Advisory: CLSA-2025:1758031287
OS: RHEL 7 ELS
Public date: 2025-09-16 14:01:29.307041
Project: httpd
Version: 2.4.6-99.0.5.el7_9.1.tuxcare.els6
Errata link: https://errata.tuxcare.com/els_os/rhel7els/CLSA-2025-1758031287.html
- CVE-2024-47252: escape user-supplied data in mod_ssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attack
Update command: yum update httpd*
httpd-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm httpd-devel-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm httpd-manual-2.4.6-99.0.5.el7_9.1.tuxcare.els6.noarch.rpm httpd-tools-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm mod_ldap-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm mod_proxy_html-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm mod_session-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm mod_ssl-2.4.6-99.0.5.el7_9.1.tuxcare.els6.x86_64.rpm