[ol7_optional_latest] mod_ldap-2.4.6-99.0.1.el7_9.1.aarch64

Name:	mod_ldap
Version:	2.4.6
Release:	99.0.1.el7_9.1
Architecture:	aarch64
Group:	System Environment/Daemons
Size:	203685
License:	ASL 2.0
RPM:	mod_ldap-2.4.6-99.0.1.el7_9.1.aarch64.rpm
Source RPM:	httpd-2.4.6-99.0.1.el7_9.1.src.rpm
Build Date:	Thu May 25 2023
Build Host:	build-ol7-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://httpd.apache.org/
Summary:	LDAP authentication modules for the Apache HTTP Server
Description:	The mod_ldap and mod_authnz_ldap modules add support for LDAP authentication to the Apache HTTP Server.

Changelog (Show File list) (Show related packages)

Thu May 25 2023 John Mcwalters <john.mcwalters@oracle.com> - 2.4.6-99.1.0.1

- mod_proxy: ap_proxy_http_request() to clear hop-by-hop first and
  fixup last [CVE-2022-31813][Orabug: 34381850]
- mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690]
- replace index.html with Oracle's index page oracle_index.html

Thu Apr 27 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-99.1
```
- Resolves: #2190143 - mod_rewrite regression with CVE-2023-25690
```

Tue Mar 21 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.7

- Resolves: #2177742 - CVE-2023-25690 httpd: HTTP request splitting with
  mod_rewrite and mod_proxy

Wed Dec 07 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.6

- Resolves: #2101997 - HEAD request with a 404 and custom ErrorPage causes
  corrupt and mixed-up responses

Tue Mar 22 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.5

- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling
  vulnerability in Apache HTTP Server 2.4.52 and earlier

Mon Jan 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.4

- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via
  malformed requests
- Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in
  ap_escape_quotes() via malicious input
- Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session

Mon Jan 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.3

- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow
  when parsing multipart content

Mon Oct 25 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.2

- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix

Thu Oct 07 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-97.1

- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted
  request uri-path containing "unix:"

Wed Oct 07 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-97

- Resolves: #1852350 - httpd/mod_proxy_http/mod_ssl aborted when sending
  a client cert to backend server
- Resolves: #1785100 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout
- Resolves: #1862499 - Intermittent Segfault in Apache httpd due to pool
  concurrency issues