[ALSA-2026:30845] Moderate: mod_md security update
Type:
security
Severity:
moderate
Release date:
2026-06-30
Description:
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fix(es): * httpd: mod_md: unrestricted OCSP response leads to resource exhaustion (CVE-2026-29168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mod_md-2.4.26-5.el10_2.1.aarch64.rpm d3da73530b616cdf1ffe4f9e887cc93f9da15e1c81b8c0cece791842c8047220
ppc64le mod_md-2.4.26-5.el10_2.1.ppc64le.rpm acbaeee39e9f1d38120812a32b533fb9a4cefbcab5c1c705e140a53f7e70e325
s390x mod_md-2.4.26-5.el10_2.1.s390x.rpm 31f18085f26d77a39db8c87b540e1d17fcbb9bce7d58a3f2ca01fbba6149b718
x86_64 mod_md-2.4.26-5.el10_2.1.x86_64.rpm 29074722bbc1b44e9c8594c7ca02915268261beb2bfb589cd3708bdb2db727ff
x86_64_v2 mod_md-2.4.26-5.el10_2.1.x86_64_v2.rpm 523d61c77972b7497df3868dbc3686aa5e51a180e6f20dc3dc63743fd3ed44dc
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.