Release date:
2026-06-12 10:24:20 UTC
Description:
- CVE-2026-49975: fix HTTP/2 memory exhaustion (HTTP/2 Bomb) by counting merged
cookie headers against LimitRequestFields
Updated packages:
-
mod_http2-2.0.26-4.el9_6.1.tuxcare.els3.x86_64.rpm
sha:ded375813081a1f2c94f5c406897ee53245d6ea3c44f4ed942eff77f0ad15b71
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
