Проект httpd-2.4.37-65.module+el8.10.0+811+00fd9dc2.7
| Имя |
httpd |
| Эпоха |
0 |
| Версия |
2.4.37 |
| Релиз |
65.module+el8.10.0+811+00fd9dc2.7 |
| Сайт |
https://httpd.apache.org/
|
| Лицензия |
ASL 2.0 |
| Время сборки |
2025-12-23 18:35:47 |
| Хост сборки |
builder-x86-04.inferitos.ru |
| Краткое описание |
Apache HTTP Server |
| Репозитории |
AppStream |
| Полное описание |
The Apache HTTP Server is a powerful, efficient, and extensible
web server. |
| Эррата |
—
|
| Module |
httpd-2.4-8100020251223150026.acbbbf20 |
×
![Full screenshot]()
Найдено 8 старых версий
* Fri Dec 12 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.7
- Resolves: RHEL-135054 - httpd: Apache HTTP Server: mod_userdir+suexec bypass
via AllowOverride FileInfo (CVE-2025-66200)
- Resolves: RHEL-135039 - httpd: Apache HTTP Server: CGI environment variable
override (CVE-2025-65082)
- Resolves: RHEL-134471 - httpd: Apache HTTP Server: Server Side Includes adds
query string to #exec cmd=... (CVE-2025-58098)
* Fri Nov 07 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.6
- Resolves: RHEL-127073 - mod_ssl: allow more fine grained SSL SNI vhost check
to avoid unnecessary 421 errors after CVE-2025-23048 fix
- mod_ssl: add conf.d/snipolicy.conf to set 'SSLVHostSNIPolicy authonly' default
* Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.5
- Resolves: RHEL-99944 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade
- Resolves: RHEL-99969 - CVE-2024-47252 httpd: insufficient escaping of
user-supplied data in mod_ssl
- Resolves: RHEL-99961 - CVE-2025-23048 httpd: access control bypass by trusted
clients is possible using TLS 1.3 session resumption
* Tue Apr 22 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.4
- Resolves: RHEL-87641 - apache Bug 63192 - mod_ratelimit breaks HEAD requests
* Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.3
- Resolves: RHEL-56068 - Apache HTTPD no longer parse PHP files with
unicode characters in the name
* Tue Aug 06 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.2
- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
applications whose response headers are malicious or exploitable (CVE-2024-38476)
- Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix
* Thu Jul 11 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65.1
- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue
in mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
in mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference
in mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF
in mod_rewrite (CVE-2024-39573)
* Wed Jun 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-65
- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response
splitting (CVE-2023-38709)
* Fri Feb 16 2024 Joe Orton <jorton@redhat.com> - 2.4.37-64
- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read
vulnerability (CVE-2023-31122)
* Wed Feb 14 2024 Joe Orton <jorton@redhat.com> - 2.4.37-63
- mod_xml2enc: fix media type handling
Resolves: RHEL-14321
