[linux-sparc-announce] LFSSA-2016-0362 Important: Linux for SPARC 1.0 httpd security update
Announcements for Linux for SPARC
linux-sparc-announce at oss.oracle.com
Tue Jul 26 08:31:56 PDT 2016
Linux for SPARC Security Advisory LFSSA-2016-0362
The following updated rpms for Linux for SPARC 1.0 have been uploaded to
the yum.oracle.com:
sparc64:
httpd-2.2.15-54.0.1.el6_8.sparc64.rpm
httpd-devel-2.2.15-54.0.1.el6_8.sparc64.rpm
httpd-manual-2.2.15-54.0.1.el6_8.noarch.rpm
httpd-tools-2.2.15-54.0.1.el6_8.sparc64.rpm
mod_ssl-2.2.15-54.0.1.el6_8.sparc64.rpm
SRPMS:
http://yum.oracle.com/repo/linux_sparc64/latest/httpd-2.2.15-54.0.1.el6_8.src.rpm
Description of changes:
[2.2.15-54.0.1]
- replace index.html with Oracle's index page oracle_index.html
- update vstring in specfile
[2.2.15-54]
- add security fix for CVE-2016-5387
[2.2.15-53]
- core: fix possible long graceful restart caused by race condition between
httpd children processes (#1301758)
[2.2.15-52]
- core: fix crash when handling interim response from backend (#1298866)
[2.2.15-51]
- fix mod_rewrite external mapping program spawning (#1035230)
[2.2.15-50]
- mod_ssl: fix hardware crypto support with custom DH parms (#1291658)
[2.2.15-49]
- core: do not break API in AllowEncodedSlashes fix (#1002658)
[2.2.15-48]
- core: backport NoDecode option of AllowEncodedSlashes (#1002658)
- mod_authz_host: disallow the '#' character in allow, deny (#1179911)
- mod_ssl: fix memory leak on httpd reloads (#1236515)
- mod_proxy: fix regression caused inherited workers to use a different
scoreboard slot then the original one (#1252574)
- mod_rewrite: allow running external mapping program as non-root (#1035230)
- mod_reqtimeout: fix a timed out connection going into the keep-alive state
after a timeout when discarding a request body (#1213967)
- core: fix possible crash in SIGINT handling (#1233109)
- mod_ssl: extend SSLSessionCacheTimeout to sessions resumed by TLS
(#1190509)
- initscript: do not print error when stopping stopped httpd (#1189941)
- mod_ssl: fail for colons in credentials with FakeBasicAuth (#1027442)
- mod_proxy: add "proxy-flushall" env variable which reduces the impact
of caching 16K of the request body. (#952395)
- mod_ssl: Do not send SSL warning when SNI hostname is not found as per
RFC 6066 (#1289096)
More information about the linux-sparc-announce
mailing list