[Apollo] Advisories Statistics light light Login

RLSA-2026:36187

Security Mirrored from RHSA-2026:36187
Issued at: 2026-07-08
Updated at: 2026-07-08

Synopsis

Important: perl-HTTP-Daemon security update



Description

The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests.

Security Fix(es):

* perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file() (CVE-2026-8450)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2481773

CVEs

CVE-2026-8450

Affected packages

Rocky Linux 9 x86_64 - CRB

perl-HTTP-Daemon-0:6.12-6.el9_8.1.noarch.rpm perl-HTTP-Daemon-0:6.12-6.el9_8.1.src.rpm

Rocky Linux 9 aarch64 - CRB

perl-HTTP-Daemon-0:6.12-6.el9_8.1.noarch.rpm perl-HTTP-Daemon-0:6.12-6.el9_8.1.src.rpm

Rocky Linux 9 s390x - CRB

perl-HTTP-Daemon-0:6.12-6.el9_8.1.noarch.rpm perl-HTTP-Daemon-0:6.12-6.el9_8.1.src.rpm

Rocky Linux 9 ppc64le - CRB

perl-HTTP-Daemon-0:6.12-6.el9_8.1.noarch.rpm perl-HTTP-Daemon-0:6.12-6.el9_8.1.src.rpm