Package httpd-devel-2.4.62-7.el9.inferit.x86_64 content_copy download

×

* Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7
- Resolves: RHEL-99815 - stickysession field does not work when specifying
  it in the query parameter after upgrade to 9.5
- Resolves: RHEL-99953 - httpd: HTTP Session Hijack via a TLS
  upgrade (CVE-2025-49812)
- Resolves: RHEL-99968 - httpd: access control bypass by trusted
  clients is possible using TLS 1.3 session resumption (CVE-2025-23048)
- Resolves: RHEL-99977 - httpd: insufficient escaping of user-supplied
  data in mod_ssl (CVE-2024-47252)

* Tue Jul 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-6
- Resolves: RHEL-94562 - httpd 2.4.62: mod_proxy_connect prematurely closes
  connections

* Fri Jun 06 2025 Joe Orton  <jorton@redhat.com> - 2.4.62-5
- mod_dav: add dav_get_base_path() API
- Resolves: RHEL-41069

* Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-66488 - Apache HTTPD no longer parse PHP files with unicode
  characters in the name

* Thu Jan 09 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-68660 - RewriteRule proxying to UDS (unix domain socket)
  configured in .htaccess doesn't work on httpd-2.4.62-1

* Thu Sep 12 2024 Joe Orton <jorton@redhat.com> - 2.4.62-2
- mod_ssl: fix loading keys via ENGINE API
  Resolves: RHEL-36755

* Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix

* Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-7
- Resolves: RHEL-49856: htcacheclean.service missing [Install] section

* Thu May 30 2024 Joe Orton <jorton@redhat.com> - 2.4.59-6
- mod_ssl: restore SSL_OP_NO_RENEGOTIATE support
  Related: RHEL-14668

* Tue May 21 2024 Joe Orton <jorton@redhat.com> - 2.4.59-5
- mod_ssl: defer ENGINE_finish() calls to a cleanup
  Resolves: RHEL-36755