| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: mod_proxy_html | Distribution: AlmaLinux |
| Version: 2.4.63 | Vendor: AlmaLinux |
| Release: 13.el10_2.1 | Build date: Thu May 28 01:27:28 2026 |
| Group: Unspecified | Build host: arm64-builder01.almalinux.org |
| Size: 138206 | Source RPM: httpd-2.4.63-13.el10_2.1.src.rpm |
| Packager: AlmaLinux Packaging Team <packager@almalinux.org> | |
| Url: https://httpd.apache.org/ | |
| Summary: HTML and XML content filters for the Apache HTTP Server | |
The mod_proxy_html and mod_xml2enc modules provide filters which can transform and modify HTML and XML content.
Apache-2.0 AND (BSD-3-Clause AND metamail AND HPND-sell-variant AND Spencer-94)
* Mon May 11 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-13.1
- Resolves: RHEL-173549 - httpd: Apache HTTP Server mod_proxy_ajp: Arbitrary
code execution via heap-based buffer overflow (CVE-2026-28780)
- Resolves: RHEL-175065 - httpd: NULL pointer dereference can cause a child
process crash (CVE-2026-33007)
- Resolves: RHEL-175095 - httpd: off-by-one out-of-bounds reads in AJP getter
functions (CVE-2026-33857)
- Resolves: RHEL-175039 - httpd: heap-based buffer over-read due to missing
null-termination check (CVE-2026-34032)
- Resolves: RHEL-175050 - httpd: heap-based buffer over-read and memory
disclosure in ajp_parse_data() (CVE-2026-34059)
* Thu Feb 12 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-13
- Resolves: RHEL-145713 - [RFE] Need miliseconds time stamp in ErrorLogFormat
* Fri Jan 02 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-12
- Resolves: RHEL-135053 - httpd: Apache HTTP Server: mod_userdir+suexec bypass
via AllowOverride FileInfo (CVE-2025-66200)
- Resolves: RHEL-135036 - httpd: Apache HTTP Server: CGI environment variable
override (CVE-2025-65082)
- Resolves: RHEL-134468 - httpd: Apache HTTP Server: Server Side Includes adds
query string to #exec cmd=... (CVE-2025-58098)
* Thu Dec 18 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-11
- Resolves: RHEL-131829 - Fix error page messaging when error handling fails
* Thu Nov 06 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-10
- Resolves: RHEL-125880 - mod_ssl: allow more fine grained SSL SNI vhost check
to avoid unnecessary 421 errors after CVE-2025-23048 fix
* Fri Oct 24 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-6
- Resolves: RHEL-122290 - mod_proxy_hcheck may stop healthchecks after a child
process is reclaimed
* Mon Sep 08 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-5
- Resolves: RHEL-92663 - Image mode: The dir /var/www is not created when
updating system in image mode
* Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-4
- Resolves: RHEL-99945 - httpd: HTTP Session Hijack via a TLS
upgrade (CVE-2025-49812)
- Resolves: RHEL-99962 - httpd: access control bypass by trusted clients
is possible using TLS 1.3 session resumption (CVE-2025-23048)
- Resolves: RHEL-99970 - httpd: insufficient escaping of user-supplied
data in mod_ssl (CVE-2024-47252)
- Resolves: RHEL-103489 - stickysession field does not work when
specifying it in the query parameter after upgrade to 9.5
* Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-3
- Resolves: RHEL-106043 - httpd 2.4.62: mod_proxy_connect prematurely closes
connections
* Thu Jul 24 2025 Joe Orton <jorton@redhat.com> - 2.4.63-2
- mod_dav: add dav_get_base_path() API
Resolves: RHEL-105255
* Mon Jan 27 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-1
- new version 2.4.63
- Resolves: RHEL-76358 - httpd rebase to 2.4.63
- Resolves: RHEL-73414 - RewriteRule proxying to UDS (unix domain socket)
configured in .htaccess doesn't work on httpd-2.4.62-1
- Resolves: RHEL-66489 - Apache HTTPD no longer parse PHP files with unicode
characters in the name
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.4.62-5
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Mon Aug 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-50031 - httpd default config changes
* Thu Aug 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen
- Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from
httpd mod_proxy_wstunnel
* Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-2
- Resolves: RHEL-52722 - Regression introduced by CVE-2024-38474 fix
* Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-33446
* Wed Jul 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.61-1
- new version 2.4.61
- Resolves: RHEL-45753 - httpd: Potential SSRF in
mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45757 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45776 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45791 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45811 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-46051 - httpd: Security issues via backend applications
whose response headers are malicious or exploitable (CVE-2024-38476)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.4.59-4.4
- Bump release for June 2024 mass rebuild
* Thu May 23 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3.4
- mod_ssl: disable ENGINE support
Resolves: RHEL-33734
* Fri May 17 2024 Joe Orton <jorton@redhat.com> - 2.4.59-3.2
- mod_ssl: use SSL_OP_NO_RENEGOTIATION
/etc/httpd/conf.modules.d/00-proxyhtml.conf /usr/lib/.build-id /usr/lib/.build-id/bb/69b7abcab8a7958f957b4a5de87196ffa7af8d /usr/lib/.build-id/ee/8bf5bab0ef7c6ac991f315842082c273298460 /usr/lib64/httpd/modules/mod_proxy_html.so /usr/lib64/httpd/modules/mod_xml2enc.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri May 29 05:12:01 2026