httpd:2.4 security update

🗓️ 25 Jan 2022 00:00:00Reported by OracleLinuxType

oraclelinux

oraclelinux🔗 linux.oracle.com👁 140 Views

httpd 2.4 security update with multiple CVE fixes and Oracle index.html replacemen

Reporter	Title	Published	Views	Family All 633
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2021-39275)	1 Oct 202102:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.0.1	16 Nov 202315:21	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-39275)	18 Oct 202106:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-39275, CVE-2021-40438, CVE-2021-34798)	8 Nov 202104:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server	29 Sep 202119:33	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-44790, CVE-2021-44224)	1 Apr 202210:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2021-44790)	2 Mar 202214:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-44790, CVE-2021-44224)	16 Mar 202208:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache HTTP (CVE-2021-34798 and CVE-2021-39275) affects Power HMC	30 May 202211:54	–	ibm
IBM Security Bulletins	Security Bulletin: Apache HTTP Server as used by IBM QRadar SIEM is vulnerable to buffer overflow and denial of service (CVE-2021-44790, CVE-2021-34798, CVE-2021-39275)	28 Feb 202217:37	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
oracle linux	8	src	httpd	2.4.37-43.0.1.module	httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.src.rpm
oracle linux	8	src	mod_http2	1.15.7-3.module	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm
oracle linux	8	src	mod_md	2.0.8-8.module	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm
oracle linux	8	aarch64	httpd	2.4.37-43.0.1.module	httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm
oracle linux	8	aarch64	httpd-devel	2.4.37-43.0.1.module	httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm
oracle linux	8	noarch	httpd-filesystem	2.4.37-43.0.1.module	httpd-filesystem-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm
oracle linux	8	noarch	httpd-manual	2.4.37-43.0.1.module	httpd-manual-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm
oracle linux	8	aarch64	httpd-tools	2.4.37-43.0.1.module	httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm
oracle linux	8	aarch64	mod_http2	1.15.7-3.module	mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.aarch64.rpm
oracle linux	8	aarch64	mod_ldap	2.4.37-43.0.1.module	mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm

25 Jan 2022 00:00Current

1.1Low risk

Vulners AI Score1.1

CVSS 27.5

CVSS 3.19.8

EPSS0.86227

httpd security update cve-2021-34798 cve-2021-39275 cve-2021-44790 oracle index.html mod_http2 concurrent pool