Site icon Fix I.T. Phill – Your Go-To Tech Guru

Ubuntu USN-8516/8517: Patch Apache HTTP Server and ClamAV on Hosting Servers

Ubuntu USN-8516-1 and USN-8517-1 Apache HTTP Server and ClamAV patch checklist

Ubuntu USN-8516-1 and USN-8517-1 Apache HTTP Server and ClamAV patch checklist

Admin action: Ubuntu published USN-8516-1 for Apache HTTP Server and USN-8517-1 for ClamAV on July 8, 2026. Hosting, VPS, mail, and security-scanning servers should be reviewed for the updated packages.

The Apache notice matters for public web servers because Ubuntu lists multiple Apache CVEs, including issues that can cause denial of service and at least one case where arbitrary code execution is possible in affected configurations. The ClamAV notice matters for mail gateways, upload scanning, and file-scanning workflows because malformed files can crash the scanner or consume excessive resources.

Ubuntu Apache Packages

Ubuntu says the Apache fixes are available for supported Resolute, Noble, and Jammy systems. The fixed package versions listed by Ubuntu are:

The Apache CVEs listed by Ubuntu include CVE-2026-29167, CVE-2026-29170, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, and CVE-2026-48913.

Ubuntu ClamAV Packages

Ubuntu says the ClamAV fixes are also available for supported Resolute, Noble, and Jammy systems. The fixed package versions listed by Ubuntu are:

The ClamAV CVEs listed by Ubuntu include CVE-2026-20213, CVE-2026-20214, CVE-2026-20215, CVE-2026-20216, CVE-2026-20217, CVE-2026-20243, and CVE-2026-20244.

Backup And Maintenance Checklist

Hosting Notes

For shared hosting, cPanel-adjacent stacks, mail gateways, or custom Ubuntu web nodes, this is not just a desktop package update. Apache and ClamAV often sit directly in the path of customer traffic, email, attachment scanning, or file intake. Patch deliberately, then confirm the services that customers can feel.

Sources

Exit mobile version