development/libraries

Jump to letter: [ ABCDEFGHIJLMNOPRSTUVX ]

httpd-devel - Development interfaces for the Apache HTTP server

Website: http://httpd.apache.org/
License: ASL 2.0
Vendor: AnNyung Packaging Team
Description:
The httpd-devel package contains the APXS binary and other files
that you need to build Dynamic Shared Objects (DSOs) for the
Apache HTTP Server.

If you are installing the Apache HTTP server and you want to be
able to compile or develop additional modules for Apache, you need
to install this package.

Packages

httpd-devel-2.4.57-1.an3.x86_64 [217 KiB] Changelog by JoungKyun.Kim (2023-08-26): 
- update 2.4.57
  see also https://downloads.apache.org/httpd/CHANGES_2.4.57
- security issues
  . CVE-2023-27522: mod_proxy_uwsgi HTTP response splitting
  . CVE-2023-25690: mod_rewrite, mod_proxy HTTP request splitting
httpd-devel-2.4.55-1.an3.x86_64 [217 KiB] Changelog by JoungKyun.Kim (2023-02-08): 
- update 2.4.55
  see also https://downloads.apache.org/httpd/CHANGES_2.4.55
- security issues
  . CVE-2022-37436: mod_proxy allows a backend to trigger HTTP response splitting
  . CVE-2022-36760: mod_proxy_ajp Possible request smuggling
  . CVE-2006-20001: mod_dav out of  bounds read, or write of zero byte
httpd-devel-2.4.54-1.an3.x86_64 [215 KiB] Changelog by JoungKyun.Kim (2022-08-27): 
- update 2.4.54
  see also https://downloads.apache.org/httpd/CHANGES_2.4.54
- security issues
  . CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
  . CVE-2022-30556: Information Disclosure in mod_lua with websockets
  . CVE-2022-30522: mod_sed denial of service
  . CVE-2022-29404: Denial of service in mod_lua r:parsebody
  . CVE-2022-28615: Read beyond bounds in ap_strcmp_match()
  . CVE-2022-28614: read beyond bounds via ap_rwrite()
  . CVE-2022-28330: read beyond bounds in mod_isapi
  . CVE-2022-26377: mod_proxy_ajp: Possible request smuggling
httpd-devel-2.4.53-1.an3.x86_64 [215 KiB] Changelog by JoungKyun.Kim (2022-03-25): 
- update 2.4.53
  see also https://downloads.apache.org/httpd/CHANGES_2.4.53
- security issues
  . CVE-2022-22719 lua: uninitialized value of in r:parsebody
  . CVE-2022-22720 HTTP request smuggling vulnerability
  . CVE-2022-22721 core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
  . CVE-2022-23943 sed: Read/write beyond bounds
httpd-devel-2.4.52-1.an3.x86_64 [214 KiB] Changelog by JoungKyun.Kim (2021-12-29): 
- update 2.5.52
  see also https://downloads.apache.org/httpd/CHANGES_2.4.52
- security issues
  . CVE-2021-44790 lua: Possible buffer overflow when parsing multipart content
  . CVE-2021-44224 proxy: Possible NULL dereference or SSRF in forward proxy configurations
httpd-devel-2.4.51-1.an3.x86_64 [213 KiB] Changelog by JoungKyun.Kim (2021-10-13): 
- update 2.4.51
  see also https://downloads.apache.org/httpd/CHANGES_2.4.50
  see also https://downloads.apache.org/httpd/CHANGES_2.4.51
- security isseus
  . CVE-2021-42013 core: Path traversal and file disclosure vulnerability
  . CVE-2021-41773 core: Path traversal and file disclosure vulnerability
  . CVE-2021-41524 core: null pointer dereference in h2 fuzzing
httpd-devel-2.4.49-1.an3.x86_64 [212 KiB] Changelog by JoungKyun.Kim (2021-10-03): 
- update 2.4.49
  see also https://downloads.apache.org/httpd/CHANGES_2.4.49
- security issues
  . CVE-2021-34798 core: null pointer dereference on malformed request
  . CVE-2021-39275 core: ap_escape_quotes buffer overflow
  . CVE-2021-33193 mod_http2: Request splitting vulnerability with mod_proxy
  . CVE-2021-40438 mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty
  . CVE-2021-36160 mod_proxy_uwsgi: Out of bound read vulnerability
httpd-devel-2.4.48-1.an3.x86_64 [209 KiB] Changelog by JoungKyun.Kim (2021-07-22): 
- update 2.4.48
  see also https://downloads.apache.org/httpd/CHANGES_2.4.46
- security issues
  . CVE-2021-31618
  . CVE-2021-30641
  . CVE-2020-35452
  . CVE-2021-26691
  . CVE-2021-26690
  . CVE-2020-13950
  . CVE-2020-13938
  . CVE-2019-17567
httpd-devel-2.4.46-1.an3.x86_64 [204 KiB] Changelog by JoungKyun.Kim (2020-08-17): 
- update 2.4.46
  see also https://downloads.apache.org/httpd/CHANGES_2.4.44
  see also https://downloads.apache.org/httpd/CHANGES_2.4.45
  see also https://downloads.apache.org/httpd/CHANGES_2.4.46
- security issues
  . CVE-2020-11984
  . CVE-2020-11993
httpd-devel-2.4.43-1.an3.x86_64 [204 KiB] Changelog by JoungKyun.Kim (2020-04-06): 
- update 2.4.43
  see also https://downloads.apache.org/httpd/CHANGES_2.4.43
- security issues
  . CVE-2020-1934
  . CVE-2020-1927
httpd-devel-2.4.41-1.an3.x86_64 [203 KiB] Changelog by JoungKyun.Kim (2019-08-24): 
- update 2.4.41
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.41
- security issues
  . CVE-2019-10081 mod_http2
  . CVE-2019-9517  mod_http2
  . CVE-2019-10098 rewrite
  . CVE-2019-10092
  . CVE-2019-10097 mod_remoteip
  . CVE-2019-10082 mod_http2
httpd-devel-2.4.39-1.an3.x86_64 [201 KiB] Changelog by JoungKyun.Kim (2019-05-13): 
- update 2.4.39
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.36
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.37
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.38
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.39
- support TLS 1.3
- security issues
  . CVE-2019-0197 mod_http2
  . CVE-2019-0196 mod_http2
  . CVE-2019-0211 MPM
  . CVE-2019-0217 mod_auth_digest
  . CVE-2019-0215 mod_ssl
  . CVE-2019-0190 mod_ssl
  . CVE-2019-0220 Merge consecutive slashes in URL's. Opt-out with `MergeSlashes OFF`
  . CVE-2018-17199 mod_session_cookie
  . CVE-2018-17189 mod_http2
httpd-devel-2.4.37-1.an3.x86_64 [200 KiB] Changelog by JoungKyun.Kim (2018-12-10): 
- update 2.4.37
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.37
httpd-devel-2.4.35-1.an3.x86_64 [200 KiB] Changelog by JoungKyun.Kim (2018-10-13): 
- update 2.4.35
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.35
httpd-devel-2.4.34-1.an3.x86_64 [200 KiB] Changelog by JoungKyun.Kim (2018-08-19): 
- update 2.4.34
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.34
- security issues
  . CVE-2018-8011 mod_md
    DoS via Coredumps on specially crafted requests
  . CVE-2018-1333 mod_http2
    DoS for HTTP/2 connections by specially crafted requests
httpd-devel-2.4.33-1.an3.x86_64 [199 KiB] Changelog by JoungKyun.Kim (2018-04-08): 
- update 2.4.33
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.33
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.32
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.29
- add mod_md module
- security issues
  . CVE-2017-15710 mod_authnz_ldap:
    Out of bound write with AuthLDAPCharsetConfig enabled
  . CVE-2017-15715 core:
    Configure the regular expression engine to match '$' to the end of
    the input string only, excluding matching the end of any embedded 
    newline characters. Behavior can be changed with new directive 
    'RegexDefaultOptions'.
  . CVE-2018-1283 mod_session:
    CGI-like applications that intend to read from mod_session's 
    'SessionEnv ON' could be fooled into reading user-supplied data instead.
  . CVE-2018-1301 core:
    Possible crash with excessively long HTTP request headers. 
    Impractical to exploit with a production build and production LogLevel.
  . CVE-2018-1302 mod_http2: Potential crash w/ mod_http2
  . CVE-2018-1303 mod_cache_socache:
    Fix request headers parsing to avoid a possible crash
    with specially crafted input data.
  . CVE-2018-1312 mod_auth_digest:
    Fix generation of nonce values to prevent replay
    attacks across servers using a common Digest domain. This change
    may cause problems if used with round robin load balancers.
httpd-devel-2.4.28-1.an3.x86_64 [197 KiB] Changelog by JoungKyun.Kim (2017-10-14): 
- update 2.4.28
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.28
- security issues
  . CVE-2017-9798
    Corrupted or freed memory access.
  . PR61382
    mod_http2: Fix for stalling when more than 32KB are written to a suspended stream.
httpd-devel-2.4.27-1.an3.x86_64 [196 KiB] Changelog by JoungKyun.Kim (2017-07-17): 
- update 2.4.27
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.27
- security issues
  . CVE-2017-7679
  . CVE-2017-7668
  . CVE-2017-7659
  . CVE-2017-3169
  . CVE-2017-3167
httpd-devel-2.4.25-1.an3.x86_64 [195 KiB] Changelog by JoungKyun.Kim (2017-01-21): 
- update 2.4.25
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.25
- security issues
  . CVE-2016-8740
  . CVE-2016-2161
  . CVE-2016-0736
  . CVE-2016-8743
httpd-devel-2.4.23-2.an3.x86_64 [193 KiB] Changelog by JoungKyun.Kim (2016-08-25): 
- support package name alias http-ssl, http-ldap, http-proxy-html, http-session
httpd-devel-2.4.23-1.an3.x86_64 [193 KiB] Changelog by JoungKyun.Kim (2016-07-21): 
- update 2.4.23
- security issues
  . CVE-2016-5387
    The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and
    therefore does not protect applications from the presence of untrusted
    client data in the HTTP_PROXY environment variable, which might allow
    remote attackers to redirect an application's outbound HTTP traffic to an
    arbitrary proxy server via a crafted Proxy header in an HTTP request, aka
    an "httpoxy" issue.
httpd-devel-2.4.18-3.an3.x86_64 [190 KiB] Changelog by JoungKyun.Kim (2016-02-03): 
- move ssl.conf to httpd-conf package
httpd-devel-2.4.18-2.an3.x86_64 [190 KiB] Changelog by JoungKyun.Kim (2016-02-01): 
- support ALPN for http2
httpd-devel-2.4.18-1.an3.x86_64 [190 KiB] Changelog by JoungKyun.Kim (2016-01-14): 
- update 2.4.18
httpd-devel-2.4.17-2.an3.x86_64 [189 KiB] Changelog by JoungKyun.Kim (2015-12-15): 
- fixed perl dependency problems
httpd-devel-2.4.17-1.an3.x86_64 [189 KiB] Changelog by JoungKyun.Kim (2015-11-11): 
- update 2.4.17
httpd-devel-2.4.16-1.an3.x86_64 [187 KiB] Changelog by JoungKyun.Kim (2015-08-31): 
- update 2.4.16
- security issues
  . CVE-2015-3183
  . CVE-2015-3185
  . CVE-2015-0253
  . CVE-2015-0228
httpd-devel-2.4.12-1.an3.x86_64 [186 KiB] Changelog by JoungKyun.Kim (2015-02-03): 
- update 2.4.12
- add External404Title directive
- fixed broken korean in SSI

Listing created by Repoview-0.6.6-4.el7