-
Thu Sep 11 2025 EL Errata <el-errata_ww@oracle.com> - 2.4.62-7.0.1
- Replace index.html with Oracle's index page oracle_index.html.
-
Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7
- Resolves: RHEL-99815 - stickysession field does not work when specifying
it in the query parameter after upgrade to 9.5
- Resolves: RHEL-99953 - httpd: HTTP Session Hijack via a TLS
upgrade (CVE-2025-49812)
- Resolves: RHEL-99968 - httpd: access control bypass by trusted
clients is possible using TLS 1.3 session resumption (CVE-2025-23048)
- Resolves: RHEL-99977 - httpd: insufficient escaping of user-supplied
data in mod_ssl (CVE-2024-47252)
-
Tue Jul 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-6
- Resolves: RHEL-94562 - httpd 2.4.62: mod_proxy_connect prematurely closes
connections
-
Fri Jun 06 2025 Joe Orton <jorton@redhat.com> - 2.4.62-5
- mod_dav: add dav_get_base_path() API
- Resolves: RHEL-41069
-
Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-66488 - Apache HTTPD no longer parse PHP files with unicode
characters in the name
-
Thu Jan 09 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-68660 - RewriteRule proxying to UDS (unix domain socket)
configured in .htaccess doesn't work on httpd-2.4.62-1
-
Thu Sep 12 2024 Joe Orton <jorton@redhat.com> - 2.4.62-2
- mod_ssl: fix loading keys via ENGINE API
Resolves: RHEL-36755
-
Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix
-
Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-7
- Resolves: RHEL-49856: htcacheclean.service missing [Install] section
-
Thu May 30 2024 Joe Orton <jorton@redhat.com> - 2.4.59-6
- mod_ssl: restore SSL_OP_NO_RENEGOTIATE support
Related: RHEL-14668