Release date:
2024-09-03 16:49:46 UTC
Description:
- CVE-2023-38709: faulty input validation in the core of Apache allows
malicious or exploitable backend/content generators to split HTTP responses
- CVE-2024-24795: HTTP response splitting in multiple modules allows an
attacker that can inject malicious response headers into backend applications
to cause an HTTP desynchronization attack
Updated packages:
-
httpd-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:fdb737448bce0d46aa8659b000293c1945dedfb27d2f2ee540c3e1230e2652f7
-
httpd-devel-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:1c9196bba5d2f3ef0cceab961a60fdbc5e505269cb1790cbe82303e6c507db5a
-
httpd-manual-2.4.6-99.el7.centos.1.tuxcare.els6.noarch.rpm
sha:9b46055e5a4516de55a05d9e3944593172aac762349c27c6a79ff4abd2846780
-
httpd-tools-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:11bec23f36a45ea26437c1042ae97c1aafb05eefeb7ac733ba2b4a628a295ea6
-
mod_ldap-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:2ba75ddcce763889db7da85f5ba003b62ce119662b91a00e7121acff3ef0d298
-
mod_proxy_html-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:f5e91f31141db1452fd0f6cda7b9db1cf68e63fcf32ac514b93480d7b070354a
-
mod_session-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:594c9fac228ad238203a1b3c5e82fe07e2faa08445ef73f73e40334092d6fcfe
-
mod_ssl-2.4.6-99.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:3593e8b91cee88920c8f6bda1c27a762cdd2b8a55286970c8d4bdb8e4fa6622d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
