ELSA-2022-8067 -- Oracle httpd_mod_ldap_mod_lua_mod_proxy_html_mod_session_mod_sslID: oval:org.secpod.oval:def:87150 | Date: (C)2023-02-02 (M)2024-01-29 |
Class: PATCH | Family: unix |
[2.4.53-7.0.1] - Replace index.html with Oracles index page oracle_index.html. [2.4.53-7] - Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling - Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match - Resolves: #2098248 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097016 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite - Resolves: #2097452 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody - Resolves: #2097459 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability - Resolves: #2097481 - CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets [2.4.53-6] - Related: #2065677 - httpd minimisation for ubi-micro [2.4.53-5] - Resolves: #2098056 - mod_ldap: High CPU usage at apr_ldap_rebind_remove [2.4.53-4] - Resolves: #2095838 - mod_mime_magic: invalid type 0 in mconvert [2.4.53-3] - Resolves: #2065677 - httpd minimisation for ubi-micro - minimize httpd dependencies - mod_systemd and mod_brotli are now packaged in the main httpd package [2.4.53-1] - new version 2.4.53 - Resolves: #2079939 - httpd rebase to 2.4.53 - Resolves: #2075406 - httpd.conf uses icon bomb.gif for all files/dirs ending with core [2.4.51-8] - Resolves: #2073459 - Cannot override LD_LIBARY_PATH in Apache HTTPD using SetEnv or PassEnv
Product: |
httpd |
mod_ldap |
mod_lua |
mod_proxy_html |
mod_session |
mod_ssl |