Release date:
2025-08-27 19:52:40 UTC
Description:
* SECURITY UPDATE: denial of service attack caused by untrusted clients
triggering assertion in mod_proxy_http2
- debian/patches/CVE-2025-49630.patch: tolerate missing host header in h2
proxy to fix issue with HTTP/0.9 request without Host header
- CVE-2025-49630
Updated packages:
-
apache2_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:75944cc191ebd470d7206600c347db5034f8693e
-
apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:ec1ecc1bc1d9ae1438b07d6bf998c87f2a119e5f
-
apache2-data_2.4.29-1ubuntu4.27+tuxcare.els5_all.deb
sha:2eb0fddf12b7c1df62816077afba7199ffee1128
-
apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:234fa673b90d335c49b76f39a54fbdf87b17a678
-
apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els5_all.deb
sha:1910f37c41171e9fe10b67057602f13351520ffb
-
apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:d787e02cd4ed427e9064ff7873ec2ccda192515f
-
apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:cffc82aec0af839acd8fc474ccf97702c97289b0
-
apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:6448d8bac9b5c0e9ae3ef5cfd5b070f63b5d3a9e
-
apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb
sha:697a175a31a7e369fb26c65c9b555c6c9ddd7654
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
