[CLSA-2026:1778612609] httpd: Fix of 8 CVEs
Type:
security
Severity:
Important
Release date:
2026-05-12 19:03:35 UTC
Description:
- CVE-2026-24072: use AP_EXPR_FLAG_RESTRICTED in htaccess - CVE-2026-29169: mod_dav_lock: use the right dav_lock_discovery - CVE-2026-33006: mod_auth_digest: use apr_crypto_equals - CVE-2026-33007: mod_authn_socache: validate URL earlier - CVE-2026-33523: scan outgoing status line for newlines and controls - CVE-2026-33857: fix length checks in AJP msg_get functions - CVE-2026-34032: fix ajp_msg_get_string buffer checks - CVE-2026-34059: fix ajp_parse_data message len check
Updated packages:
  • httpd-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:e6056b34db4cc15caf80d7a56bb0fbc5fd665d97044ded3268f988a2995cf558
  • httpd-core-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:fef30a6534dbce227ca16e93251743484819e469fd76277c21a7599e1a17e828
  • httpd-devel-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:2012274115ca339d623a51dd0d0e93326135e41db1e4e42cd1074c72527675dd
  • httpd-filesystem-2.4.53-11.el9_2.5.tuxcare.els12.noarch.rpm
    sha:c5f15820f0704983d0cc5223dff49a9898f362b13abaa877b5b08cabb310523d
  • httpd-manual-2.4.53-11.el9_2.5.tuxcare.els12.noarch.rpm
    sha:1d5067703e96d6d617024cb1ff912a0f51a48d92712ee2e0d5edc277320930fb
  • httpd-tools-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:bc5d0301ef0521dfd02b0147afbb632d99978819afe5d1f072e8ccd19518353b
  • mod_ldap-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:6332844a301f26e934fb42ff050c16d22699ad2cf59c445497c85fb40825e108
  • mod_lua-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:edf6964784829b52b75831963ada65f9f5de535ac1c3ce1e1d04d807877b3bfc
  • mod_proxy_html-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:57e2b739863ebe13ae50c6847d3e64c0c4a36ff58796f5d79a0a538bd06031dd
  • mod_session-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:517bbf8f80d07899d26d460d9c946b7f6d0594c42e375d8271629ce58d90da87
  • mod_ssl-2.4.53-11.el9_2.5.tuxcare.els12.x86_64.rpm
    sha:dc0f80b74b45d9aacfa6a2ad4b16374898b9895a412c11812fb72a81d5cb9aa5
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.