Oracle Linux Security Advisory ELSA-2025-23932 http://linux.oracle.com/errata/ELSA-2025-23932.html
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: httpd-2.4.63-4.0.1.el10_1.3.x86_64.rpm httpd-core-2.4.63-4.0.1.el10_1.3.x86_64.rpm httpd-devel-2.4.63-4.0.1.el10_1.3.x86_64.rpm httpd-filesystem-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-manual-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-tools-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_ldap-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_lua-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_proxy_html-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_session-2.4.63-4.0.1.el10_1.3.x86_64.rpm mod_ssl-2.4.63-4.0.1.el10_1.3.x86_64.rpm aarch64: httpd-2.4.63-4.0.1.el10_1.3.aarch64.rpm httpd-core-2.4.63-4.0.1.el10_1.3.aarch64.rpm httpd-devel-2.4.63-4.0.1.el10_1.3.aarch64.rpm httpd-filesystem-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-manual-2.4.63-4.0.1.el10_1.3.noarch.rpm httpd-tools-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_ldap-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_lua-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_proxy_html-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_session-2.4.63-4.0.1.el10_1.3.aarch64.rpm mod_ssl-2.4.63-4.0.1.el10_1.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/httpd-2.4.63-4.0.1.el10_1.3.src.rpm Related CVEs: CVE-2025-58098 CVE-2025-65082 CVE-2025-66200 Description of changes: [2.4.63-4.0.1.3] - Replace index.html with Oracle's index page oracle_index.html. [2.4.63-4.3] - Resolves: RHEL-135052 - httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo (CVE-2025-66200) - Resolves: RHEL-135035 - httpd: Apache HTTP Server: CGI environment variable override (CVE-2025-65082) - Resolves: RHEL-134467 - httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... (CVE-2025-58098) [2.4.63-4.2] - Resolves: RHEL-125894 - mod_ssl: allow more fine grained SSL SNI vhost check to avoid unnecessary 421 errors after CVE-2025-23048 fix _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
