[CLSA-2026:1782137198] httpd: Fix of CVE-2026-44185
Type:
security
Severity:
Important
Release date:
2026-06-22 14:06:54 UTC
Description:
- CVE-2026-44185: mod_ssl OCSP send_request - advance wbuf by the number of bytes actually sent (wlen) instead of the full remaining length
CVEs fixed:
Updated packages:
  • httpd-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:e936adf8bd2e75a759a67d73f6d5a787a2418fdecd4f036769b1a2637c835986
  • httpd-core-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:d5eed73fb68f5131da69d8d1720edc8cd5477e9725e974862abee822434ddc3d
  • httpd-devel-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:68a58c78c01f1b3755c637665d0db47fcb4066fc968c2180ba6ae3b0c1ebac86
  • httpd-filesystem-2.4.53-11.el9_2.5.tuxcare.els16.noarch.rpm
    sha:936c7cf2975c4440a76797ee60aa2cbc6463b99198b9222db45cce38f6c4a457
  • httpd-manual-2.4.53-11.el9_2.5.tuxcare.els16.noarch.rpm
    sha:6c477113b95f6d92c3f29450a80c2b55cf8b26c5fa858d8d7d63ccc947aa2d53
  • httpd-tools-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:d4731e7167d23002db7fe5ab915b8cc2b23d384bbe3afda5abf1804bce1d7ee3
  • mod_ldap-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:d448822aa09fc2fe3ca153e22fc785453ddf2c6b9e25d277957ab730314dc1c1
  • mod_lua-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:0c53b6c2c8ec106297550300f5231d54517248ed2edf5a5e5fc3d68d1138c4a5
  • mod_proxy_html-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:952e071c61dce85e93ce879440d3d2ed60ce828b5423deab2368f098a2269cac
  • mod_session-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:1d6a073587a3ac4fa79aa20f0a8dc63f092d86ea53552afd038bc0d55d7c4a7a
  • mod_ssl-2.4.53-11.el9_2.5.tuxcare.els16.x86_64.rpm
    sha:0bfb2bf142fb19350728f77dcb2bfcb3f7674011c8d4099862b8b51b1dabf207
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.