-
Mon Sep 11 2023 David Sloboda <david.x.sloboda@oracle.com> - 2.4.37-56.0.1.7
- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP
response splitting
-
Mon May 22 2023 EL Errata <el-errata_ww@oracle.com> - 2.4.37-56.0.1.6
- Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262]
- Replace index.html with Oracle's index page oracle_index.html
-
Thu Apr 27 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-56.6
- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690
-
Sat Mar 18 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-56.4
- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting
with mod_rewrite and mod_proxy
-
Tue Jan 31 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-56
- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write
of zero byte
- Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
- Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request
smuggling
-
Thu Jan 26 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-55
- Resolves: #2155961 - prevent sscg creating /dhparams.pem
-
Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-54
- Resolves: #2095650 - Dependency from mod_http2 on httpd broken
-
Wed Nov 09 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-53
- Resolves: #2050888 - httpd with SSL fails to start unless hostname command
was installed
-
Mon Sep 19 2022 Tomas Korbar <tkorbar@redhat.com> - 2.4.37-52
- Add the SNI support in mod_proxy_wstunnel module for Apache httpd
- Resolves: rhbz#2017543
-
Mon Jul 25 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-51
- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via
ap_rwrite()
- Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in
ap_strcmp_match()
- Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS
vulnerability
- Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information
disclosure with websockets
- Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy:
X-Forwarded-For dropped by hop-by-hop mechanism
- Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in
r:parsebody
- Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible
request smuggling