Commit Graph

20 Commits

Author SHA1 Message Date
Luboš Uhliarik
7c8cd94061 Backport bnotes needed by RHEL-46040 fix
bnotes are actually not bnotes, but it has been slightly modified for
2.4.37 purposes to use r->notes, since bnotes are not available in this
httpd version and we didn't want to break ABI.

Related: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
applications whose response headers are malicious or exploitable (CVE-2024-38476)
2024-08-07 16:15:36 +02:00
Luboš Uhliarik
1ecb24514e Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
applications whose response headers are malicious or exploitable (CVE-2024-38476)
Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix
2024-08-06 17:17:15 +02:00
Luboš Uhliarik
e66a3d328e Add missing patch
Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
in mod_rewrite (CVE-2024-38475)
2024-07-12 13:39:26 +02:00
Luboš Uhliarik
51b23565c0 Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue
in mod_rewrite (CVE-2024-38474)
Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in
  mod_proxy (CVE-2024-38473)
Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
  in mod_rewrite (CVE-2024-38475)
Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference
  in mod_proxy (CVE-2024-38477)
Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF
  in mod_rewrite (CVE-2024-39573)
2024-07-12 00:55:48 +02:00
Luboš Uhliarik
00795d8d53 Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response
splitting (CVE-2023-38709)
2024-06-12 10:00:11 +02:00
Joe Orton
4d9b575bdc Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read
vulnerability (CVE-2023-31122)
2024-02-16 08:44:39 +00:00
Joe Orton
438bab0822 Rebuild for RHEL-14321. 2024-02-14 11:44:18 +00:00
Joe Orton
6f980b047a mod_xml2enc: fix media type handling
Resolves: RHEL-14321
2024-02-14 11:29:06 +00:00
Johnny Hughes
b28aedde41 change for CentOS Stream Branding 2023-08-17 08:58:31 -05:00
Luboš Uhliarik
3292c1f84b Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi
CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked
2023-07-31 14:41:39 +02:00
Tomas Korbar
9c83050d1b Fix issue found by covscan
Related: #2159603
2023-07-20 14:46:38 +02:00
Tomas Korbar
ae3ba5327c Another rebuild because of mistake in workflow
Related: #2159603
2023-07-17 15:58:13 +02:00
Tomas Korbar
073e995011 Rebuild because of mistake in workflow
Related: #2159603
2023-07-17 14:42:37 +02:00
Tomas Korbar
ad9e53b39d Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice 2023-07-17 14:26:59 +02:00
Luboš Uhliarik
40be1a8d11 Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP
response splitting
2023-05-25 18:43:02 +02:00
Brian Stinson
a22322be54 resync
Signed-off-by: Brian Stinson <bstinson@redhat.com>
2023-04-27 18:17:26 -05:00
James Antill
189e1bf564 Import rpm: 692b48d0dcb7d82ec523751d970b07dfeede90a9 2023-02-23 20:02:57 -05:00
James Antill
a71520da17 Import rpm: 692b48d0dcb7d82ec523751d970b07dfeede90a9 2023-02-23 12:41:22 -05:00
James Antill
c6e080f2d1 Convert from sha1 to sha512, due to upload error. 2022-08-26 12:14:24 -04:00
James Antill
c700398165 Import rpm: 692b48d0dcb7d82ec523751d970b07dfeede90a9 2022-08-08 12:28:54 -04:00