CentOS 6 ELS: httpd package gradual rollout
A new updated httpd package within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.
Rollout slot: 3
Rolled out to: 0.1%
ETA for 100% rollout: October 7
Errata: https://errata.cloudlinux.com/els6/CLSA-2021-1632839108.html
CHANGELOG
httpd-2.2.15-71.el6.
- Fixed stack overflow in mod_auth_digest due to crafted digest nonce (CVE-2020-35452)
UPDATE COMMAND
yum update httpd*
IMMEDIATE UPDATE (VIA BYPASS)
yum update httpd* --enablerepo=ELS6-rollout-3-bypass