Release date:
2026-05-18 18:44:13 UTC
Description:
- CVE-2026-28780: mod_proxy_ajp: heap-based buffer overflow in
ajp_msg_check_header() — message size check did not subtract
AJP_HEADER_LEN, letting a crafted AJP reply write 4 bytes past
the end of the heap buffer
Updated packages:
-
httpd-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:d87eaa4555588da873e4420702d3dd5c68c7a8d5c2110acb9a32621b25623e97
-
httpd-devel-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:b7831d3b7164dad0d2d194264f2059a931693a8b98a70fda975ff14ee6c250d1
-
httpd-manual-2.4.6-99.0.5.el7_9.1.tuxcare.els11.noarch.rpm
sha:4c4d84c2460424084996e8c408532776afff7da3fedbbe0eb9878c5022f2a124
-
httpd-tools-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:bfe52464208a7b6f1e64937203964d02b4869c14b606c2146a5078a46b2bd0c9
-
mod_ldap-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:246dbb92d89ea4ac9ffa7ec7a9eb1eb823a2e23ed195c18caf3292e0efbaca17
-
mod_proxy_html-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:5687553021200becae6769e1654dc76f60911cfffcc5b3ef4537c144f590120b
-
mod_session-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:5c30f97634d6f4cb7bc0a5f6a8127113fc90c362a81729c63197dc48828ea824
-
mod_ssl-2.4.6-99.0.5.el7_9.1.tuxcare.els11.x86_64.rpm
sha:72756afb44fc365833bbfc243dfad179f68c06b51ea376eb542d2d88c490827c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
