httpd-2.4.63-1.el10_0.2 RPM for s390x

From AlmaLinux 10.0 AppStream for s390x

The Apache HTTP Server is a powerful, efficient, and extensible
web server.

Provides

• httpd
• config(httpd)
• httpd(s390-64)
• webserver

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• config(httpd) = 2.4.63-1.el10_0.2
• httpd-core = 0:2.4.63-1.el10_0.2
• libbrotlienc.so.1()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.2)(64bit)
• libc.so.6(GLIBC_2.38)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libselinux.so.1()(64bit)
• libselinux.so.1(LIBSELINUX_1.0)(64bit)
• libsystemd.so.0()(64bit)
• libsystemd.so.0(LIBSYSTEMD_209)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)
• system-logos(httpd-logo-ng)
• systemd
• systemd
• systemd

License

Apache-2.0 AND (BSD-3-Clause AND metamail AND HPND-sell-variant AND Spencer-94)

Changelog

* Tue Jul 15 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-1.2
  - Resolves: RHEL-99944 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade
  - Resolves: RHEL-99969 - CVE-2024-47252 httpd: insufficient escaping of
    user-supplied data in mod_ssl
  - Resolves: RHEL-99961 - CVE-2025-23048 httpd: access control bypass by trusted
    clients is possible using TLS 1.3 session resumption
  - Resolves: RHEL-103623 - stickysession field does not work when specifying it
    in the query parameter after upgrade to 9.5
* Mon Jan 27 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-1
  - new version 2.4.63
  - Resolves: RHEL-76358 - httpd rebase to 2.4.63
  - Resolves: RHEL-73414 - RewriteRule proxying to UDS (unix domain socket)
    configured in .htaccess doesn't work on httpd-2.4.62-1
  - Resolves: RHEL-66489 - Apache HTTPD no longer parse PHP files with unicode
    characters in the name
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.4.62-5
  - Bump release for October 2024 mass rebuild:
    Resolves: RHEL-64018
* Mon Aug 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
  - Resolves: RHEL-50031 - httpd default config changes
* Thu Aug 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
  - Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen
  - Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from
    httpd mod_proxy_wstunnel
* Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-2
  - Resolves: RHEL-52722 - Regression introduced by CVE-2024-38474 fix
* Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
  - new version 2.4.62
  - Resolves: RHEL-33446
* Wed Jul 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.61-1
  - new version 2.4.61
  - Resolves: RHEL-45753 - httpd: Potential SSRF in 
    mod_rewrite (CVE-2024-39573)
  - Resolves: RHEL-45757 - httpd: null pointer dereference in
    mod_proxy (CVE-2024-38477)
  - Resolves: RHEL-45776 - httpd: Improper escaping of output in
    mod_rewrite (CVE-2024-38475)
  - Resolves: RHEL-45791 - httpd: Encoding problem in 
    mod_proxy (CVE-2024-38473)
  - Resolves: RHEL-45811 - httpd: Substitution encoding issue in 
    mod_rewrite (CVE-2024-38474)
  - Resolves: RHEL-46051 - httpd: Security issues via backend applications 
    whose response headers are malicious or exploitable (CVE-2024-38476)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.4.59-4.4
  - Bump release for June 2024 mass rebuild
* Thu May 23 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3.4
  - mod_ssl: disable ENGINE support
    Resolves: RHEL-33734
* Fri May 17 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3.2
  - mod_ssl: use SSL_OP_NO_RENEGOTIATION
* Fri May 03 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3.1
  - apachectl(8): use BUG_REPORT_URL from /etc/os-release
  - apachectl(8): fix grammar (#2278748)
  - httpd.service.xml(8): mention ProtectSystem= setting
* Wed May 01 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3
  - add ServerTokens: Full-Release support
* Mon Apr 15 2024 Joe Orton <jorton@redhat.com> - 2.4.59-2
  - mod_ssl: add DH param handling fix (r1916863)
* Fri Apr 05 2024 Joe Orton <jorton@redhat.com> - 2.4.59-1
  - update to 2.4.59
* Thu Mar 28 2024 Joe Orton <jorton@redhat.com> - 2.4.58-8
  - rebuild to fix changelog ordering
* Thu Mar 07 2024 Rahul Sundaram <sundaram@fedoraproject.org> - 2.4.58-7
  - Update Systemd security settings as part of https://fedoraproject.org/wiki/Changes/SystemdSecurityHardening
  - updated httpd.service(5) (Joe Orton)
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.58-6
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jan 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.58-5
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 05 2024 Joe Orton <jorton@redhat.com> - 2.4.58-4
  - fix OpenSSL 3.0 deprecation warnings (r1913912, r1915067)
  - mod_ssl: move to provider API for pkcs11 support (#2253014)
* Fri Dec 08 2023 Joe Orton <jorton@redhat.com> - 2.4.58-3
  - mod_dav_fs: add DAVLockDBType, use global lock around lockdb
  - fix build with libxml2 2.12
* Thu Nov 02 2023 Joe Orton <jorton@redhat.com> - 2.4.58-2
  - add dependency on apr-util-1(dbm) so a DBM provider is present
* Fri Oct 20 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.58-1
  - new version 2.4.58
* Fri Oct 06 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-4
  - SPDX migration
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.57-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

Files

/etc/httpd/conf.modules.d/00-brotli.conf
/etc/httpd/conf.modules.d/00-systemd.conf
/usr/lib/.build-id
/usr/lib/.build-id/14
/usr/lib/.build-id/14/0d13a2d5113e3e3fb81fce63b6b2368d7fa227
/usr/lib/.build-id/32
/usr/lib/.build-id/32/b28b29afe35bb782a6199733312cf40a9a3535
/usr/lib/systemd/system/htcacheclean.service
/usr/lib/systemd/system/httpd.service
/usr/lib/systemd/system/httpd.socket
/usr/lib/systemd/system/httpd@.service
/usr/lib64/httpd/modules/mod_brotli.so
/usr/lib64/httpd/modules/mod_systemd.so
/usr/share/man/man5/httpd.conf.5.gz
/usr/share/man/man8/apachectl.8.gz
/usr/share/man/man8/fcgistarter.8.gz
/usr/share/man/man8/htcacheclean.8.gz
/usr/share/man/man8/htcacheclean.service.8.gz
/usr/share/man/man8/httpd.8.gz
/usr/share/man/man8/httpd.service.8.gz
/usr/share/man/man8/httpd.socket.8.gz
/usr/share/man/man8/httpd@.service.8.gz
/usr/share/man/man8/rotatelogs.8.gz
/usr/share/man/man8/suexec.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Oct 23 06:36:23 2025