[ol7_latest] mod_ssl-1:2.4.6-67.0.1.el7_4.6.aarch64

Name:	mod_ssl
Epoch:	1
Version:	2.4.6
Release:	67.0.1.el7_4.6
Architecture:	aarch64
Group:	System Environment/Daemons
Size:	278136
License:	ASL 2.0
RPM:	mod_ssl-2.4.6-67.0.1.el7_4.6.aarch64.rpm
Source RPM:	httpd-2.4.6-67.0.1.el7_4.6.src.rpm
Build Date:	Fri May 04 2018
Build Host:	ca-buildarm01.us.oracle.com
Vendor:	Oracle America
URL:	http://httpd.apache.org/
Summary:	SSL/TLS module for the Apache HTTP Server
Description:	The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

Changelog (Show File list) (Show related packages)

Thu Oct 19 2017 EL Errata <el-errata_ww@oracle.com> - 2.4.6-67.0.1.6
```
- replace index.html with Oracle's index page oracle_index.html
```

Tue Oct 03 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-67.6

- Resolves: #1498020 - rotatelogs: creation of zombie processes when -p is used

Tue Sep 19 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-67.5

- Resolves: #1493064 - CVE-2017-9798 httpd: Use-after-free by limiting
  unregistered HTTP method

Wed Jul 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-67.2

- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw()
  authentication bypass
- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
- Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection
  in mod_auth_digest

Tue May 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-67

- Related: #1332242 - Explicitly disallow the '#' character in allow,deny
  directives

Tue May 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-66

- Related: #1332242 - Explicitly disallow the '#' character in allow,deny
  directives

Thu Apr 27 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-65
```
- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS
```

Tue Apr 18 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-64

- Resolves: #1442872 - apache user is not created during httpd installation
  when apache group already exist with GID other than 48

Wed Mar 22 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-63

- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743
  httpd: various flaws

Wed Mar 15 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-62

- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp:
  patch to set worker secret passed to tomcat