Release date:
2026-04-23 17:29:07 UTC
Description:
* SECURITY UPDATE: DoS via unbounded request body in mod_lua
- debian/patches/CVE-2022-29404-part1.patch: set
AP_DEFAULT_LIMIT_REQ_BODY to 1GB in server/core.c, enforce
LimitRequestBody in ap_setup_client_block() in
modules/http/http_filters.c, remove redundant proxy check in
modules/proxy/mod_proxy_http.c.
- CVE-2022-29404
- Note: Part 2 (cast fix) was already applied.
Updated packages:
-
apache2_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:9d7ac645bbafa2b1c39c7525e3203d643073b21b
-
apache2-bin_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:9dec6ffecae41b13d3f6418c7b7809baa5fb4767
-
apache2-data_2.4.41-4ubuntu3.23+tuxcare.els2_all.deb
sha:dc9cb0a657c015ed996a21de8421aa70a3442fa7
-
apache2-dev_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:5e4e3befd7ea1901097dd4483ea5bff3aa6ad1fa
-
apache2-doc_2.4.41-4ubuntu3.23+tuxcare.els2_all.deb
sha:7f33232bfc495b66656b593314e3acb478eebeb3
-
apache2-ssl-dev_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:e71344f908895a77e25bffe35888fb35e156100e
-
apache2-suexec-custom_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:a692dd7a64a67aadf0b7b9797248efb587cdb719
-
apache2-suexec-pristine_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:695cb2048dd4171e4acc5eae19f353f9b0349649
-
apache2-utils_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:7bf23ee169924bb76aada29f7a5633a482af8003
-
libapache2-mod-md_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:60f7f934af2f1052fda3416f172e14f1bb2f4ccd
-
libapache2-mod-proxy-uwsgi_2.4.41-4ubuntu3.23+tuxcare.els2_amd64.deb
sha:6fb09f360da0b2752459c5863c43fc99fe2f760b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
