Release date:
2025-10-29 14:11:50 UTC
Description:
* SECURITY UPDATE: null pointer dereference in mod_proxy
- debian/patches/CVE-2024-38477.patch: validate hostname in
modules/proxy/proxy_util.c. Restart from the original URL
on reconnect in modules/http2/mod_proxy_http2.c.
- CVE-2024-38477
Updated packages:
-
apache2_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:d83e4564fc823504bdeba508d2019eaeba290fb3
-
apache2-bin_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:246e02afdd5946df6c2fe12d53051eb5e4a15342
-
apache2-data_2.4.59-1~deb10u1+tuxcare.els3_all.deb
sha:3ee2d1d74a9695141e75e9545066f859a7a54342
-
apache2-dev_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:dd87ce92ea3d426433c572e334b4ec6386ea2b9c
-
apache2-doc_2.4.59-1~deb10u1+tuxcare.els3_all.deb
sha:78c4eab1978adec52c7852492151c2637df0050c
-
apache2-ssl-dev_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:cf1694d0862bc5edfb5de855bbe4f6da573ec7a4
-
apache2-suexec-custom_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:51d40dc91bc5335bafbff5da74cbd57426aeeba8
-
apache2-suexec-pristine_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:541d091b57ed8de95aa8ae8f7c43ec603119d01b
-
apache2-utils_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:f6b89ecf4f9be6078c80ae87062a762c2fa054cf
-
libapache2-mod-md_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:5507831b6565f403131645702831a2c8186b4389
-
libapache2-mod-proxy-uwsgi_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb
sha:55fddff6effef7bb7dc3b3b8845f8ba2fe0501e8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
