-
Tue Sep 02 2025 EL Errata <el-errata_ww@oracle.com> - 2.4.63-4.0.1
- Replace index.html with Oracle's index page oracle_index.html.
-
Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-4
- Resolves: RHEL-99945 - httpd: HTTP Session Hijack via a TLS
upgrade (CVE-2025-49812)
- Resolves: RHEL-99962 - httpd: access control bypass by trusted clients
is possible using TLS 1.3 session resumption (CVE-2025-23048)
- Resolves: RHEL-99970 - httpd: insufficient escaping of user-supplied
data in mod_ssl (CVE-2024-47252)
- Resolves: RHEL-103489 - stickysession field does not work when
specifying it in the query parameter after upgrade to 9.5
-
Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-3
- Resolves: RHEL-106043 - httpd 2.4.62: mod_proxy_connect prematurely closes
connections
-
Thu Jul 24 2025 Joe Orton <jorton@redhat.com> - 2.4.63-2
- mod_dav: add dav_get_base_path() API
Resolves: RHEL-105255
-
Mon Jan 27 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-1
- new version 2.4.63
- Resolves: RHEL-76358 - httpd rebase to 2.4.63
- Resolves: RHEL-73414 - RewriteRule proxying to UDS (unix domain socket)
configured in .htaccess doesn't work on httpd-2.4.62-1
- Resolves: RHEL-66489 - Apache HTTPD no longer parse PHP files with unicode
characters in the name
-
Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.4.62-5
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
-
Mon Aug 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-50031 - httpd default config changes
-
Thu Aug 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen
- Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from
httpd mod_proxy_wstunnel
-
Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-2
- Resolves: RHEL-52722 - Regression introduced by CVE-2024-38474 fix
-
Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-33446