[ol8_appstream] mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.aarch64

Name:	mod_http2
Version:	1.15.7
Release:	10.module+el8.10.0+90327+96b8ea28
Architecture:	aarch64
Module:	httpd:2.4:8100020240523005605:10 httpd:2.4:8100020240701034214:10 httpd:2.4:8100020240723064228:10 httpd:2.4:8100020240812071540:10
Group:	System Environment/Daemons
Size:	418734
License:	ASL 2.0
RPM:	mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.aarch64.rpm
Source RPM:	mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.src.rpm
Build Date:	Thu May 23 2024
Build Host:	build-ol8-aarch64.oracle.com
Vendor:	Oracle America
URL:	https://icing.github.io/mod_h2/
Summary:	module implementing HTTP/2 for Apache 2
Description:	The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.

Changelog (Show File list) (Show related packages)

Fri Apr 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10

- Resolves: RHEL-29817 - httpd:2.4/mod_http2: httpd: CONTINUATION frames
  DoS (CVE-2024-27316)

Fri Feb 02 2024 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-9.3

- Resolves: RHEL-13367 - httpd:2.4/mod_http2: reset requests exhaust memory
  (incomplete fix of CVE-2023-44487)(CVE-2023-45802)

Sat Mar 18 2023 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-8.3

- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting
  with mod_rewrite and mod_proxy

Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-7

- Resolves: #2095650 - Dependency from mod_http2 on httpd broken

Tue Nov 01 2022 Tomas Korbar <tkorbar@redhat.com> - 1.15.7-6
```
- Backport SNI feature refactor
- Resolves: rhbz#2137257
```

Mon Jan 24 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-5

- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference
  or SSRF in forward proxy configurations

Thu Jan 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-4

- Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd:
  Request splitting via HTTP/2 method injection and mod_proxy

Fri Oct 30 2020 Lubos Uhliarik <luhliari@redhat.com> - 1.15.7-3

- Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd:
  mod_http2 concurrent pool usage

Mon Aug 17 2020 Lubos Uhliarik <luhliari@redhat.com> - 1.15.7-2

- Resolves: #1869073 - CVE-2020-9490 httpd:2.4/mod_http2: httpd: 
  Push diary crash on specifically crafted HTTP/2 header

Tue Apr 14 2020 Lubos Uhliarik <luhliari@redhat.com> - 1.15.7-1

- new version 1.15.7
- Resolves: #1814236 - RFE: mod_http2 rebase 
- Resolves: #1747289 - CVE-2019-10082 httpd:2.4/mod_http2: httpd: 
  read-after-free in h2 connection shutdown
- Resolves: #1696099 - CVE-2019-0197 httpd:2.4/mod_http2: httpd: 
  mod_http2: possible crash on late upgrade
- Resolves: #1696094 - CVE-2019-0196 httpd:2.4/mod_http2: httpd:
  mod_http2: read-after-free on a string compare
- Resolves: #1677591 - CVE-2018-17189 httpd:2.4/mod_http2: httpd: 
  mod_http2: DoS via slow, unneeded request bodies