Jump to letter: [
ABCDEFGHIJKLMNOPQRSTUVWXYZ
]
httpd-tools - Tools for use with the Apache HTTP Server
- Description:
The httpd-tools package contains tools which can be used with
the Apache HTTP Server.
Packages
| httpd-tools-2.4.37-65.module+el8.10.0+40053+5a18018e.7.x86_64
[112 KiB] |
Changelog
by Luboš Uhliarik (2025-12-12):
- Resolves: RHEL-135054 - httpd: Apache HTTP Server: mod_userdir+suexec bypass
via AllowOverride FileInfo (CVE-2025-66200)
- Resolves: RHEL-135039 - httpd: Apache HTTP Server: CGI environment variable
override (CVE-2025-65082)
- Resolves: RHEL-134471 - httpd: Apache HTTP Server: Server Side Includes adds
query string to #exec cmd=... (CVE-2025-58098)
|
| httpd-tools-2.4.37-65.module+el8.10.0+40045+6ce8579b.6.x86_64
[112 KiB] |
Changelog
by Luboš Uhliarik (2025-11-07):
- Resolves: RHEL-127073 - mod_ssl: allow more fine grained SSL SNI vhost check
to avoid unnecessary 421 errors after CVE-2025-23048 fix
- mod_ssl: add conf.d/snipolicy.conf to set 'SSLVHostSNIPolicy authonly' default
|
| httpd-tools-2.4.37-65.module+el8.10.0+2061+8d03fdec.5.x86_64
[112 KiB] |
Changelog
by Luboš Uhliarik (2025-07-28):
- Resolves: RHEL-99944 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade
- Resolves: RHEL-99969 - CVE-2024-47252 httpd: insufficient escaping of
user-supplied data in mod_ssl
- Resolves: RHEL-99961 - CVE-2025-23048 httpd: access control bypass by trusted
clients is possible using TLS 1.3 session resumption
|