Advisory: CLSA-2025:1757014860
OS: Ubuntu 16.04 ELS
Public date: 2025-09-04 19:41:02.837717
Project: apache2
Version: 1:2.4.18-2ubuntu3.17+tuxcare.els18
Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1757014860.html
* SECURITY UPDATE: mod_ssl TLS upgrade attack - debian/patches/CVE-2025-49812.patch: remove antiquated 'SSLEngine optional' TLS upgrade in modules/ssl/ssl_engine_config.c, modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h. - CVE-2025-49812
Update command: apt-get update apt-get --only-upgrade install apache2*
apache2_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb apache2-data_2.4.18-2ubuntu3.17+tuxcare.els18_all.deb apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els18_all.deb apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb