Description:
- CVE-2022-26377: mod_proxy_ajp: fix HTTP request smuggling
- CVE-2022-28615: fix possible out-of-bounds read in ap_strcmp_match()
- CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what
the original request hostname was, and so send X-Forwarded-* headers correctly
Updated packages:
-
httpd-devel-2.2.15-72.el6.tuxcare.els5.i686.rpm
sha:c257d1b5bc7d8fafd6c32b53347658196e3c19a3
-
httpd-manual-2.2.15-72.el6.tuxcare.els5.noarch.rpm
sha:8d0e9902c2c4b0318dd0fbb61f145dbe5503284d
-
httpd-tools-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:dc736ed2cdbbd77549751c07a4bfcac139c943d2
-
httpd-devel-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:1c9334cd72eae5abc6e99f0a822a56c84a185aa1
-
mod_ssl-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:4b7f5721b6095900de27b45ae9bddec864ec713a
-
httpd-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:c1947ce43bb49c2cde0a74f239ae6feea2cc37f4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
