[El-errata] ELSA-2017-2478 Important: Oracle Linux 6 httpd security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Aug 15 17:55:59 PDT 2017
Oracle Linux Security Advisory ELSA-2017-2478
http://linux.oracle.com/errata/ELSA-2017-2478.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
httpd-2.2.15-60.0.1.el6_9.5.i686.rpm
httpd-devel-2.2.15-60.0.1.el6_9.5.i686.rpm
httpd-manual-2.2.15-60.0.1.el6_9.5.noarch.rpm
httpd-tools-2.2.15-60.0.1.el6_9.5.i686.rpm
mod_ssl-2.2.15-60.0.1.el6_9.5.i686.rpm
x86_64:
httpd-2.2.15-60.0.1.el6_9.5.x86_64.rpm
httpd-devel-2.2.15-60.0.1.el6_9.5.i686.rpm
httpd-devel-2.2.15-60.0.1.el6_9.5.x86_64.rpm
httpd-manual-2.2.15-60.0.1.el6_9.5.noarch.rpm
httpd-tools-2.2.15-60.0.1.el6_9.5.x86_64.rpm
mod_ssl-2.2.15-60.0.1.el6_9.5.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/httpd-2.2.15-60.0.1.el6_9.5.src.rpm
Description of changes:
[2.2.15-60.0.1.5]
- replace index.html with Oracle's index page oracle_index.html
- update vstring in specfile
[2.2.15-60.5]
- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw()
authentication bypass
- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection
in mod_auth_digest
More information about the El-errata
mailing list