Advisory: CLSA-2025:1761747106
OS: Debian 10 ELS
Public date: 2025-10-29 14:11:48.286627
Project: apache2
Version: 2.4.59-1~deb10u1+tuxcare.els3
Errata link: https://errata.tuxcare.com/els_os/debian10els/CLSA-2025-1761747106.html
* SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: validate hostname in modules/proxy/proxy_util.c. Restart from the original URL on reconnect in modules/http2/mod_proxy_http2.c. - CVE-2024-38477
Update command: apt-get update apt-get --only-upgrade install apache2*
apache2_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb apache2-bin_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb apache2-data_2.4.59-1~deb10u1+tuxcare.els3_all.deb apache2-dev_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb apache2-doc_2.4.59-1~deb10u1+tuxcare.els3_all.deb apache2-ssl-dev_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb apache2-suexec-custom_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb apache2-suexec-pristine_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb apache2-utils_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb libapache2-mod-md_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb libapache2-mod-proxy-uwsgi_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb