Release date:
2025-09-16 14:00:11 UTC
Description:
- CVE-2024-47252: escape characters are now properly handled in mod_ssl to
prevent untrusted SSL/TLS clients from inserting escape characters into log
files
- CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP
desynchronisation attack
Updated packages:
-
httpd-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:678c01c37733f25d2457623eb8389874950882cc29be518836a6c02555a29575
-
httpd-devel-2.2.15-72.el6.tuxcare.els10.i686.rpm
sha:b53bee366b1aa0aca6de0884fa402b88e60ad245585775c59c79c8e62e1444de
-
httpd-devel-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:36f3d9128888ff54f1de686bacab8b84ed6e61d685776449a103df6fdf7f6dab
-
httpd-manual-2.2.15-72.el6.tuxcare.els10.noarch.rpm
sha:0637fec74ec0340d5bea9472a50b0d99b7cb4a38f0fec8435516a81f8b3f6efa
-
httpd-tools-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:bbb4634c58fb7d3d1734bc434faa64f5ce7bdbf023a4cfff0c0a423affdc265b
-
mod_ssl-2.2.15-72.el6.tuxcare.els10.x86_64.rpm
sha:f9e556a2e983bc1b57e628e0fe1fcf29358b155f8e480405608c1ef664be2bce
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
