Release date:
2024-09-03 16:51:44 UTC
Description:
- CVE-2023-38709: faulty input validation in the core of Apache allows
malicious or exploitable backend/content generators to split HTTP responses
- CVE-2024-24795: HTTP response splitting in multiple modules allows an
attacker that can inject malicious response headers into backend applications
to cause an HTTP desynchronization attack
Updated packages:
-
httpd-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:320f7a84d95412f2147d506143220656e6a7fec0aa4ac60f60c9423a3a83d5eb
-
httpd-devel-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:ec7feabba6a902ae9dc83a46961d61b809c96eab952748d8c4f4e1ea35dcebf8
-
httpd-manual-2.4.6-99.el7.1.tuxcare.els6.noarch.rpm
sha:695527ab326592b54d5dcf8e380650c00f746ec9aaf68332fe39370c6f96ef10
-
httpd-tools-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:020779c6a04a05d325787a9e4ab7cbb03d54129265a62303fdb69475a19a27de
-
mod_ldap-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:848a32e7936455e2632bc92087d0f79a6a7c5c0215d774e88b1d65e159143812
-
mod_proxy_html-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:2a9419c7a9b02b0d668dc666754195b5e95af08f29d0fcd989bbe6ac499f287a
-
mod_session-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:f894ea65d86be3d6a6d25910afe0c109a4ceb057a0980e5c536e59b83d1969b1
-
mod_ssl-2.4.6-99.el7.1.tuxcare.els6.x86_64.rpm
sha:770f5bdf331e2746d7d8eacde65a2bfb7cf1d7c24de0c32a43dc0c16ac2ca353
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
