Release date:
2023-01-30 20:41:19 UTC
Description:
* SECURITY UPDATE: possible HTTP request smuggling in the mod_proxy_ajp
- debian/patches/CVE-2022-36760.patch: ensure connection closure for an
invalid Transfer-Encoding header, to prevent HTTP request smuggling
attack with an AJP proxy
- CVE-2022-36760
Updated packages:
-
apache2_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb
sha:c79c166e7ea0124cb07f04d77b89f89bd4c12788
-
apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb
sha:a64e03ee14cc065d5572af7c0812d6c3a895dcc1
-
apache2-data_2.4.18-2ubuntu3.17+tuxcare.els8_all.deb
sha:6924d231c6b911d3a5201251b0feeeace4618e22
-
apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb
sha:12a21147ff6f013678f3060a9b5a65aa17ff6044
-
apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els8_all.deb
sha:1de667ffe573d6aad1eca4505587a0cdfbda20a6
-
apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb
sha:5641868a01893e6ebc1c4ee70aee0dc1816e3527
-
apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb
sha:b767e39c41497f960c581366545c25b4976c839e
-
apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb
sha:955d5199b39142dd60a50c19a13c49457ea4131f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
