Release date:
2026-05-21 10:27:46 UTC
Description:
- CVE-2026-28780: mod_proxy_ajp: heap-based buffer overflow in
ajp_msg_check_header() — message size check did not subtract
AJP_HEADER_LEN, letting a crafted AJP reply write 4 bytes past
the end of the heap buffer
Updated packages:
-
httpd-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:58fa7d8d504f0f0e1c8824accbfd8237d33bfd882b0a95096f1d726a70370d74
-
httpd-devel-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:d8fbeec8bbb193ed57fc27b547f3ca5ac2427f23ce3d1c21c5a9b9b475602dea
-
httpd-manual-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.noarch.rpm
sha:af9ea959f18488a281b1209cf4b9d2c72a38ebd397cf9ae9ffd6a6b2bddc0d7c
-
httpd-tools-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:363ebd75419a0a198600f860bb3032230578f6f00e35a27831012f3ac82fd129
-
mod_ldap-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:386922d47ead4f2748714a0beedaf6399743e52c742c207e9127c9291478e161
-
mod_proxy_html-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:a61d5443c9798935472b920f32c81d46ef054d640997750d38a264d98617c224
-
mod_session-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:1a0bcebc9e0fe7e62141026843c46204d9117b2fcf5e393e614c924514e06a0d
-
mod_ssl-2.4.6-99.0.5.el7.centos.1.tuxcare.els11.x86_64.rpm
sha:ace579ebde12da7bf3145ae7f81962f8aced61a99a70ad01098c923ec5677df9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
