-
Mon Sep 01 2025 EL Errata <el-errata_ww@oracle.com> - 2.4.62-4.0.1.4
- Replace index.html with Oracle's index page oracle_index.html.
-
Tue Jul 15 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4.4
- Resolves: RHEL-99949 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade
-
Mon Jul 14 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4.1
- Resolves: RHEL-99972 - CVE-2024-47252 httpd: insufficient escaping of
user-supplied data in mod_ssl
- Resolves: RHEL-99963 - CVE-2025-23048 httpd: access control bypass by trusted
clients is possible using TLS 1.3 session resumption
- Resolves: RHEL-102079 - stickysession field does not work when specifying it
in the query parameter after upgrade to 9.5
-
Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-66488 - Apache HTTPD no longer parse PHP files with unicode
characters in the name
-
Thu Jan 09 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-68660 - RewriteRule proxying to UDS (unix domain socket)
configured in .htaccess doesn't work on httpd-2.4.62-1
-
Thu Sep 12 2024 Joe Orton <jorton@redhat.com> - 2.4.62-2
- mod_ssl: fix loading keys via ENGINE API
Resolves: RHEL-36755
-
Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix
-
Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-7
- Resolves: RHEL-49856: htcacheclean.service missing [Install] section
-
Thu May 30 2024 Joe Orton <jorton@redhat.com> - 2.4.59-6
- mod_ssl: restore SSL_OP_NO_RENEGOTIATE support
Related: RHEL-14668
-
Tue May 21 2024 Joe Orton <jorton@redhat.com> - 2.4.59-5
- mod_ssl: defer ENGINE_finish() calls to a cleanup
Resolves: RHEL-36755