Release Info

Advisory: CLSA-2024:1724788700

OS: CloudLinux 7 ELS

Public date: 2024-08-27 15:58:22

Project: httpd

Version: 2.4.6-99.el7.1.tuxcare.els5

Errata link: https://errata.cloudlinux.com/cloudlinux7els/CLSA-2024-1724788700.html

Changelog

- CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix. - CVE-2024-40725: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-39884 fix.

Update

Update command: yum update httpd*

Packages list

httpd-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm httpd-devel-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm httpd-manual-2.4.6-99.el7.1.tuxcare.els5.noarch.rpm httpd-tools-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm mod_ldap-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm mod_proxy_html-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm mod_session-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm mod_ssl-2.4.6-99.el7.1.tuxcare.els5.x86_64.rpm

CVEs

CVE-2024-38475
CVE-2024-38477
CVE-2024-38474
CVE-2024-38476
CVE-2024-39573