[ol7_latest] httpd-devel-2.4.6-99.0.5.el7_9.1.aarch64

Name:	httpd-devel
Version:	2.4.6
Release:	99.0.5.el7_9.1
Architecture:	aarch64
Group:	Development/Libraries
Size:	773476
License:	ASL 2.0
RPM:	httpd-devel-2.4.6-99.0.5.el7_9.1.aarch64.rpm
Source RPM:	httpd-2.4.6-99.0.5.el7_9.1.src.rpm
Build Date:	Tue Oct 15 2024
Build Host:	build-ol7-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://httpd.apache.org/
Summary:	Development interfaces for the Apache HTTP server
Description:	The httpd-devel package contains the APXS binary and other files that you need to build Dynamic Shared Objects (DSOs) for the Apache HTTP Server. If you are installing the Apache HTTP server and you want to be able to compile or develop additional modules for Apache, you need to install this package.

Changelog (Show File list) (Show related packages)

Fri Oct 04 2024 Kaylin Devchand <kaylin.devchand@oracle.com> - 2.4.6-99.0.5.1
```
- Differentiate trusted sources [Orabug: 37100272][CVE-2024-38476]
```

Tue Aug 27 2024 Kaylin Devchand <kaylin.devchand@oracle.com> - 2.4.6-99.0.3.1

- Opt-ins for unsafe prefix_stat and %3f [Orabug: 36904263][CVE-2024-38474][CVE-2024-38475]
- mod_proxy: validate hostname [Orabug: 36904263][CVE-2024-38477]

Thu May 25 2023 John Mcwalters <john.mcwalters@oracle.com> - 2.4.6-99.1.0.1

- mod_proxy: ap_proxy_http_request() to clear hop-by-hop first and
  fixup last [CVE-2022-31813][Orabug: 34381850]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]
- replace index.html with Oracle's index page oracle_index.html

Thu Apr 27 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-99.1
```
- Resolves: #2190143 - mod_rewrite regression with CVE-2023-25690
```

Tue Mar 21 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.7

- Resolves: #2177742 - CVE-2023-25690 httpd: HTTP request splitting with
  mod_rewrite and mod_proxy

Wed Dec 07 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.6

- Resolves: #2101997 - HEAD request with a 404 and custom ErrorPage causes
  corrupt and mixed-up responses

Tue Mar 22 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.5

- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling
  vulnerability in Apache HTTP Server 2.4.52 and earlier

Mon Jan 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.4

- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via
  malformed requests
- Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in
  ap_escape_quotes() via malicious input
- Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session

Mon Jan 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.3

- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow
  when parsing multipart content

Mon Oct 25 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.2

- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix