Release date:
2026-05-18 18:40:30 UTC
Description:
- CVE-2026-28780: mod_proxy_ajp: heap-based buffer overflow in
ajp_msg_check_header() — message size check did not subtract
AJP_HEADER_LEN, letting a crafted AJP reply write 4 bytes past
the end of the heap buffer
Updated packages:
-
httpd-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:5011c861c5b2503db1b9bdf11df5258e947268b5ef9eec4db4ed972a9f528107
-
httpd-devel-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:6bea828ef70d184bca9721fea3f6e6063c2b3a8d5ab53a479608b9e21c33cf70
-
httpd-manual-2.4.6-99.0.5.el7_9.1.tuxcare.els11.noarch.rpm
sha:3bbeec845f1c9677a0ccb5dd9eb3d181558993b219317654c9862ac755b43dab
-
httpd-tools-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:52336078c91f25fe8fb98aefcaddf9d3df945e72d0ca51c5c79d2f1cb819f18b
-
mod_ldap-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:96f58933a51c6986521e3e46ff05e89880c01407b6b34dc43843f74f1d66cf62
-
mod_proxy_html-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:0fbade52ba4a9f18e52e240b47d892358426e348a24c89f77af5f799c59dcce1
-
mod_session-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:60c162f3b5351b8c408a0f81d1e3a2f931eb5987f26c939e8745c13686b82bfc
-
mod_ssl-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:55132940ebc42a8749d7e5c2b0579b3cde7d684963f831afefed130ef43a4277
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
