ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
ELSA-2024-9306: httpd security update (MODERATE)
[2.4.62-1.0.1]
- Replace index.html with Oracle's index page oracle_index.html.
[2.4.62-1]
- new version 2.4.62
- Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix
[2.4.59-7]
- Resolves: RHEL-49856: htcacheclean.service missing [Install] section
[2.4.59-6]
- mod_ssl: restore SSL_OP_NO_RENEGOTIATE support Related: RHEL-14668
[2.4.59-5]
- mod_ssl: defer ENGINE_finish() calls to a cleanup Resolves: RHEL-36755
[2.4.59-4]
- Resolves: RHEL-6575 - [RFE] httpd use systemd-sysusers
[2.4.59-3]
- Related: RHEL-14668 - RFE: httpd rebase to 2.4.59
[2.4.59-2]
- Resolves: RHEL-35870 - httpd mod_cgi/cgid unification
[2.4.59-1]
- new version 2.4.59
- Resolves: RHEL-14668 - RFE: httpd rebase to 2.4.59
- Resolves: RHEL-31856 - httpd: HTTP response splitting (CVE-2023-38709)
- Resolves: RHEL-31859 - httpd: HTTP Response Splitting in multiple modules (CVE-2024-24795)
[2.4.57-8]
- mod_xml2enc: fix media type handling Resolves: RHEL-17686
- mod_dav: add DavBasePath Resolves: RHEL-6600
[2.4.57-7]
- Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)
[2.4.57-6]
- Resolves: RHEL-5071 - mod_dav_fs: add DavLockDBType
- mod_dav_fs: add global mutex around lockdb interaction
[2.4.57-5]
- Fix issue found by covscan
- Related: #2222001
[2.4.57-4]
- Resolves: #2217726 - Make PROPFIND tolerant of deletion race
[2.4.57-3]
- Resolves: #2222001 - mod_status lists BusyWorkers IdleWorkers keys twice
[2.4.57-2]
- Resolves: #2186645 - Fix issue found by covscan in httpd package
- Resolves: #2173295 - Include Apache httpd module mod_authnz_fcgi
[2.4.57-1]
- Resolves: #2184403 - rebase httpd to 2.4.57
- Resolves: #2177753 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy
[2.4.53-11]
- Resolves: #2162500 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte
- Resolves: #2162486 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
- Resolves: #2162510 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling
[2.4.53-10]
- Resolves: #2160667 - prevent sscg creating /dhparams.pem
[2.4.53-9]
- Resolves: #2143176 - Dependency from mod_http2 on httpd broken
[2.4.53-8]
- Resolves: #2151313 - reduce AH03408 log level from WARNING to INFO
ΠΠ±Π½ΠΎΠ²Π»Π΅Π½Π½ΡΠ΅ ΠΏΠ°ΠΊΠ΅ΡΡ
Oracle Linux 9
Oracle Linux aarch64
httpd
2.4.62-1.0.1.el9
httpd-core
2.4.62-1.0.1.el9
httpd-devel
2.4.62-1.0.1.el9
httpd-filesystem
2.4.62-1.0.1.el9
httpd-manual
2.4.62-1.0.1.el9
httpd-tools
2.4.62-1.0.1.el9
mod_ldap
2.4.62-1.0.1.el9
mod_lua
2.4.62-1.0.1.el9
mod_proxy_html
2.4.62-1.0.1.el9
mod_session
2.4.62-1.0.1.el9
mod_ssl
2.4.62-1.0.1.el9
Oracle Linux x86_64
httpd
2.4.62-1.0.1.el9
httpd-core
2.4.62-1.0.1.el9
httpd-devel
2.4.62-1.0.1.el9
httpd-filesystem
2.4.62-1.0.1.el9
httpd-manual
2.4.62-1.0.1.el9
httpd-tools
2.4.62-1.0.1.el9
mod_ldap
2.4.62-1.0.1.el9
mod_lua
2.4.62-1.0.1.el9
mod_proxy_html
2.4.62-1.0.1.el9
mod_session
2.4.62-1.0.1.el9
mod_ssl
2.4.62-1.0.1.el9
