Release date:
2026-06-24 10:03:08 UTC
Description:
* SECURITY UPDATE: mod_xml2enc heap-based buffer overflow via xml2StartParse with untrusted content
- debian/patches/CVE-2026-42536.patch: mod_xml2enc heap-based buffer overflow via xml2StartParse with untrusted content
- CVE-2026-42536
* SECURITY UPDATE: mod_proxy_ftp cross-site scripting in HTML directory list generation
- debian/patches/CVE-2026-29170.patch: mod_proxy_ftp cross-site scripting in HTML directory list generation
- CVE-2026-29170
* SECURITY UPDATE: mod_ldap use-after-free in per-directory configuration
- debian/patches/CVE-2026-29167.patch: mod_ldap use-after-free in per-directory configuration
- CVE-2026-29167
* SECURITY UPDATE: mod_dav_fs path handling allows direct manipulation of trusted DAV property databases
- debian/patches/CVE-2026-42535.patch: mod_dav_fs path handling allows direct manipulation of trusted DAV property databases
- CVE-2026-42535
* SECURITY UPDATE: mod_proxy_html buffer overflow allowing attack by an untrusted backend
- debian/patches/CVE-2026-34355.patch: mod_proxy_html buffer overflow allowing attack by an untrusted backend
- CVE-2026-34355
Updated packages:
-
apache2_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:a037a52ebc7d1f782b930520fe1f76c39c35c1d5
-
apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:d7cb9bdd02f50e3af28f0c3d5a8a8a5c7d5e5d93
-
apache2-data_2.4.29-1ubuntu4.27+tuxcare.els10_all.deb
sha:5ed37555d4c910efeedbea482c025cc3afc56d5d
-
apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:5eb8ff3274507e8464a715f07bd875f82b8ccc1a
-
apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els10_all.deb
sha:6d404e9e3749dc35786a8e696eb36c9c7e67438e
-
apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:b30e82002c674947769f09ccdc4b47013b5d1c66
-
apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:c79223ad3b6a3fd2673c31339813f0a8c5268a31
-
apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:6e5410bda3d4a52a94fcb0ab119c5deffe3142d7
-
apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
sha:95427697e6c55c731dfc23de3fe56813a0dcafb8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.