-
Thu Aug 08 2024 EL Errata <el-errata_ww@oracle.com> - 2.4.57-11.0.1.el9_4.1
- Replace index.html with Oracle's index page oracle_index.html.
-
Mon Aug 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-11.1
- Resolves: RHEL-46047 - httpd: Security issues via backend applications whose
response headers are malicious or exploitable (CVE-2024-38476)
- Resolves: RHEL-53021 - Regression introduced by CVE-2024-38474 fix
-
Thu Jul 04 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-11
- Resolves: RHEL-45792 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
-
Wed Jul 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-9
- Resolves: RHEL-45766 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45749 - httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45818 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45771 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)
-
Wed Feb 07 2024 Joe Orton <jorton@redhat.com> - 2.4.57-8
- mod_xml2enc: fix media type handling
Resolves: RHEL-17686
- mod_dav: add DavBasePath
Resolves: RHEL-6600
-
Mon Feb 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-7
- Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read
vulnerability (CVE-2023-31122)
-
Wed Oct 04 2023 Joe Orton <jorton@redhat.com> - 2.4.57-6
- Resolves: RHEL-5071 - mod_dav_fs: add DavLockDBType
- mod_dav_fs: add global mutex around lockdb interaction
-
Thu Jul 20 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-5
- Fix issue found by covscan
- Related: #2222001
-
Tue Jul 18 2023 Joe Orton <jorton@redhat.com> - 2.4.57-4
- Resolves: #2217726 - Make PROPFIND tolerant of deletion race
-
Tue Jul 11 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-3
- Resolves: #2222001 - mod_status lists BusyWorkers IdleWorkers keys twice