[ol8_appstream] httpd-devel-2.4.37-65.0.1.module+el8.10.0+90652+bef864ba.5.x86_64

Name:	httpd-devel
Version:	2.4.37
Release:	65.0.1.module+el8.10.0+90652+bef864ba.5
Architecture:	x86_64
Module:	httpd:2.4:8100020250728150834:10
Group:	Development/Libraries
Size:	849783
License:	ASL 2.0
RPM:	httpd-devel-2.4.37-65.0.1.module+el8.10.0+90652+bef864ba.5.x86_64.rpm
Source RPM:	httpd-2.4.37-65.0.1.module+el8.10.0+90652+bef864ba.5.src.rpm
Build Date:	Thu Sep 04 2025
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://httpd.apache.org/
Summary:	Development interfaces for the Apache HTTP server
Description:	The httpd-devel package contains the APXS binary and other files that you need to build Dynamic Shared Objects (DSOs) for the Apache HTTP Server. If you are installing the Apache HTTP server and you want to be able to compile or develop additional modules for Apache, you need to install this package.

Changelog (Show File list) (Show related packages)

Thu Sep 04 2025 EL Errata <el-errata_ww@oracle.com> - 2.4.37-65.5.0.1
```
- Replace index.html with Oracle's index page oracle_index.html
```

Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.5

- Resolves: RHEL-99944 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade
- Resolves: RHEL-99969 - CVE-2024-47252 httpd: insufficient escaping of
  user-supplied data in mod_ssl
- Resolves: RHEL-99961 - CVE-2025-23048 httpd: access control bypass by trusted
  clients is possible using TLS 1.3 session resumption

Tue Apr 22 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.4

- Resolves: RHEL-87641 - apache Bug 63192 - mod_ratelimit breaks HEAD requests

Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.3

- Resolves: RHEL-56068 - Apache HTTPD no longer parse PHP files with
  unicode characters in the name

Tue Aug 06 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.2

- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
  applications whose response headers are malicious or exploitable (CVE-2024-38476)
- Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix

Thu Jul 11 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.1

- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue
  in mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in
  mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
  in mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference
  in mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF
  in mod_rewrite (CVE-2024-39573)

Wed Jun 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65

- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response
  splitting (CVE-2023-38709)

Fri Feb 16 2024 Joe Orton <jorton@redhat.com> - 2.4.37-64

- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read
  vulnerability (CVE-2023-31122)

Wed Feb 14 2024 Joe Orton <jorton@redhat.com> - 2.4.37-63

- mod_xml2enc: fix media type handling
  Resolves: RHEL-14321

Thu Aug 17 2023 Johnny Hughes <jhughes@redhat.com> - 2.4.37-62
```
- change for CentOS Stream Branding
```