Release date:
2026-06-16 15:30:33 UTC
Description:
- CVE-2026-29170: mod_proxy_ftp: XSS in generated HTML directory listing; escape entry names with ap_escape_html(ap_os_escape_path()) instead of ap_escape_uri() in href attributes
- CVE-2026-42535: mod_dav_fs: deny WebDAV access to or within the DAV_FS_STATE_DIR state directory to prevent manipulation of trusted property databases
Updated packages:
-
httpd-2.2.15-72.el6.tuxcare.els14.x86_64.rpm
sha:5b3dea08fac34f2c0888097a17347fbbe6c7c4d479bbf2cfc2cd02d483dd15cd
-
httpd-devel-2.2.15-72.el6.tuxcare.els14.i686.rpm
sha:42e0f2d444332265ca0ddc6e9150467369218017fe9390902865a89d4a3fc7ff
-
httpd-devel-2.2.15-72.el6.tuxcare.els14.x86_64.rpm
sha:b7d62ae7e345822b283c5c9b159769c5b3bc6f708cdeb722da715bae5783d9bb
-
httpd-manual-2.2.15-72.el6.tuxcare.els14.noarch.rpm
sha:5e1942feb59dedae24ef9618414fa3f45689acc74cef6c4994c71d6626425f3e
-
httpd-tools-2.2.15-72.el6.tuxcare.els14.x86_64.rpm
sha:850290eb7e3a2db5598eaf62daac028ba55c38e409791d5edfb436423b113574
-
mod_ssl-2.2.15-72.el6.tuxcare.els14.x86_64.rpm
sha:6d05dc5748afb7f32bd38996a8b3db7efe5867e91dc938aea958cb9b6685bcce
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
