Lucene search

K
oraclelinuxOracleELSA-2013-0512
HistoryFeb 22, 2013 - 12:00 a.m.

httpd security, bug fix, and enhancement update

2013-02-2200:00:00
Oracle
linux.oracle.com
37

EPSS

0.928

Percentile

99.0%

[2.2.15-26.0.1.el6]

  • replace index.html with Oracle’s index page oracle_index.html
    update vstring in specfile
    [2.2.15-26]
  • htcacheclean: exit with code 4 also for ‘restart’ action (#805810)
    [2.2.15-25]
  • htcacheclean: exit with code 4 if nonprivileged user runs initscript (#805810)
  • rotatelogs: omit the second arg when invoking a post-rotate program (#876923)
    [2.2.15-24]
  • mod_ssl: improved patch for mod_nss fallback (w/mharmsen, #805720)
    [2.2.15-23]
  • mod_log_config: fix cookie parsing substring mismatch (#867268)
    [2.2.15-22]
  • mod_cache: fix header merging for 304 case, thanks to Roy Badami (#868283)
  • mod_cache: fix handling of 304 responses (#868253)
    [2.2.15-21]
  • mod_proxy_ajp: ignore flushing if headers have not been sent (#853160)
  • mod_proxy_ajp: do not mark worker in error state when one request
    timeouts (#864317)
  • mod_ssl: do not run post script if all files are already created (#752618)
    [2.2.15-20]
  • add htcacheclean init script (Jan Kaluza, #805810)
    [2.2.15-19]
  • mod_ssl: fall back on another module’s proxy hook if mod_ssl proxy
    is not configured. (#805720)
    [2.2.15-18]
  • add security fix for CVE-2012-2687 (#850794)
    [2.2.15-17]
  • mod_proxy: allow change BalancerMember state in web interface (#748400)
  • mod_proxy: Tone down ‘worker [URL] used by another worker’ warning (#787247)
  • mod_proxy: add support for ‘failonstatus’ option (#824571)
  • mod_proxy: avoid DNS lookup on hostname from request URI if
    ProxyRemote* is configured (#837086)
  • rotatelogs: create files even if they are empty (#757739)
  • rotatelogs: option to rotate files into a custom location (#757735)
  • rotatelogs: add support for -L option (#838493)
  • fix handling of long chunk-line (#842376)
  • add server aliases to ‘httpd -S’ output (#833092)
  • omit %posttrans daemon restart if
    /etc/sysconfig/httpd-disable-posttrans exists (#833064)
  • mod_ldap: treat LDAP_UNAVAILABLE as a transient error (#829689)
  • ab: fix double free when SSL request fails in verbose mode (#837613)
  • mod_cache: do not cache partial results (#822587)
  • mod_ldap: add LDAPReferrals directive alias (#796958)
  • mod_ssl: add _userID DN variable suffix for NID_userId (#842375)
  • mod_ssl: fix test for missing decrypted private keys, and ensure that
    the keypair matches (#848954)
  • mod_authnz_ldap: set AUTHORIZE_* variables in LDAP authorization (#828896)
  • relax checks for status-line validity (#853348)
    [2.2.15-16]
  • add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031,
    CVE-2011-3607 (#787599)
  • obviates fix for CVE-2011-3638, patch removed