Topics%20covered

Topics Covered

security advisory denial of service apache httpd important Oracle

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here