-
Mon Mar 10 2025 EL Errata <el-errata_ww@oracle.com> - 2.4.63-1.0.1
- Replace index.html with Oracle's index page oracle_index.html.
-
Mon Jan 27 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-1
- new version 2.4.63
- Resolves: RHEL-76358 - httpd rebase to 2.4.63
- Resolves: RHEL-73414 - RewriteRule proxying to UDS (unix domain socket)
configured in .htaccess doesn't work on httpd-2.4.62-1
- Resolves: RHEL-66489 - Apache HTTPD no longer parse PHP files with unicode
characters in the name
-
Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.4.62-5
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
-
Mon Aug 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-50031 - httpd default config changes
-
Thu Aug 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen
- Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from
httpd mod_proxy_wstunnel
-
Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-2
- Resolves: RHEL-52722 - Regression introduced by CVE-2024-38474 fix
-
Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-33446
-
Wed Jul 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.61-1
- new version 2.4.61
- Resolves: RHEL-45753 - httpd: Potential SSRF in
mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45757 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45776 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45791 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45811 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-46051 - httpd: Security issues via backend applications
whose response headers are malicious or exploitable (CVE-2024-38476)
-
Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.4.59-4.4
- Bump release for June 2024 mass rebuild
-
Thu May 23 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3.4
- mod_ssl: disable ENGINE support
Resolves: RHEL-33734