| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: httpd-tools | Distribution: CentOS |
| Version: 2.4.63 | Vendor: CentOS |
| Release: 14.el10 | Build date: Mon Jun 1 15:24:08 2026 |
| Group: Unspecified | Build host: s390-07.stream.rdu2.redhat.com |
| Size: 193825 | Source RPM: httpd-2.4.63-14.el10.src.rpm |
| Packager: builder@centos.org | |
| Url: https://httpd.apache.org/ | |
| Summary: Tools for use with the Apache HTTP Server | |
The httpd-tools package contains tools which can be used with the Apache HTTP Server.
Apache-2.0 AND (BSD-3-Clause AND metamail AND HPND-sell-variant AND Spencer-94)
* Fri May 29 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-14
- Resolves: RHEL-173559 - httpd: Apache HTTP Server mod_proxy_ajp: Arbitrary
code execution via heap-based buffer overflow (CVE-2026-28780)
- Resolves: RHEL-175064 - httpd: NULL pointer dereference can cause a child
process crash (CVE-2026-33007)
- Resolves: RHEL-175087 - httpd: off-by-one out-of-bounds reads in AJP getter
functions (CVE-2026-33857)
- Resolves: RHEL-175044 - httpd: heap-based buffer over-read due to missing
null-termination check (CVE-2026-34032)
- Resolves: RHEL-175060 - httpd: heap-based buffer over-read and memory
disclosure in ajp_parse_data() (CVE-2026-34059)
* Thu Feb 12 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-13
- Resolves: RHEL-145713 - [RFE] Need miliseconds time stamp in ErrorLogFormat
* Fri Jan 02 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-12
- Resolves: RHEL-135053 - httpd: Apache HTTP Server: mod_userdir+suexec bypass
via AllowOverride FileInfo (CVE-2025-66200)
- Resolves: RHEL-135036 - httpd: Apache HTTP Server: CGI environment variable
override (CVE-2025-65082)
- Resolves: RHEL-134468 - httpd: Apache HTTP Server: Server Side Includes adds
query string to #exec cmd=... (CVE-2025-58098)
* Thu Dec 18 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-11
- Resolves: RHEL-131829 - Fix error page messaging when error handling fails
* Thu Nov 06 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-10
- Resolves: RHEL-125880 - mod_ssl: allow more fine grained SSL SNI vhost check
to avoid unnecessary 421 errors after CVE-2025-23048 fix
* Fri Oct 24 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-6
- Resolves: RHEL-122290 - mod_proxy_hcheck may stop healthchecks after a child
process is reclaimed
* Mon Sep 08 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-5
- Resolves: RHEL-92663 - Image mode: The dir /var/www is not created when
updating system in image mode
* Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-4
- Resolves: RHEL-99945 - httpd: HTTP Session Hijack via a TLS
upgrade (CVE-2025-49812)
- Resolves: RHEL-99962 - httpd: access control bypass by trusted clients
is possible using TLS 1.3 session resumption (CVE-2025-23048)
- Resolves: RHEL-99970 - httpd: insufficient escaping of user-supplied
data in mod_ssl (CVE-2024-47252)
- Resolves: RHEL-103489 - stickysession field does not work when
specifying it in the query parameter after upgrade to 9.5
* Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-3
- Resolves: RHEL-106043 - httpd 2.4.62: mod_proxy_connect prematurely closes
connections
* Thu Jul 24 2025 Joe Orton <jorton@redhat.com> - 2.4.63-2
- mod_dav: add dav_get_base_path() API
Resolves: RHEL-105255
* Mon Jan 27 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.63-1
- new version 2.4.63
- Resolves: RHEL-76358 - httpd rebase to 2.4.63
- Resolves: RHEL-73414 - RewriteRule proxying to UDS (unix domain socket)
configured in .htaccess doesn't work on httpd-2.4.62-1
- Resolves: RHEL-66489 - Apache HTTPD no longer parse PHP files with unicode
characters in the name
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.4.62-5
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Mon Aug 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-50031 - httpd default config changes
* Thu Aug 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen
- Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from
httpd mod_proxy_wstunnel
* Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-2
- Resolves: RHEL-52722 - Regression introduced by CVE-2024-38474 fix
* Fri Jul 19 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1
- new version 2.4.62
- Resolves: RHEL-33446
* Wed Jul 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.61-1
- new version 2.4.61
- Resolves: RHEL-45753 - httpd: Potential SSRF in
mod_rewrite (CVE-2024-39573)
- Resolves: RHEL-45757 - httpd: null pointer dereference in
mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45776 - httpd: Improper escaping of output in
mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45791 - httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45811 - httpd: Substitution encoding issue in
mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-46051 - httpd: Security issues via backend applications
whose response headers are malicious or exploitable (CVE-2024-38476)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.4.59-4.4
- Bump release for June 2024 mass rebuild
/usr/bin/ab /usr/bin/htdbm /usr/bin/htdigest /usr/bin/htpasswd /usr/bin/httxt2dbm /usr/bin/logresolve /usr/lib/.build-id /usr/lib/.build-id/1a /usr/lib/.build-id/1a/bafc1dcbba28b9e69a179698b23bdb120ca827 /usr/lib/.build-id/22/1ddc8c9435673b68eb94047812ce91fe4e9ee0 /usr/lib/.build-id/49 /usr/lib/.build-id/49/2d6878e317a4f09581c47b8d0458162b7e4b79 /usr/lib/.build-id/6b /usr/lib/.build-id/6b/ad2522218bf310f96b81d1d3ab7284f094a90d /usr/lib/.build-id/78/2f4f36a309cab207d6c53b033ed01095d6cc9b /usr/lib/.build-id/e3 /usr/lib/.build-id/e3/09c64202506141dd1803814eefb9b75f876b1a /usr/share/doc/httpd-tools /usr/share/doc/httpd-tools/LICENSE /usr/share/doc/httpd-tools/NOTICE /usr/share/man/man1/ab.1.gz /usr/share/man/man1/htdbm.1.gz /usr/share/man/man1/htdigest.1.gz /usr/share/man/man1/htpasswd.1.gz /usr/share/man/man1/httxt2dbm.1.gz /usr/share/man/man1/logresolve.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jun 16 05:34:52 2026