Release date:
2026-01-21 16:59:55 UTC
Description:
- CVE-2025-66200: don't use request notes for suexec, stop accepting the
obscure "note" option in RequestHeader
- CVE-2025-65082: fix precedence of envvars from HTTP headers and Apache
configuration
Updated packages:
-
httpd-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:454738606e721c532b8410ccda54a096ad04927d48dce9ea978234a6cb056da2
-
httpd-devel-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:d134fd360305164f40e906d510e5fd7333868a4e7295ae691f9cc376a7843a53
-
httpd-filesystem-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.noarch.rpm
sha:593a7c571a2c8670191ad5fda03af747fed0902e95e3625bb250c66d5a7d41cf
-
httpd-manual-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.noarch.rpm
sha:50fb5189813ba000c000053fab479ae1604217317fb59e0bd544378fe648ee12
-
httpd-tools-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:351ae0206e144aa1d0b9ff554e92fc462ab5b236fa278e93cfc30895d47186fb
-
mod_ldap-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:21eda31372ed98b5a9e56dedd46e99002cda5b7200cdfe5adec910e938918ce5
-
mod_proxy_html-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:4bd1dbcea2108db5afcfac59a7f542418e66c82e4bb2c46eb073ecf230898ef8
-
mod_session-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:44b9747fce44cc879cf210ccb5e135568ae2a8b7a817929647ed91e065680749
-
mod_ssl-2.4.37-39.module_el8.4.0+2336+18311509.1.tuxcare.els18.x86_64.rpm
sha:945f1a66a2065e290eb22144bcd9bf0fa387035d30224e633cd3aaf2ddc76d7e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
