Release date:
2024-11-21 13:11:55 UTC
Description:
- CVE-2023-38709: faulty input validation in the core of Apache allows
malicious or exploitable backend/content generators to split HTTP responses
- CVE-2024-24795: HTTP response splitting in multiple modules allows an
attacker that can inject malicious response headers into backend applications
to cause an HTTP desynchronization attack
Updated packages:
-
httpd-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:afe0110a0006003e9dec3af074966b7519546374bfebe695cd104278cc83106b
-
httpd-core-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:d6c9570f0ef3dfdebe5e08f867f8660bab2a0309553a8b30c8c3b8fff55da8c2
-
httpd-devel-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:246b7c2717af5fe6af395f2727584874b32db009f7c83c0d532d59bd0f3fdc46
-
httpd-filesystem-2.4.53-11.el9_2.5.tuxcare.els4.noarch.rpm
sha:d8697f1195086b3731679e7717942c7731f4f6d7c75e8641680873efcc2c89bb
-
httpd-manual-2.4.53-11.el9_2.5.tuxcare.els4.noarch.rpm
sha:fcd66362c062c17a81a33e16fb4d9f27dcc5feabf172d0fc4fed80e857ec41e0
-
httpd-tools-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:cb6588c815f1ac8db81d62ed051ca000509c6a31807271b62dc709878e846b3c
-
mod_ldap-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:87cdd099c97a22432e24a3643addbf9d8796684688add8ec8bada5f0ae85be44
-
mod_lua-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:ee56f199454a5823d1ab82ac4df45c2b3b0801b8eb46d0e5dd1bb37106cde522
-
mod_proxy_html-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:cf1ecb9657b548d8b7a8c7e290021083f9eb4cdabc44d04c6a61483c2f56499c
-
mod_session-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:4233a739f7f518a49ff31a0b1a31e0ca6a075b337b357c3d79a6ad7dee49ce29
-
mod_ssl-2.4.53-11.el9_2.5.tuxcare.els4.x86_64.rpm
sha:db961dfe640fd753a50a8bcaa549a67fd5c9df6524d77b466cba1bec5e607e61
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
