mod_ssl-2.4.62-7.el9 RPM for x86_64

From CentOS Stream 9 AppStream for x86_64

The mod_ssl module provides strong cryptography for the Apache HTTP
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols.

Provides

• mod_ssl
• config(mod_ssl)
• mod_ssl(x86-64)

Requires

• /usr/bin/bash
• /usr/bin/hostname
• /usr/bin/sh
• config(mod_ssl) = 1:2.4.62-7.el9
• httpd-core = 0:2.4.62-7.el9
• httpd-filesystem
• httpd-mmn = 20120211x8664
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)
• sscg >= 3.0.0-7

License

ASL 2.0

Changelog

* Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7
  - Resolves: RHEL-99815 - stickysession field does not work when specifying
    it in the query parameter after upgrade to 9.5
  - Resolves: RHEL-99953 - httpd: HTTP Session Hijack via a TLS
    upgrade (CVE-2025-49812)
  - Resolves: RHEL-99968 - httpd: access control bypass by trusted
    clients is possible using TLS 1.3 session resumption (CVE-2025-23048)
  - Resolves: RHEL-99977 - httpd: insufficient escaping of user-supplied
    data in mod_ssl (CVE-2024-47252)
* Tue Jul 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-6
  - Resolves: RHEL-94562 - httpd 2.4.62: mod_proxy_connect prematurely closes
    connections
* Fri Jun 06 2025 Joe Orton  <jorton@redhat.com> - 2.4.62-5
  - mod_dav: add dav_get_base_path() API
  - Resolves: RHEL-41069
* Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
  - Resolves: RHEL-66488 - Apache HTTPD no longer parse PHP files with unicode
    characters in the name
* Thu Jan 09 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
  - Resolves: RHEL-68660 - RewriteRule proxying to UDS (unix domain socket)
    configured in .htaccess doesn't work on httpd-2.4.62-1
* Thu Sep 12 2024 Joe Orton <jorton@redhat.com> - 2.4.62-2
  - mod_ssl: fix loading keys via ENGINE API
    Resolves: RHEL-36755
* Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
  - new version 2.4.62
  - Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix
* Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-7
  - Resolves: RHEL-49856: htcacheclean.service missing [Install] section
* Thu May 30 2024 Joe Orton <jorton@redhat.com> - 2.4.59-6
  - mod_ssl: restore SSL_OP_NO_RENEGOTIATE support
    Related: RHEL-14668
* Tue May 21 2024 Joe Orton <jorton@redhat.com> - 2.4.59-5
  - mod_ssl: defer ENGINE_finish() calls to a cleanup
    Resolves: RHEL-36755
* Mon May 20 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-4
  - Resolves: RHEL-6575 - [RFE] httpd use systemd-sysusers
* Wed May 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-3
  - Related: RHEL-14668 - RFE: httpd rebase to 2.4.59
* Wed May 08 2024 Joe Orton <jorton@redhat.com> - 2.4.59-2
  - Resolves: RHEL-35870 - httpd mod_cgi/cgid unification
* Fri May 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-1
  - new version 2.4.59
  - Resolves: RHEL-14668 - RFE: httpd rebase to 2.4.59
  - Resolves: RHEL-31856 - httpd: HTTP response splitting
    (CVE-2023-38709)
  - Resolves: RHEL-31859 - httpd: HTTP Response Splitting in multiple
    modules (CVE-2024-24795)
* Wed Feb 07 2024 Joe Orton <jorton@redhat.com> - 2.4.57-8
  - mod_xml2enc: fix media type handling
    Resolves: RHEL-17686
  - mod_dav: add DavBasePath
    Resolves: RHEL-6600
* Mon Feb 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-7
  - Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read
    vulnerability (CVE-2023-31122)
* Wed Oct 04 2023 Joe Orton <jorton@redhat.com> - 2.4.57-6
  - Resolves: RHEL-5071 - mod_dav_fs: add DavLockDBType
  - mod_dav_fs: add global mutex around lockdb interaction

Files

/etc/httpd/conf.d/ssl.conf
/etc/httpd/conf.modules.d/00-ssl.conf
/usr/lib/.build-id
/usr/lib/.build-id/7d/54d0188c919c03ae818084474dc8787201a2ef
/usr/lib/systemd/system/httpd-init.service
/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf
/usr/lib64/httpd/modules/mod_ssl.so
/usr/libexec/httpd-ssl-gencerts
/usr/libexec/httpd-ssl-pass-dialog
/usr/share/man/man8/httpd-init.service.8.gz
/var/cache/httpd/ssl

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Oct 21 05:05:26 2025