import UBI httpd-2.4.62-13.el9

.gitignore

@@ -1,2 +1,3 @@
+SOURCES/KEYS
 SOURCES/apache-poweredby.png
 SOURCES/httpd-2.4.62.tar.bz2

.httpd.metadata

@@ -1,2 +1,3 @@
+b2457e3ce46a7634bf9272a92b4214974b9bc9e0 SOURCES/KEYS
 3a7449d6cff00e5ccb3ed8571f34c0528555d38f SOURCES/apache-poweredby.png
 c968e2a0e556a8d3b7f6d6fc9732ddc456b5c229 SOURCES/httpd-2.4.62.tar.bz2

SOURCES/httpd-2.4.62-err-page-handling.patch

@@ -0,0 +1,74 @@
+From d56df32f2cb71de3762747aec70bef03d79096b6 Mon Sep 17 00:00:00 2001
+From: Jean-Frederic Clere <jfclere@gmail.com>
+Date: Tue, 5 Mar 2024 10:34:50 +0100
+Subject: [PATCH] When the error is broken (like missing error file) make sure
+ the error displays the right method and the correct Additionally message.
+
+---
+ modules/http/http_protocol.c | 11 +++++++----
+ modules/http/http_request.c  |  1 +
+ 2 files changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c
+index f1ed1f6cc20..fbec4e61c65 100644
+--- a/modules/http/http_protocol.c
++++ b/modules/http/http_protocol.c
+@@ -963,6 +963,9 @@ static const char *get_canned_error_string(int status,
+ {
+     apr_pool_t *p = r->pool;
+     const char *error_notes, *h1, *s1;
++    const char *method = r->method;
++    if (r->subprocess_env && apr_table_get(r->subprocess_env, "REQUEST_METHOD"))
++        method =  apr_table_get(r->subprocess_env, "REQUEST_METHOD");
+ 
+     switch (status) {
+     case HTTP_MOVED_PERMANENTLY:
+@@ -1007,7 +1010,7 @@ static const char *get_canned_error_string(int status,
+     case HTTP_METHOD_NOT_ALLOWED:
+         return(apr_pstrcat(p,
+                            "<p>The requested method ",
+-                           ap_escape_html(r->pool, r->method),
++                           ap_escape_html(r->pool, method),
+                            " is not allowed for this URL.</p>\n",
+                            NULL));
+     case HTTP_NOT_ACCEPTABLE:
+@@ -1020,7 +1023,7 @@ static const char *get_canned_error_string(int status,
+     case HTTP_LENGTH_REQUIRED:
+         s1 = apr_pstrcat(p,
+                          "<p>A request of the requested method ",
+-                         ap_escape_html(r->pool, r->method),
++                         ap_escape_html(r->pool, method),
+                          " requires a valid Content-length.<br />\n",
+                          NULL);
+         return(add_optional_notes(r, s1, "error-notes", "</p>\n"));
+@@ -1030,7 +1033,7 @@ static const char *get_canned_error_string(int status,
+     case HTTP_NOT_IMPLEMENTED:
+         s1 = apr_pstrcat(p,
+                          "<p>",
+-                         ap_escape_html(r->pool, r->method),
++                         ap_escape_html(r->pool, method),
+                          " not supported for current URL.<br />\n",
+                          NULL);
+         return(add_optional_notes(r, s1, "error-notes", "</p>\n"));
+@@ -1052,7 +1055,7 @@ static const char *get_canned_error_string(int status,
+     case HTTP_REQUEST_ENTITY_TOO_LARGE:
+         return(apr_pstrcat(p,
+                            "The requested resource does not allow request data with ",
+-                           ap_escape_html(r->pool, r->method),
++                           ap_escape_html(r->pool, method),
+                            " requests, or the amount of data provided in\n"
+                            "the request exceeds the capacity limit.\n",
+                            NULL));
+diff --git a/modules/http/http_request.c b/modules/http/http_request.c
+index cb7af9cafb1..115f7035cf1 100644
+--- a/modules/http/http_request.c
++++ b/modules/http/http_request.c
+@@ -127,6 +127,7 @@ static void ap_die_r(int type, request_rec *r, int recursive_error)
+              */
+             update_r_in_filters(r_1st_err->proto_output_filters, r, r_1st_err);
+             update_r_in_filters(r_1st_err->input_filters, r, r_1st_err);
++            recursive_error = type;
+         }
+ 
+         custom_response = NULL; /* Do NOT retry the custom thing! */
+

SOURCES/httpd-2.4.62-r1931452.patch

@@ -0,0 +1,112 @@
+From d56527579e6a56ebfc265f3a059694a58e7e8c71 Mon Sep 17 00:00:00 2001
+From: Joe Orton <jorton@apache.org>
+Date: Wed, 21 Jan 2026 11:05:12 +0000
+Subject: [PATCH] core: Add millisecond support to ErrorLogFormat time
+ specifiers
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+%{m} prints the timestamp in millisecond-resolution.
+
+* include/util_time.h:
+  Define new AP_CTIME_OPTION_MSEC option for printing time in milliseconds
+  format.
+
+* server/util_time.c (ap_recent_ctime_ex):
+  Handle AP_CTIME_OPTION_MSEC to print time in a millisecond format.
+
+* server/log.c (log_ctime):
+  Recognize the m time option in both fast-path and composite %{...}t formats.
+
+Submitted by: Luboš Uhliarik <luhliari redhat.com>
+Github: closes #597
+
+
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1931452 13f79535-47bb-0310-9956-ffa450edef68
+---
+ include/util_time.h          |  2 ++
+ server/log.c                 |  8 +++++++-
+ server/util_time.c           | 17 +++++++++++++++--
+ 5 files changed, 30 insertions(+), 3 deletions(-)
+ create mode 100644 changes-entries/log-msec.txt
+
+diff --git a/include/util_time.h b/include/util_time.h
+index 1ba6353c025..c149e52166a 100644
+--- a/include/util_time.h
++++ b/include/util_time.h
+@@ -49,6 +49,8 @@ extern "C" {
+ #define AP_CTIME_OPTION_COMPACT 0x2
+ /* Add timezone offset from GMT ([+-]hhmm) */
+ #define AP_CTIME_OPTION_GMTOFF  0x4
++/* Add sub second timestamps with millisecond resolution */
++#define AP_CTIME_OPTION_MSEC    0x8
+ 
+ 
+ /**
+diff --git a/server/log.c b/server/log.c
+index 91dcf2c3eb0..d5236f45f86 100644
+--- a/server/log.c
++++ b/server/log.c
+@@ -585,9 +585,15 @@ static int log_ctime(const ap_errorlog_info *info, const char *arg,
+         if (arg[0] == 'u' && !arg[1]) { /* no ErrorLogFormat (fast path) */
+             option |= AP_CTIME_OPTION_USEC;
+         }
+-        else if (!ap_strchr_c(arg, '%')) { /* special "%{cuz}t" formats */
++        else if (arg[0] == 'm' && !arg[1]) { /* no ErrorLogFormat (fast path) - msec */
++            option |= AP_CTIME_OPTION_MSEC;
++        }
++        else if (!ap_strchr_c(arg, '%')) { /* special "%{mcuz}t" formats */
+             while (*arg) {
+                 switch (*arg++) {
++                case 'm':
++                    option |= AP_CTIME_OPTION_MSEC;
++                    break;
+                 case 'u':
+                     option |= AP_CTIME_OPTION_USEC;
+                     break;
+diff --git a/server/util_time.c b/server/util_time.c
+index 8dcf2fb293f..020fced8b10 100644
+--- a/server/util_time.c
++++ b/server/util_time.c
+@@ -24,6 +24,11 @@
+  *   */
+ #define AP_CTIME_USEC_LENGTH      7
+ 
++/* Number of characters needed to format the millisecond part of a timestamp.
++ * Milliseconds have 3 digits plus one separator character makes 4.
++ *   */
++#define AP_CTIME_MSEC_LENGTH      4
++
+ /* Length of ISO 8601 date/time (including trailing '\0') */
+ #define AP_CTIME_COMPACT_LEN      20
+ 
+@@ -184,6 +189,9 @@ AP_DECLARE(apr_status_t) ap_recent_ctime_ex(char *date_str, apr_time_t t,
+     if (option & AP_CTIME_OPTION_USEC) {
+         needed += AP_CTIME_USEC_LENGTH;
+     }
++    else if (option & AP_CTIME_OPTION_MSEC) {
++        needed += AP_CTIME_MSEC_LENGTH;
++    }
+ 
+     if (option & AP_CTIME_OPTION_GMTOFF) {
+         needed += AP_CTIME_GMTOFF_LEN;
+@@ -244,11 +252,16 @@ AP_DECLARE(apr_status_t) ap_recent_ctime_ex(char *date_str, apr_time_t t,
+     *date_str++ = ':';
+     *date_str++ = xt.tm_sec / 10 + '0';
+     *date_str++ = xt.tm_sec % 10 + '0';
+-    if (option & AP_CTIME_OPTION_USEC) {
++    if (option & (AP_CTIME_OPTION_USEC|AP_CTIME_OPTION_MSEC)) {
+         int div;
+         int usec = (int)xt.tm_usec;
+         *date_str++ = '.';
+-        for (div=100000; div>0; div=div/10) {
++        div = 100000;
++        if (!(option & AP_CTIME_OPTION_USEC)) {
++            usec = usec / 1000;
++            div = 100;
++        }
++        for (; div>0; div=div/10) {
+             *date_str++ = usec / div + '0';
+             usec = usec % div;
+         }

SOURCES/httpd.tmpfiles

@@ -1,2 +1,9 @@
 d /run/httpd   710 root apache
 d /run/httpd/htcacheclean   700 apache apache
+d /var/log/httpd 700 root root -
+d /var/www       755 root root -
+d /var/www/html  755 root root -
+d /var/www/cgi-bin 755 root root -
+d /var/lib/httpd 700 apache apache -
+d /var/cache/httpd 700 apache apache -
+d /var/cache/httpd/proxy 700 apache apache -

SPECS/httpd.spec

@@ -14,7 +14,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.62
-Release: 7%{?dist}.3
+Release: 13%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@@ -94,6 +94,8 @@ Patch35: httpd-2.4.57-r1912477+.patch
 Patch36: httpd-2.4.62-r1926064.patch
 # https://issues.redhat.com/browse/RHEL-106043
 Patch37: httpd-2.4.62-r1926317.patch
+# https://issues.redhat.com/browse/RHEL-129692
+Patch38: httpd-2.4.62-r1931452.patch
 
 # Bug fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=1397243
@@ -112,6 +114,8 @@ Patch105: httpd-2.4.62-r1922080.patch
 Patch106: httpd-2.4.62-r1926107.patch
 # https://issues.redhat.com/browse/RHEL-105446
 Patch107: httpd-2.4.62-hcheck-stuck.patch
+# https://issues.redhat.com/browse/RHEL-131827
+Patch108: httpd-2.4.62-err-page-handling.patch
 
 # Security fixes
 #
@@ -285,6 +289,7 @@ written in the Lua programming language.
 %patch35 -p1 -b .r1912477+
 %patch36 -p1 -b .r1926064
 %patch37 -p1 -b .r1926317
+%patch38 -p1 -b .r1931452
 
 %patch100 -p1 -b .enable-sslv3
 %patch101 -p1 -b .full-release
@@ -294,6 +299,7 @@ written in the Lua programming language.
 %patch105 -p1 -b .r1922080
 %patch106 -p1 -b .r1926107
 %patch107 -p1 -b .hcheck-stuck
+%patch108 -p1 -b .err-page-handling
 
 %patch200 -p1 -b .CVE-2025-23048
 %patch201 -p1 -b .CVE-2024-47252
@@ -867,23 +873,33 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
-* Fri Dec 12 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7.3
-- Resolves: RHEL-135063 - httpd: Apache HTTP Server: mod_userdir+suexec bypass
+* Thu Feb 12 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-13
+- Resolves: RHEL-129692 - [RFE] Need miliseconds time stamp in ErrorLogFormat
+
+* Thu Jan 08 2026 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-12
+- Resolves: RHEL-135064 - httpd: Apache HTTP Server: mod_userdir+suexec bypass
   via AllowOverride FileInfo (CVE-2025-66200)
-- Resolves: RHEL-135048 - httpd: Apache HTTP Server: CGI environment variable
+- Resolves: RHEL-135049 - httpd: Apache HTTP Server: CGI environment variable
   override (CVE-2025-65082)
-- Resolves: RHEL-134480 - httpd: Apache HTTP Server: Server Side Includes adds
+- Resolves: RHEL-134481 - httpd: Apache HTTP Server: Server Side Includes adds
   query string to #exec cmd=... (CVE-2025-58098)
 
-* Wed Nov 12 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7.2
-- Resolves: RHEL-123850 - mod_proxy_hcheck may stop healthchecks after a child
-  process is reclaimed
+* Fri Dec 19 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-11
+- Resolves: RHEL-131827 - Fix error page messaging when error handling fails
 
-* Tue Nov 11 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7.1
-- Resolves: RHEL-125884 - mod_ssl: allow more fine grained SSL SNI vhost check
+* Thu Nov 06 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-10
+- Resolves: RHEL-119000 - mod_ssl: allow more fine grained SSL SNI vhost check
   to avoid unnecessary 421 errors after CVE-2025-23048 fix
 - mod_ssl: add conf.d/snipolicy.conf to set 'SSLVHostSNIPolicy authonly' default
 
+* Fri Oct 24 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-9
+- Resolves: RHEL-105446 - mod_proxy_hcheck may stop healthchecks after a child
+  process is reclaimed
+
+* Mon Oct 13 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-8
+- Resolves: RHEL-114501 Image mode: The dir /var/www is not created when
+  updating system in image mode
+
 * Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7
 - Resolves: RHEL-99815 - stickysession field does not work when specifying
   it in the query parameter after upgrade to 9.5