Release date:
2025-09-16 15:08:53 UTC
Description:
- CVE-2024-47252: escape user-supplied data in mod_ssl to prevent untrusted
SSL/TLS clients from inserting escape characters into log files
- CVE-2025-49812: remove support for TLS upgrade to prevent HTTP
desynchronisation attack
Updated packages:
-
httpd-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:f0a52c5ea85c9a1ec992ff839782aed72730e38fcbd28108e8e464ee065c7cc7
-
httpd-devel-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:2e8f1c6935b851294b12fcd9ba38c910276ec5d259fb4ac2802510fa93c69db3
-
httpd-manual-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.noarch.rpm
sha:74356fed90579e5d42cb41f889a8b22d3e30854c585c1c6ebbfe6c04af75ab7b
-
httpd-tools-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:edcc4db4ed3adeb3389e01ce24c222c94f0daa7fa45b939c9b4ea29a3bee551f
-
mod_ldap-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:ff51274a8fd6b0a89136dd366503e77a1a6153f01135b5f3b865c7f2ba15f4b3
-
mod_proxy_html-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:6ea9186431510ead037a36d1dede49d6ded14fc1699068e82378d94183a14f5d
-
mod_session-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:ab2c0ea56bf13deef948a20a98d5f7c8048f2044f7e07cb1e6124d52ee39b560
-
mod_ssl-2.4.6-99.0.5.el7.centos.1.tuxcare.els6.x86_64.rpm
sha:ecf45c00e890444eb812230f4785c0c6fc683f83e78a29d8bbced14f5593e808
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
