[CLSA-2026:1782295363] Fix of 5 CVEs
Type:
security
Severity:
Critical
Release date:
2026-06-24 10:03:08 UTC
Description:
* SECURITY UPDATE: mod_xml2enc heap-based buffer overflow via xml2StartParse with untrusted content - debian/patches/CVE-2026-42536.patch: mod_xml2enc heap-based buffer overflow via xml2StartParse with untrusted content - CVE-2026-42536 * SECURITY UPDATE: mod_proxy_ftp cross-site scripting in HTML directory list generation - debian/patches/CVE-2026-29170.patch: mod_proxy_ftp cross-site scripting in HTML directory list generation - CVE-2026-29170 * SECURITY UPDATE: mod_ldap use-after-free in per-directory configuration - debian/patches/CVE-2026-29167.patch: mod_ldap use-after-free in per-directory configuration - CVE-2026-29167 * SECURITY UPDATE: mod_dav_fs path handling allows direct manipulation of trusted DAV property databases - debian/patches/CVE-2026-42535.patch: mod_dav_fs path handling allows direct manipulation of trusted DAV property databases - CVE-2026-42535 * SECURITY UPDATE: mod_proxy_html buffer overflow allowing attack by an untrusted backend - debian/patches/CVE-2026-34355.patch: mod_proxy_html buffer overflow allowing attack by an untrusted backend - CVE-2026-34355
Updated packages:
  • apache2_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:a037a52ebc7d1f782b930520fe1f76c39c35c1d5
  • apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:d7cb9bdd02f50e3af28f0c3d5a8a8a5c7d5e5d93
  • apache2-data_2.4.29-1ubuntu4.27+tuxcare.els10_all.deb
    sha:5ed37555d4c910efeedbea482c025cc3afc56d5d
  • apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:5eb8ff3274507e8464a715f07bd875f82b8ccc1a
  • apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els10_all.deb
    sha:6d404e9e3749dc35786a8e696eb36c9c7e67438e
  • apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:b30e82002c674947769f09ccdc4b47013b5d1c66
  • apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:c79223ad3b6a3fd2673c31339813f0a8c5268a31
  • apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:6e5410bda3d4a52a94fcb0ab119c5deffe3142d7
  • apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els10_amd64.deb
    sha:95427697e6c55c731dfc23de3fe56813a0dcafb8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.