httpd-tools-2.4.57-11.el9_4 RPM for x86_64

From AlmaLinux 9.4 AppStream for x86_64

The httpd-tools package contains tools which can be used with
the Apache HTTP Server.

Provides

• httpd-tools
• httpd-tools(x86-64)

Requires

• libapr-1.so.0()(64bit)
• libaprutil-1.so.0()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libcrypt.so.2()(64bit)
• libcrypt.so.2(XCRYPT_2.0)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libexpat.so.1()(64bit)
• libm.so.6()(64bit)
• libm.so.6(GLIBC_2.2.5)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

ASL 2.0

Changelog

* Thu Jul 04 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-11
  - Resolves: RHEL-45792 -  httpd: Encoding problem in
    mod_proxy (CVE-2024-38473)
* Wed Jul 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-9
  - Resolves: RHEL-45766 -  httpd: null pointer dereference in
    mod_proxy (CVE-2024-38477)
  - Resolves: RHEL-45749 - httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)
  - Resolves: RHEL-45818 - httpd: Substitution encoding issue in
    mod_rewrite (CVE-2024-38474)
  - Resolves: RHEL-45771 - httpd: Improper escaping of output in
    mod_rewrite (CVE-2024-38475)
* Wed Feb 07 2024 Joe Orton <jorton@redhat.com> - 2.4.57-8
  - mod_xml2enc: fix media type handling
    Resolves: RHEL-17686
  - mod_dav: add DavBasePath
    Resolves: RHEL-6600
* Mon Feb 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-7
  - Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read
    vulnerability (CVE-2023-31122)
* Wed Oct 04 2023 Joe Orton <jorton@redhat.com> - 2.4.57-6
  - Resolves: RHEL-5071 - mod_dav_fs: add DavLockDBType
  - mod_dav_fs: add global mutex around lockdb interaction
* Thu Jul 20 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-5
  - Fix issue found by covscan
  - Related: #2222001
* Tue Jul 18 2023 Joe Orton <jorton@redhat.com> - 2.4.57-4
  - Resolves: #2217726 - Make PROPFIND tolerant of deletion race
* Tue Jul 11 2023 Tomas Korbar <tkorbar@redhat.com> - 2.4.57-3
  - Resolves: #2222001 - mod_status lists BusyWorkers IdleWorkers keys twice
* Fri Apr 14 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-2
  - Resolves: #2186645 - Fix issue found by covscan in httpd package
  - Resolves: #2173295 - Include Apache httpd module mod_authnz_fcgi
* Tue Apr 11 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-1
  - Resolves: #2184403 - rebase httpd to 2.4.57
  - Resolves: #2177753 - CVE-2023-25690 httpd: HTTP request splitting with
    mod_rewrite and mod_proxy
* Mon Jan 30 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-11
  - Resolves: #2162500 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write
    of zero byte
  - Resolves: #2162486 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
  - Resolves: #2162510 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request
    smuggling
* Tue Jan 24 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-10
  - Resolves: #2160667 - prevent sscg creating /dhparams.pem
* Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-9
  - Resolves: #2143176 - Dependency from mod_http2 on httpd broken
* Tue Dec 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-8
  - Resolves: #2151313 - reduce AH03408 log level from WARNING to INFO
* Wed Jul 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7
  - Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request
    smuggling
  - Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in 
    ap_strcmp_match()
  - Resolves: #2098248 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped
    by hop-by-hop mechanism
  - Resolves: #2097016 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite()
  - Resolves: #2097452 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody
  - Resolves: #2097459 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability
  - Resolves: #2097481 - CVE-2022-30556 httpd: mod_lua: Information disclosure
    with websockets

Files

/usr/bin/ab
/usr/bin/htdbm
/usr/bin/htdigest
/usr/bin/htpasswd
/usr/bin/httxt2dbm
/usr/bin/logresolve
/usr/lib/.build-id
/usr/lib/.build-id/35
/usr/lib/.build-id/35/9138486808c9784cd3a2dc7d29026d4bd1045a
/usr/lib/.build-id/6e/43e085fc1914d72b288e6c2505f9d7c8cc944f
/usr/lib/.build-id/75/357e9399055c8a90559836ade75f51b8b11101
/usr/lib/.build-id/98/6eef0402b44ec1d685c020a81798f809e05340
/usr/lib/.build-id/b0
/usr/lib/.build-id/b0/e69dbcd2edba10a7195a40ae55ee401bc2363a
/usr/lib/.build-id/f5
/usr/lib/.build-id/f5/69a2faee4871db8ce05c53b98bda649dcb195c
/usr/share/doc/httpd-tools
/usr/share/doc/httpd-tools/LICENSE
/usr/share/doc/httpd-tools/NOTICE
/usr/share/man/man1/ab.1.gz
/usr/share/man/man1/htdbm.1.gz
/usr/share/man/man1/htdigest.1.gz
/usr/share/man/man1/htpasswd.1.gz
/usr/share/man/man1/httxt2dbm.1.gz
/usr/share/man/man1/logresolve.1.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Nov 9 08:20:29 2024