Release date:
2026-06-11 20:29:57 UTC
Description:
- CVE-2026-29167: fix mod_ldap use-after-free with per-directory LDAP config
- CVE-2026-29170: fix mod_proxy_ftp XSS in generated FTP directory listings
- CVE-2026-34355: fix mod_proxy_html buffer overflow via ap_varbuf API migration
- CVE-2026-34356: fix mod_proxy heap buffer overflow in ProxyPassReverseCookie* handling
- CVE-2026-42535: fix mod_dav_fs path handling allowing manipulation of DAV property databases
- CVE-2026-42536: fix mod_xml2enc heap buffer overflow in xml2StartParse accounting
Updated packages:
-
httpd-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:d40c958452e1bb9693a65b3f4a4a1610183eccb84ff17cdbe1ae67300d827df1
-
httpd-devel-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:8feca01d459ed98d8abde399d06f08e788e7cc87b242edba199c05001f12bd18
-
httpd-filesystem-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.noarch.rpm
sha:fa41962ff1131239c46d4769c7460922113cebdc3eb8d3d54abd6e61d1717684
-
httpd-manual-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.noarch.rpm
sha:e40f9ab4bd001e7aec6dc0dfe497c047777b57d381edbe41778704e038b8fa75
-
httpd-tools-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:3e1b08616310e5eee502605782d96f8223bddfe0afbe8a4ad15c2a922466556a
-
mod_ldap-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:900bfb2c08f2e487ec5288bab82482ccce6448713652ac5d632eaf08224ed270
-
mod_proxy_html-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:65ea37e8a730ab9393e24f88c4a2c5a94278f763cad85c87f67aeadc0d1d6acd
-
mod_session-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:56673d218bed861cd28cefc49720a68e4abf2bdc1617928ea786e8d7306bfec2
-
mod_ssl-2.4.37-43.module_el8.5.0+2423+fb27f08c.tuxcare.els19.x86_64.rpm
sha:89f5b7593b2343b9a3c1a56518e823d648bb3803f0bd11f1fee6e4e14ab564d3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
