Oracle Linux Security Advisory ELSA-2023-1670 https://linux.oracle.com/errata/ELSA-2023-1670.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: httpd-2.4.53-7.0.1.el9_1.5.x86_64.rpm httpd-core-2.4.53-7.0.1.el9_1.5.x86_64.rpm httpd-devel-2.4.53-7.0.1.el9_1.5.x86_64.rpm httpd-filesystem-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-manual-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-tools-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_http2-1.15.19-3.el9_1.5.x86_64.rpm mod_ldap-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_lua-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_proxy_html-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_session-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_ssl-2.4.53-7.0.1.el9_1.5.x86_64.rpm aarch64: httpd-2.4.53-7.0.1.el9_1.5.aarch64.rpm httpd-core-2.4.53-7.0.1.el9_1.5.aarch64.rpm httpd-devel-2.4.53-7.0.1.el9_1.5.aarch64.rpm httpd-filesystem-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-manual-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-tools-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_http2-1.15.19-3.el9_1.5.aarch64.rpm mod_ldap-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_lua-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_proxy_html-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_session-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_ssl-2.4.53-7.0.1.el9_1.5.aarch64.rpm SRPMS: https://oss.oracle.com/ol9/SRPMS-updates//httpd-2.4.53-7.0.1.el9_1.5.src.rpm https://oss.oracle.com/ol9/SRPMS-updates//mod_http2-1.15.19-3.el9_1.5.src.rpm Related CVEs: CVE-2023-25690 Description of changes: httpd [2.4.53-7.0.1.5] - Replace index.html with Oracle's index page oracle_index.html. [2.4.53-7.5] - Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy mod_http2 [1.15.19-3.5] - Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy [1.15.19-3] - Resolves: #2066311 - CVE-2021-44224 httpd: possible NULL dereference or SSRF in forward proxy configurations _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
Oracle9: ELSA-2023-1670: httpd and mod_http2 Important Security Update
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Summary
httpd [2.4.53-7.0.1.5] - Replace index.html with Oracle's index page oracle_index.html. [2.4.53-7.5] - Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy mod_http2 [1.15.19-3.5] - Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy [1.15.19-3] - Resolves: #2066311 - CVE-2021-44224 httpd: possible NULL dereference or SSRF in forward proxy configurations
SRPMs
https://oss.oracle.com/ol9/SRPMS-updates//httpd-2.4.53-7.0.1.el9_1.5.src.rpm https://oss.oracle.com/ol9/SRPMS-updates//mod_http2-1.15.19-3.el9_1.5.src.rpm
x86_64
httpd-2.4.53-7.0.1.el9_1.5.x86_64.rpm httpd-core-2.4.53-7.0.1.el9_1.5.x86_64.rpm httpd-devel-2.4.53-7.0.1.el9_1.5.x86_64.rpm httpd-filesystem-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-manual-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-tools-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_http2-1.15.19-3.el9_1.5.x86_64.rpm mod_ldap-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_lua-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_proxy_html-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_session-2.4.53-7.0.1.el9_1.5.x86_64.rpm mod_ssl-2.4.53-7.0.1.el9_1.5.x86_64.rpm
aarch64
httpd-2.4.53-7.0.1.el9_1.5.aarch64.rpm httpd-core-2.4.53-7.0.1.el9_1.5.aarch64.rpm httpd-devel-2.4.53-7.0.1.el9_1.5.aarch64.rpm httpd-filesystem-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-manual-2.4.53-7.0.1.el9_1.5.noarch.rpm httpd-tools-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_http2-1.15.19-3.el9_1.5.aarch64.rpm mod_ldap-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_lua-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_proxy_html-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_session-2.4.53-7.0.1.el9_1.5.aarch64.rpm mod_ssl-2.4.53-7.0.1.el9_1.5.aarch64.rpm
i386
Severity
Related CVEs:
CVE-2023-25690
News
HOWTOs
About Us
Powered By
