[CLSA-2026:1780650326] Fix of 7 CVEs

Type:

security

Severity:

Low

Release date:

2026-06-05 09:07:42 UTC

Description:

   * SECURITY UPDATE: HTTP/2 header filtering - validate decoded HPACK names/values against RFC 7230 token/field-vchar/field-content rules
     - debian/patches/CVE-2026-41293.patch: HTTP/2 header filtering - validate decoded HPACK names/values against RFC 7230 token/field-vchar/field-content rules
     - CVE-2026-41293

CVEs fixed:

Updated packages:

libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:b24a0b232060e1f1060d01fbf8570f0d67e47945
libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:5c30c22ab45107c3c2985099352b51e305800ce6
tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:354579c724a5ca28d32dbd7e0a581b7d1f2ece52
tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:a9d729565660b4674324255c593b6e15cf87f7fd
tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:8c3d4ce15a7a17fff9b131d8b2b7b7151a645f9f
tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:28adf8c45689351bd993342ae9104c41cc80aff7
tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:d608fcac64c30c17af69f19226a978c4e99c1f78
tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els16_all.deb
sha:e95bc4dbc479adbd2b9fa939b0367d082a9ace67

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.