CLSA-2025-1758035329 httpd: Fix of 2 CVEs

CVE-2024-47252: escape user-supplied data in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attack...

CLSA-2025-1739823342 httpd: Fix of CVE-2022-30522

CVE-2022-30522: fix possible DoS...

CLSA-2024-1728932179 httpd: Fix of CVE-2024-27316

CVE-2024-27316: Limit buffering of HTTP/2 incoming headers to prevent memory exhaustion...

CLSA-2023-1678136793 httpd: Fix of CVE-2006-20001

CVE-2006-20001: moddav: out-of-bounds read/write...

CLSA-2023-1675111939 httpd: Fix of CVE-2022-36760

CVE-2022-36760: modproxyajp: fix possible HTTP request smuggling...

CLSA-2022-1663591920 Fixed CVE-2022-28614 in httpd

CVE-2022-28614: fix out-of-bounds read via aprwrite, refactoring...

Scientific Linux Security Update : httpd on SL7.x x86_64 (20160718) (httpoxy)

Security Fixes : - It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A...