[ol8_appstream] mod_session-2.4.37-21.0.1.module+el8.2.0+5576+c083ffcb.aarch64

Name:	mod_session
Version:	2.4.37
Release:	21.0.1.module+el8.2.0+5576+c083ffcb
Architecture:	aarch64
Module:	httpd:2.4:8020020200122152618:9edba152 httpd:2.4:8020020200824162909:4cda2c84
Group:	System Environment/Daemons
Size:	346991
License:	ASL 2.0
RPM:	mod_session-2.4.37-21.0.1.module+el8.2.0+5576+c083ffcb.aarch64.rpm
Source RPM:	httpd-2.4.37-21.0.1.module+el8.2.0+5576+c083ffcb.src.rpm
Build Date:	Wed Apr 29 2020
Build Host:	ca-buildarm05.us.oracle.com
Vendor:	Oracle America
URL:	https://httpd.apache.org/
Summary:	Session interface for the Apache HTTP Server
Description:	The mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.

Changelog (Show File list) (Show related packages)

Mon Feb 10 2020 EL Errata <el-errata_ww@oracle.com> - 2.4.37-21.0.1

- Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262]
- Replace index.html with Oracle's index page oracle_index.html

Mon Dec 02 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-21

- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails:
  Re-negotiation handshake failed: Client certificate missing

Sun Dec 01 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-20
```
- Resolves: #1704317 - Add support for SSLKEYLOGFILE
```
Thu Nov 28 2019 Joe Orton <jorton@redhat.com> - 2.4.37-19
```
- mod_cgid: enable fd passing (#1633224)
```

Mon Nov 18 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-18

- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection
- Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility
- Resolves: #1633224 - mod_cgid logging issues

Wed Oct 02 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-17

- remove bundled mod_md module
- Related: #1747898 - add mod_md package

Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-16

- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount
  of data request leads to denial of service
- Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length
  headers leads to denial of service
- Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for
  large response leads to denial of service

Tue Jul 16 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-15

- Resolves: #1730721 - absolute path used for default state and runtime dir by
  default

Thu Jun 27 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-14

- Resolves: #1724549 - httpd response contains garbage in Content-Type header

Wed Jun 12 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-13

- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access
  control bypass due to race condition
- Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization
  inconsistency
- Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd
  causes systemctl to hang
- Resolves: #1673022 - httpd can not be started with mod_md enabled