Release date:
2025-09-16 15:10:19 UTC
Description:
- CVE-2024-47252: escape characters are now properly handled in mod_ssl to
prevent untrusted SSL/TLS clients from inserting escape characters into log
files
- CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP
desynchronisation attack
Updated packages:
-
httpd-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:e8da0596686570b95cf316549c78e214969715564ed2d1667d382566e0765308
-
httpd-devel-2.2.15-72.el6.tuxcare.els10.i686.rpm
sha:5854fe9962efe955e66d26854fa9f3cdd10fab881ac88ab99a68a2460547fdc1
-
httpd-devel-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:f8719fa3a735dac87c82d0848d9e5101697fcb008cc02ff8b91867fb75526511
-
httpd-manual-2.2.15-72.el6.tuxcare.els10.noarch.rpm
sha:7234c37ecde584163a7ad76319b27ab42b358aff2db0f192bec46035f8f09a6c
-
httpd-tools-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:365d0bc269a831c504ee7a855a792ffb181e8ac59ac13d344d8dafe526aa5e74
-
mod_ssl-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:d5de63ef9bb1096a2dd031e37cb8b2deb3e02a55c83393b58c9457571853ba7f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
