ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2025:1758102473

OS: CloudLinux 7 ELS

Public date: 2025-09-17 09:47:55.490044

Project: httpd

Version: 2.4.6-99.el7.1.tuxcare.els9

Errata link: https://errata.cloudlinux.com/cloudlinux7els/CLSA-2025-1758102473.html

Changelog

- CVE-2024-47252: escape special characters in user-supplied data for mod_ssl logging - CVE-2025-49812: remove support for TLS upgrade to fix HTTP desynchronisation attack vulnerability

Update

Update command: yum update httpd*

Packages list

httpd-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm httpd-devel-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm httpd-manual-2.4.6-99.el7.1.tuxcare.els9.noarch.rpm httpd-tools-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm mod_ldap-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm mod_proxy_html-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm mod_session-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm mod_ssl-2.4.6-99.el7.1.tuxcare.els9.x86_64.rpm

CVEs

CVE-2024-47252

CVE-2025-49812