Release date:
2026-06-23 11:06:39 UTC
Description:
- CVE-2026-44631: fix buffer underwrite in ap_regname() caused by signed char
regex capture-name offsets producing negative capture indices and corrupting
memory; cast the name-table offset bytes to unsigned char and reject
unreasonably large capture group numbers
Updated packages:
-
httpd-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:1ab5c3c20b518019456bd484d51ea2217a4fa374ad9332a4ac4c38d8a8983f13
-
httpd-core-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:5a7a174b3479fafb04ae0e60d15e0894efe841bd9438e343e158d72feef90443
-
httpd-devel-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:9f31c0f6289c8b61a58f49d3373467b256723337c44189a0b7915d62044525be
-
httpd-filesystem-2.4.53-11.el9_2.5.tuxcare.els20.noarch.rpm
sha:be529aa02c3be2cb3c8956679ade3b79d799cf696c055b9acb97eec6bc734bf6
-
httpd-manual-2.4.53-11.el9_2.5.tuxcare.els20.noarch.rpm
sha:ba977bdda9178c1732b26c2834c3c5dbc7672daaf59a80ba12bec91f4b8166a0
-
httpd-tools-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:12b0892de20947acf2ff5a5dbb44a0d79078ddd234dbaad4fb09be7ec6d5466f
-
mod_ldap-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:cec2a1cb3b3599d6f7468e66b03374236763a92aa95e3d3b4d2a6997b3e49709
-
mod_lua-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:ed35550cc259c0afb3fafb9626793e4a7193a3a55510c7071d5f56d7e7d58fdb
-
mod_proxy_html-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:2d300d5d99a43fa169a8a3dc7ad4dc6b75f58da6192991a58e8bf9978b5cadc0
-
mod_session-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:16c17decf1a1d08fb55f5ccfdbd827853c11d64ab9bfe83335c47c3cdf6eacd3
-
mod_ssl-2.4.53-11.el9_2.5.tuxcare.els20.x86_64.rpm
sha:8e21d80416bcaa6952e31b0558aac1b86b48b35856a10189d06f8872e3bfbe63
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.