httpd:2.4 security and bug fix update

🗓️ 22 Feb 2023 00:00:00Reported by OracleLinuxType

oraclelinux

oraclelinux🔗 linux.oracle.com👁 65 Views

httpd 2.4 update with security and bug fixe

Reporter	Title	Published	Views	Family All 314
FreeBSD	Apache httpd -- Multiple vulnerabilities	17 Jan 202300:00	–	freebsd
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache HTTP Server affect Cloud Pak System (CVE-2006-20001)	31 Mar 202316:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server affect WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On	9 Mar 202302:58	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	30 Mar 202315:19	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server is vulnerable to multiple vulnerabilities due to the included Apache HTTP Server and Apache Portable Runtime	28 Feb 202301:58	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server	30 Mar 202318:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Aspera Console 3.4.2 PL7 has addressed multiple vulnerabilities (CVE-2022-37436, CVE-2021-34798)	23 Feb 202417:40	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001)	2 Mar 202320:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001]	3 Mar 202306:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting and denial of service attacks (CVE-2022-37436, CVE-2006-20001)	19 Apr 202315:11	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
oracle linux	8	src	httpd	2.4.37-51.0.1.module	httpd-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.src.rpm
oracle linux	8	src	mod_http2	1.15.7-5.module	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.src.rpm
oracle linux	8	src	mod_md	2.0.8-8.module	mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm
oracle linux	8	aarch64	httpd	2.4.37-51.0.1.module	httpd-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.aarch64.rpm
oracle linux	8	aarch64	httpd-devel	2.4.37-51.0.1.module	httpd-devel-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.aarch64.rpm
oracle linux	8	noarch	httpd-filesystem	2.4.37-51.0.1.module	httpd-filesystem-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.noarch.rpm
oracle linux	8	noarch	httpd-manual	2.4.37-51.0.1.module	httpd-manual-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.noarch.rpm
oracle linux	8	aarch64	httpd-tools	2.4.37-51.0.1.module	httpd-tools-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.aarch64.rpm
oracle linux	8	aarch64	mod_http2	1.15.7-5.module	mod_http2-1.15.7-5.module+el8.6.0+20548+01710940.aarch64.rpm
oracle linux	8	aarch64	mod_ldap	2.4.37-51.0.1.module	mod_ldap-2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1.aarch64.rpm

22 Feb 2023 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 3.19

EPSS0.00539

SSVC

httpd security update bug fix oracle mod_dav mod_proxy cve-2006-20001 cve-2022-37436 cve-2022-36760