Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

httpd-2.4.57-8.el9 RPM for x86_64

From AlmaLinux 9.4 AppStream for x86_64

Name: httpd Distribution: AlmaLinux
Version: 2.4.57 Vendor: AlmaLinux
Release: 8.el9 Build date: Wed Apr 3 11:49:03 2024
Group: Unspecified Build host: x64-builder02.almalinux.org
Size: 60837 Source RPM: httpd-2.4.57-8.el9.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://httpd.apache.org/
Summary: Apache HTTP Server
The Apache HTTP Server is a powerful, efficient, and extensible
web server.

Provides

Requires

License

ASL 2.0

Changelog

* Wed Feb 07 2024 Joe Orton <jorton@redhat.com> - 2.4.57-8
  - mod_xml2enc: fix media type handling
    Resolves: RHEL-17686
  - mod_dav: add DavBasePath
    Resolves: RHEL-6600
* Mon Feb 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-7
  - Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read
    vulnerability (CVE-2023-31122)
* Wed Oct 04 2023 Joe Orton <jorton@redhat.com> - 2.4.57-6
  - Resolves: RHEL-5071 - mod_dav_fs: add DavLockDBType
  - mod_dav_fs: add global mutex around lockdb interaction
* Thu Jul 20 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-5
  - Fix issue found by covscan
  - Related: #2222001
* Tue Jul 18 2023 Joe Orton <jorton@redhat.com> - 2.4.57-4
  - Resolves: #2217726 - Make PROPFIND tolerant of deletion race
* Tue Jul 11 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-3
  - Resolves: #2222001 - mod_status lists BusyWorkers IdleWorkers keys twice
* Fri Apr 14 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-2
  - Resolves: #2186645 - Fix issue found by covscan in httpd package
  - Resolves: #2173295 - Include Apache httpd module mod_authnz_fcgi
* Tue Apr 11 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-1
  - Resolves: #2184403 - rebase httpd to 2.4.57
  - Resolves: #2177753 - CVE-2023-25690 httpd: HTTP request splitting with
    mod_rewrite and mod_proxy
* Mon Jan 30 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-11
  - Resolves: #2162500 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write
    of zero byte
  - Resolves: #2162486 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
  - Resolves: #2162510 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request
    smuggling
* Tue Jan 24 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-10
  - Resolves: #2160667 - prevent sscg creating /dhparams.pem
* Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-9
  - Resolves: #2143176 - Dependency from mod_http2 on httpd broken
* Tue Dec 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-8
  - Resolves: #2151313 - reduce AH03408 log level from WARNING to INFO
* Wed Jul 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7
  - Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request
    smuggling
  - Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in 
    ap_strcmp_match()
  - Resolves: #2098248 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped
    by hop-by-hop mechanism
  - Resolves: #2097016 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite()
  - Resolves: #2097452 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody
  - Resolves: #2097459 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability
  - Resolves: #2097481 - CVE-2022-30556 httpd: mod_lua: Information disclosure
    with websockets
* Mon Jun 27 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-6
  - Related: #2065677 - httpd minimisation for ubi-micro
* Fri Jun 24 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-5
  - Resolves: #2098056 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()
* Thu Jun 16 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-4
  - Resolves: #2095838 - mod_mime_magic: invalid type 0 in mconvert()
* Wed Jun 01 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-3
  - Resolves: #2065677 - httpd minimisation for ubi-micro
  - minimize httpd dependencies (new httpd-core package)
  - mod_systemd and mod_brotli are now packaged in the main httpd package
* Tue May 31 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-1
  - new version 2.4.53
  - Resolves: #2079939 - httpd rebase to 2.4.53
  - Resolves: #2075406 - httpd.conf uses icon bomb.gif for all files/dirs ending
    with core
* Mon Apr 11 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.51-8
  - Resolves: #2073459 - Cannot override LD_LIBARY_PATH in Apache HTTPD using
    SetEnv or PassEnv
* Mon Mar 21 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.51-7
  - Resolves: #2065251 - CVE-2022-22720 httpd: HTTP request smuggling
    vulnerability in Apache HTTP Server 2.4.52 and earlier
  - Resolves: #2066311 - CVE-2021-44224 httpd: possible NULL dereference or SSRF
    in forward proxy configurations

Files

/etc/httpd/conf.modules.d/00-brotli.conf
/etc/httpd/conf.modules.d/00-systemd.conf
/usr/lib/.build-id
/usr/lib/.build-id/1b
/usr/lib/.build-id/1b/921ffd72f61e74fd9ada2ae502c5f182f243e9
/usr/lib/.build-id/57
/usr/lib/.build-id/57/1b718be7dbd7fa2270cef829f35046da0afc45
/usr/lib/systemd/system/htcacheclean.service
/usr/lib/systemd/system/httpd.service
/usr/lib/systemd/system/httpd.socket
/usr/lib/systemd/system/httpd@.service
/usr/lib64/httpd/modules/mod_brotli.so
/usr/lib64/httpd/modules/mod_systemd.so
/usr/share/man/man5/httpd.conf.5.gz
/usr/share/man/man8/apachectl.8.gz
/usr/share/man/man8/fcgistarter.8.gz
/usr/share/man/man8/htcacheclean.8.gz
/usr/share/man/man8/htcacheclean.service.8.gz
/usr/share/man/man8/httpd.8.gz
/usr/share/man/man8/httpd.service.8.gz
/usr/share/man/man8/httpd.socket.8.gz
/usr/share/man/man8/httpd@.service.8.gz
/usr/share/man/man8/rotatelogs.8.gz
/usr/share/man/man8/suexec.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 12 07:32:02 2024