[CLSA-2026:1782987193] Fix CVE(s): CVE-2026-44186
Type:
security
Severity:
Important
Release date:
2026-07-03 11:05:51 UTC
Description:
* SECURITY UPDATE: infinite loop in mod_proxy_ftp Retry-After parsing - debian/patches/CVE-2026-44186.patch: advance the scan pointer while searching for the delta-seconds digit in an FTP error response Retry-After header in modules/proxy/mod_proxy_ftp.c so the loop terminates instead of spinning forever - CVE-2026-44186
CVEs fixed:
Updated packages:
  • apache2_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:6cbacce5e595dca4655400709972d35ae75d0729
  • apache2-bin_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:dff96809912bda4ab92b86d120e58b3caf5aebaa
  • apache2-data_2.4.59-1~deb10u1+tuxcare.els9_all.deb
    sha:ef8d19e93c30b88cd095a7d1911549f0014a074e
  • apache2-dev_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:29c63fbcb3b80b774fd30f5ae0fc38a50c5168ac
  • apache2-doc_2.4.59-1~deb10u1+tuxcare.els9_all.deb
    sha:402cc310673ba858810661adc569cd39828bc247
  • apache2-ssl-dev_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:8610fc667984eb019a1d8fe586b4c5a45cd3d07f
  • apache2-suexec-custom_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:b9b94f14c729142ffb0f9935b3ae2bf5c5e416ba
  • apache2-suexec-pristine_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:ed290f1e39d7ad7715cb04397c1688b6fd985c9c
  • apache2-utils_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:c8f0bb6271f7edc460351d47bcf6484512bc4228
  • libapache2-mod-md_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:198725309dcef8b93af25bbfa8fde9b0bc8857a8
  • libapache2-mod-proxy-uwsgi_2.4.59-1~deb10u1+tuxcare.els9_amd64.deb
    sha:6a4c61a2ebe36b407237d58b553cdb6d68f42900
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.