Package mod_http2-1.15.7-10.module+el8.10.0+726+ffd8c55e.4.x86_64 content_copy download

×

* Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.4
- Resolves: RHEL-105186 - httpd:2.4/httpd: untrusted input from a client causes
  an assertion to fail in the Apache mod_proxy_http2 module (CVE-2025-49630)

* Tue Jan 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.3
- Resolves: RHEL-58454 - mod_proxy_http2 failures after CVE-2024-38477 fix
- Resolves: RHEL-59017 - random failures in other requests on http/2 stream
  when client resets one request

* Tue Jan 07 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.2
- Resolves: RHEL-71575: Wrong Content-Type when proxying using H2 protocol

* Tue Aug 27 2024 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.1
- Resolves: RHEL-46214 - Access logs and ErrorDocument don't work when HTTP431
  occurs using http/2 on RHEL8

* Fri Apr 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10
- Resolves: RHEL-29817 - httpd:2.4/mod_http2: httpd: CONTINUATION frames
  DoS (CVE-2024-27316)

* Fri Feb 02 2024 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-9.3
- Resolves: RHEL-13367 - httpd:2.4/mod_http2: reset requests exhaust memory
  (incomplete fix of CVE-2023-44487)(CVE-2023-45802)

* Sun Dec 10 2023 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.15.7-8.3
- Rebuilt for MSVSphere 8.8

* Sat Mar 18 2023 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-8.3
- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting
  with mod_rewrite and mod_proxy

* Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-7
- Resolves: #2095650 - Dependency from mod_http2 on httpd broken

* Tue Nov 01 2022 Tomas Korbar <tkorbar@redhat.com> - 1.15.7-6
- Backport SNI feature refactor
- Resolves: rhbz#2137257