[El-errata] ELSA-2013-0130 Low: Oracle Linux 5 httpd security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Sat Jan 12 08:29:51 PST 2013


Oracle Linux Security Advisory ELSA-2013-0130

https://rhn.redhat.com/errata/RHSA-2013-0130.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
httpd-2.2.3-74.0.1.el5.i386.rpm
httpd-devel-2.2.3-74.0.1.el5.i386.rpm
httpd-manual-2.2.3-74.0.1.el5.i386.rpm
mod_ssl-2.2.3-74.0.1.el5.i386.rpm

x86_64:
httpd-2.2.3-74.0.1.el5.x86_64.rpm
httpd-devel-2.2.3-74.0.1.el5.i386.rpm
httpd-devel-2.2.3-74.0.1.el5.x86_64.rpm
httpd-manual-2.2.3-74.0.1.el5.x86_64.rpm
mod_ssl-2.2.3-74.0.1.el5.x86_64.rpm

ia64:
httpd-2.2.3-74.0.1.el5.ia64.rpm
httpd-devel-2.2.3-74.0.1.el5.ia64.rpm
httpd-manual-2.2.3-74.0.1.el5.ia64.rpm
mod_ssl-2.2.3-74.0.1.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/httpd-2.2.3-74.0.1.el5.src.rpm



Description of changes:

[2.2.3-74.0.1.el5]
- fix mod_ssl always performing full renegotiation (Joe Jin) [orabug 
12423387]
- replace index.html with Oracle's index page oracle_index.html
- update vstring and distro in specfile

[2.2.3-74]
- further %post scriptlet fix (#752618, #867736)

[2.2.3-73]
- fix %post scriptlet output (#752618, #867736)

[2.2.3-72]
- add security fix for CVE-2008-0456

[2.2.3-71]
- add security fix for CVE-2012-2687 (#850794)

[2.2.3-70]
- relax checks for status-line validity (#853128)

[2.2.3-69]
- mod_cache: fix header merging for 304 case, thanks to Roy Badami (#845532)
- correct CVE reference in old changelog entry (#849160)

[2.2.3-68]
- mod_ssl: add _userID DN variable suffix for NID_userId (#840036)
- fix handling of long chunk-line (#840845)
- omit %posttrans daemon restart if
    /etc/sysconfig/httpd-disable-posttrans exists (#833042)

[2.2.3-67]
- add server aliases to "httpd -S" output (#833043)
- LSB compliance fixes for init script (#783242)
- mod_ldap: add LDAPReferrals directive alias (#727342)

[2.2.3-66]
- check if localhost.key is valid (#752618)
- mod_proxy_ajp: honour ProxyErrorOverride (#767890)
- mod_ssl: fixed start with FIPS 140-2 mode enabled (#773473)





More information about the El-errata mailing list