fhs_compliance.patch
no_LD_LIBRARY_PATH.patch
suexec-CVE-2007-1742.patch
customize_apxs.patch
build_suexec-custom.patch
reproducible_builds.diff
fix_logresolve_segfault.patch
mpm_event_restart_segfault_PR60487.patch
CVE-2017-3167.diff
CVE-2017-3169.diff
CVE-2017-7668.diff
CVE-2017-7679.diff
CVE-2017-9788-mod_auth_digest.diff
core-Disallow-Methods-registration-at-run-time-.htac.patch
CVE-2017-15710-mod_authnz_ldap.diff
CVE-2017-15715-regex-line-endings.diff
CVE-2018-1283-mod_session.diff
CVE-2018-1301-HTTP-request-read-out-of-bounds.diff
CVE-2018-1303-mod_cache_socache-oob.diff
CVE-2018-1312-mod_auth_digest-nonce.diff
mod_http2-upgrade-to-2.4.41.diff
mod_http2-revert-new-proxy-features.diff
add_AP_STATUS_IS_HEADER_ONLY.diff
fcgi_crash.diff
CVE-2018-17199-mod-session-ignore-timeout.diff
CVE-2019-0211-privilege-escalation.diff
CVE-2019-0217-digest-collusion-in-mod_auth_digest.diff
CVE-2019-0220-merge-slashes.diff
CVE-2019-10092-1.patch
CVE-2019-10092-2.patch
CVE-2019-10098.patch
CVE-2020-1927.patch
CVE-2020-1934.patch
CVE-2021-31618.patch
CVE-2021-30641.patch
CVE-2021-26691.patch
CVE-2021-26690.patch
CVE-2020-35452.patch
CVE-2021-34798.patch
CVE-2021-39275.patch
CVE-2021-40438.patch
CVE-2021-44790.patch
CVE-2021-44224-1.patch
CVE-2021-44224-2.patch
CVE-2022-22719.patch
CVE-2022-22720.patch
CVE-2022-22721.patch
CVE-2022-23943-1.patch
CVE-2022-23943-2.patch
CVE-2022-26377.patch
CVE-2022-28614.patch
CVE-2022-28615.patch
CVE-2022-29404.patch
CVE-2022-30522.patch
CVE-2022-30556.patch
CVE-2022-31813.patch
CVE-2022-36760.patch
0053-CVE-2023-25690-1.patch
0054-CVE-2023-25690-2.patch
0055-CVE-2023-25690-Regression-1.patch
0056-CVE-2023-25690-Regression-2.patch
0057-CVE-2023-25690-Regression-3.patch
CVE-2006-20001.patch
CVE-2022-37436.patch
0065-CVE-2023-31122.patch
0066-CVE-2023-38709-import-missing-functionnality.patch
0067-factor-out-TE-chunked-checking.patch
0068-SECURITY-CVE-2024-24795-Apache-HTTP-Server-HTTP-Resp.patch
0069-Backport-Enforce-consistently-no-response-body-with-.patch
0070-CVE-2023-38709-header-validation-after-content-are-e.patch
0071-StrictHostCheck-backport.patch
0072-backport-version-2.0.22-of-mod_http2-to-fix-security.patch
0073-Port-http2-to-2.4.59.patch
0074-CVE-2024-36387-mod_http2-early-exit-if-bb-is-null.patch
0075-CVE-2024-38476-depends-mod_dav_fs-etag-handling-shou.patch
0076-CVE-2024-38476-add-ap_set_content_type_ex-to-differe.patch
0077-1-4-CVE-2024-39884-maintain-trusted-flag.patch
0078-2-4-CVE-2024-39884-Always-trust-content-types-that-w.patch
0079-3-4-CVE-2024-39884-Follow-up-to-r1918814-Always-trus.patch
0080-4-4-CVE-2024-39884-Follow-up-to-r1918814-Strings-are.patch
0081-CVE-2024-40725.patch
0082-1-2-CVE-2024-38477-validate-hostname.patch
0083-2-2-CVE-2024-38477-regression-mod_proxy_http2-ap_pro.patch
0084-CVE-2024-39573-block-inadvertent-subst-of-special-fi.patch
0085-Recognize-dolphin-and-Konqueror-5-browsers-for-webda.patch
0086-backport-of-PR60009-RewriteRule-local-prefix-checkin.patch
0087-CVE-2024-3847-4-5-tighten-up-prefix_stat-and-3f-hand.patch
0088-CVE-2024-3847-4-5-fix-up-logging-number.patch
0089-CVE-2024-38474-regression-mod_rewrite-Better-questio.patch
0090-CVE-2024-38474-regression-mod_rewrite-Follow-up-to-r.patch
0091-1-4-CVE-2024-38473-Merge-r1918550-from-trunk.patch
0092-2-4-CVE-2024-38473-mod_proxy-Fixup-UDS-filename-for-.patch
0093-3-4-CVE-2024-38473-Merge-r1918623-from-trunk.patch
0094-4-4-CVE-2024-38473-factor-out-IS_SLASH-perdir-fix.patch
0095-CVE-2024-38473-Regression-1-2-patch-1-2-mod_proxy-Av.patch
0096-CVE-2024-38473-Regression-1-2-patch-2-2-mod_proxy-Av.patch
0097-CVE-2024-38473-Regression-2-2-error-parsing-URL-with.patch
CVE-2024-42516.patch
CVE-2024-43204_1.patch
CVE-2024-43204_2.patch
CVE-2024-47252.patch
CVE-2025-23048.patch
CVE-2025-49630.patch
CVE-2025-49812.patch
CVE-2025-53020.patch
CVE-2025-58098.patch
CVE-2025-65082.patch
CVE-2025-66200.patch
