httpd security update

2017-08-15T00:00:00
ID ELSA-2017-2479
Type oraclelinux
Reporter OracleLinux
Modified 2017-08-15T00:00:00

Description

[2.4.6-67.0.1.el7_4.2] - replace index.html with Oracle's index page oracle_index.html [2.4.6-67.2] - Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass - Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference - Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread - Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread - Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest