The problem was, in fact, not with Moodle, but with an issue with the SSL configuration. For others who might need this, here's the story:
This site is setup on a dedicated server, but in "user land" - that is, without root level access to files, ports, etc. The ssl configuration (in this version of Apache, defined in httpd-ssl.conf, and included by reference in httpd.conf) was initially set up according to patterns illustrated on several "how to" sites as follows (comments omitted for brevity):
###
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/urandom 512
Listen 8443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache "shmcb:/httpd/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/httpd/logs/ssl_mutex"
NameVirtualHost *:8443
<VirtualHost *:8443>
DocumentRoot "/httpd/htdocs/moodle"
ServerName moodle.oursite.edu:8443
ServerAdmin admin@oursite.edu
ErrorLog "/httpd/logs/error_ssl_log"
TransferLog "/httpd/logs/moodle_ssl_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/httpd/conf/server.crt"
SSLCertificateKeyFile "/httpd/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/httpd/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/httpd/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
###
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/urandom 512
Listen 8443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache "shmcb:/httpd/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/httpd/logs/ssl_mutex"
NameVirtualHost *:8443
<VirtualHost *:8443>
DocumentRoot "/httpd/htdocs/moodle"
ServerName moodle.oursite.edu:8443
ServerAdmin admin@oursite.edu
ErrorLog "/httpd/logs/error_ssl_log"
TransferLog "/httpd/logs/moodle_ssl_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/httpd/conf/server.crt"
SSLCertificateKeyFile "/httpd/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/httpd/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/httpd/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
###
Port 443 was redirected to port 8443 so that browsers looking for https://moodle.oursite.edu:443 would bring up the right page, as would the same URL without the :443.
However, the line:
ServerName moodle.oursite.edu:8443
resulted in the profile edit page timing out - it was finally noticed that when the Timed Out message was returned, the address in the browser had changed from:
to
Editing the line above to:
ServerName moodle.oursite.edu
and restarting Apache solved the problem.
Thanks again, Mauno, for your response and sorry for raising a question with regard to the previous bug...