Package mod_session-2.4.62-7.el9_7.3.inferit.aarch64
| Name | mod_session |
|---|---|
| Epoch | 0 |
| Version | 2.4.62 |
| Release | 7.el9_7.3.inferit |
| Architecture | aarch64 |
| Website/URL | https://httpd.apache.org/ |
| License | ASL 2.0 |
| Build Time | 2025-12-23 10:26:40 |
| Build Host | builder-arm64-1.inferitos.ru |
| Summary | Session interface for the Apache HTTP Server |
| Repositories | AppStream |
| Description | The mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data. |
| Errata | — |
| Size | 45 KiB |
| Source Project | httpd-2.4.62-7.el9_7.3.inferit |
| SHA-256 checksum | 79ed6f254dc4457ca1ff4c6d869a4b841562f11dbd3dba7e840596757b00b689 |
×
![Full screenshot]()
* Fri Dec 12 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7.3 - Resolves: RHEL-135063 - httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo (CVE-2025-66200) - Resolves: RHEL-135048 - httpd: Apache HTTP Server: CGI environment variable override (CVE-2025-65082) - Resolves: RHEL-134480 - httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... (CVE-2025-58098) * Wed Nov 12 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7.2 - Resolves: RHEL-123850 - mod_proxy_hcheck may stop healthchecks after a child process is reclaimed * Tue Nov 11 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7.1 - Resolves: RHEL-125884 - mod_ssl: allow more fine grained SSL SNI vhost check to avoid unnecessary 421 errors after CVE-2025-23048 fix - mod_ssl: add conf.d/snipolicy.conf to set 'SSLVHostSNIPolicy authonly' default * Sat Aug 16 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-7 - Resolves: RHEL-99815 - stickysession field does not work when specifying it in the query parameter after upgrade to 9.5 - Resolves: RHEL-99953 - httpd: HTTP Session Hijack via a TLS upgrade (CVE-2025-49812) - Resolves: RHEL-99968 - httpd: access control bypass by trusted clients is possible using TLS 1.3 session resumption (CVE-2025-23048) - Resolves: RHEL-99977 - httpd: insufficient escaping of user-supplied data in mod_ssl (CVE-2024-47252) * Tue Jul 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-6 - Resolves: RHEL-94562 - httpd 2.4.62: mod_proxy_connect prematurely closes connections * Fri Jun 06 2025 Joe Orton <jorton@redhat.com> - 2.4.62-5 - mod_dav: add dav_get_base_path() API - Resolves: RHEL-41069 * Wed Jan 29 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4 - Resolves: RHEL-66488 - Apache HTTPD no longer parse PHP files with unicode characters in the name * Thu Jan 09 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3 - Resolves: RHEL-68660 - RewriteRule proxying to UDS (unix domain socket) configured in .htaccess doesn't work on httpd-2.4.62-1 * Thu Sep 12 2024 Joe Orton <jorton@redhat.com> - 2.4.62-2 - mod_ssl: fix loading keys via ENGINE API Resolves: RHEL-36755 * Sat Aug 03 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-1 - new version 2.4.62 - Resolves: RHEL-52724 - Regression introduced by CVE-2024-38474 fix