Description:
- CVE-2022-26377: mod_proxy_ajp: fix HTTP request smuggling
- CVE-2022-28615: fix possible out-of-bounds read in ap_strcmp_match()
- CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what
the original request hostname was, and so send X-Forwarded-* headers correctly
Updated packages:
-
httpd-tools-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:ef52dc544ebbf32683a8a23d319feec050db8c67
-
mod_ssl-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:917ee071999f4deb83af8af42e5c3e08e75fd5e1
-
httpd-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:892532268201c5a6123b1cae6ae1c44385a9855c
-
httpd-devel-2.2.15-72.el6.tuxcare.els5.x86_64.rpm
sha:8792b5bef0fe44340fee436d7b8f3e24e1361c2c
-
httpd-manual-2.2.15-72.el6.tuxcare.els5.noarch.rpm
sha:19d08664e4168e67b5f51173b8dcdea41bba410b
-
httpd-devel-2.2.15-72.el6.tuxcare.els5.i686.rpm
sha:9732c46fa2cdb2c0b6488832dcae1474c2f70c45
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.