Release date:
2026-01-21 16:45:47 UTC
Description:
- CVE-2025-66200: don't use request notes for suexec, stop accepting the
obscure "note" option in RequestHeader
- CVE-2025-65082: fix precedence of envvars from HTTP headers and Apache
configuration
Updated packages:
-
httpd-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:e720b4eb4bf3ffb50a765300f33a175c880910b935dba13edd4ee5e9d36fc202
-
httpd-devel-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:6d9a08d755dfaa6b5b8ac3f1902592ab88a71c0aecfce1fb2422e38cbadc1697
-
httpd-filesystem-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.noarch.rpm
sha:77918222d70f797096a3b4bb510e0061c3de4b11d77b0ee948dc45c300873354
-
httpd-manual-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.noarch.rpm
sha:c8270b0b08f72eca160e009b085dc98a28d214faa052a4dfc48ecacbe6fb73a1
-
httpd-tools-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:92310dc9cc536d2213251decb9860bacb251f38db0b12bffb84520582737ebe4
-
mod_ldap-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:ab4f70244137d140b1cf25fca4435bd942a63cbedf6764ed5bd27a4f67b23dcf
-
mod_proxy_html-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:a6f4fc0af4a59dabb653ceaf032ca781ade379ab2a9ebce9e3afd4ed0de9e56c
-
mod_session-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:beba06e3a72b1d0b228194bcb2bc1eb36959e387528b2f9be66a34b9924051b4
-
mod_ssl-2.4.37-43.module_el8.5.0+2337+1762e49d.tuxcare.els17.x86_64.rpm
sha:7a7ec5d7427db6ce5ae4a02ffce7077fffbf5a5cc13178767b439530cee1081f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
