RPM Search

Changelog for httpd-debuginfo-2.0.52-22.ent.i386.rpm :
Thu Dec 15 23:00:00 2005 Joe Orton 2.0.52-22.ent
- worker MPM: add security fix for memory consumption DoS (CVE-2005-2970),
and bug fixes for handling resource allocation failures (#173509)

Mon Dec 12 23:00:00 2005 Joe Orton 2.0.52-21.ent
- mod_ssl: add security fix for HTTP-on-SSL-port handling (CVE-2005-3357)
- mod_imap: add security fix for XSS issue (CVE-2005-3352)

Wed Oct 12 00:00:00 2005 Joe Orton 2.0.52-20.ent
- mod_ssl: buffer request bodies for per-location renegotiation (#170383)

Thu Sep 1 00:00:00 2005 Joe Orton 2.0.52-19.ent
- mod_ssl: add security fix for SSLVerifyClient (#167194, CVE CAN-2005-2700)
- add security fix for byterange filter DoS (#167102, CVE CAN-2005-2728)

Sat Jul 30 00:00:00 2005 Joe Orton 2.0.52-18.ent
- mod_auth_ldap: fix issues with some authn/authz combinations
(thanks to Jared Jennings, #159289)
- mod_ldap: fix cache mutex permissions so that locking works
- mod_ldap: fix child crashes if cache is disabled

Fri Jul 29 00:00:00 2005 Joe Orton 2.0.52-17.ent
- mod_ldap: add another cache management fix (#160034, upstream #34209)

Thu Jul 28 00:00:00 2005 Joe Orton 2.0.52-16.ent
- mod_ldap: add cache management fixes from upstream (#160034)

Sat Jul 2 00:00:00 2005 Joe Orton 2.0.52-15.ent
- add security fix for C-L vs T-E handling (#162244, CVE CAN-2005-2088)

Fri Jun 10 00:00:00 2005 Joe Orton 2.0.52-14.ent
- mod_ssl: add security fix for CRL overflow (CVE CAN-2005-1268)
- mod_ssl: add fix to enable buffering (upstream #35279)
- mod_ssl: immediately catch aborted connections (upstream #32699)
- add htdbm(1) man page (Matt Brubeck, #114080)
- mod_userdir: add fix for possible memory corruption (upstream #34588)
- fail build if PIE support could not be enabled

Tue May 17 00:00:00 2005 Joe Orton 2.0.52-13.ent
- fix fd leak if using piped loggers (#157832)
- fix error messages in piped loggers respawn failure case
- in children, close read fd of pipe to piped loggers (Jeff Trawick, #127981)
- mod_ssl: apply ssl-
*-shutdown settings correctly (upstream #34452)

Mon Feb 28 23:00:00 2005 Joe Orton 2.0.52-12.ent
- htdigest: fix permissions of created files (upstream #33765)

Fri Feb 25 23:00:00 2005 Joe Orton 2.0.52-11.ent
- restore use of $OPTIONS in apachectl again (#115910)
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)

Wed Feb 2 23:00:00 2005 Joe Orton 2.0.52-10.ent
- mod_proxy: notice aborted client-connection (#138359)
- mod_include: fix off-by-one in variable expansion (upstream #32985)
- require apr with sendfile support on s390 (#146891)

Tue Nov 30 23:00:00 2004 Joe Orton 2.0.52-9.ent
- remove non-ASF \"powered by\" icons and update noindex.html (#140822)

Tue Nov 23 23:00:00 2004 Joe Orton 2.0.52-8.ent
- apachectl: fix for final RHEL4 libselinux tools location
- mod_ssl: revert to use builtin passphrase prompt again (#128667)

Mon Nov 8 23:00:00 2004 Joe Orton 2.0.52-7.ent
- apachectl: fix selinuxenabled location

Thu Nov 4 23:00:00 2004 Joe Orton 2.0.52-6.ent
- fix typo in init script; tweak htsslpass timeout message

Thu Nov 4 23:00:00 2004 Joe Orton 2.0.52-5.ent
- update htsslpass to be a filter rather than exec:
- refuse to \"reload\" from init script if $HTTPD -t fails

Sat Oct 30 00:00:00 2004 Joe Orton 2.0.52-4.ent
- add security fix for CVE CAN-2004-0942 (memory consumption DoS)
- fix SSLSessionCache comment for distcache in ssl.conf
- restart using SIGHUP not SIGUSR1 after logrotate
- add ap_save_brigade fix (upstream #31247)
- add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677)
- apachectl: restore use of $OPTIONS
- apachectl: refuse to restart if $HTTPD -t fails
- apachectl: run $HTTPD -t in user SELinux context for configtest

Wed Sep 29 00:00:00 2004 Joe Orton 2.0.52-3
- add dummy connection address fixes from HEAD
- mod_ssl: add security fix for CAN-2004-0885

Wed Sep 29 00:00:00 2004 Joe Orton 2.0.52-2
- update to 2.0.52

Wed Sep 22 00:00:00 2004 Joe Orton 2.0.51-6
- fix 2.0.51 regression in Satisfy merging (CAN-2004-0811)

Sun Sep 19 00:00:00 2004 Joe Orton 2.0.51-5
- switch to Jeff Trawick\'s child reclaim timing logic patch
- migration guide updates

Fri Sep 17 00:00:00 2004 Joe Orton 2.0.51-4
- fix pcre includes

Fri Sep 17 00:00:00 2004 Joe Orton 2.0.51-3
- update to 2.0.51

Wed Sep 15 00:00:00 2004 Joe Orton 2.0.50-8
- add improved child reclaim timing logic (#119128/#132360)
- add BuildRequire zlib-devel for mod_deflate

Thu Sep 9 00:00:00 2004 Joe Orton 2.0.50-7
- prereq rather than just require httpd from -suexec (#132045)

Mon Sep 6 00:00:00 2004 Joe Orton 2.0.50-6
- include /etc/sysconfig/httpd template (#112085)
- pass $OPTIONS in httpd invocations in apachectl (#115910)
- do not pass $OPTIONS to apachectl from init script
- start httpd in C locale by default from apachectl

Thu Sep 2 00:00:00 2004 Joe Orton 2.0.50-5
- move manual configuration into conf.d/manual.conf (#131208)
- add test_hook from HEAD, -t -DDUMP_CERTS for mod_ssl
- document AddDefaultCharset change since 1.3 in migration.html

Wed Aug 18 00:00:00 2004 Joe Orton 2.0.50-4
- start httpd in the C locale by default (#128002)
- fix CustomLog comments in default httpd.conf (#43223)
- ensure correct mod_suexec vs mod_userdir hook ordering
(Joshua Slive, upstream #18156)

Wed Jun 30 00:00:00 2004 Joe Orton 2.0.50-3
- update -proxy11 patch
- explain where suexec went if SuexecUserGroup is used but
/usr/sbin/suexec is not found

Wed Jun 30 00:00:00 2004 Joe Orton 2.0.50-1
- update to 2.0.50

Tue Jun 22 00:00:00 2004 Joe Orton 2.0.49-8
- split out suexec into httpd-suexec package (#77972)
- link to system pcreposix.h to fix including httpd.h

Thu Jun 17 00:00:00 2004 Joe Orton 2.0.49-7
- don\'t install or use bundled pcreposix.h
- bump default MaxClients to 256
- drop default Timeout to 2 minutes
- merge from upstream:

* add fix for VirtualHost multiple address handling (Jeff Trawick)

Wed Jun 16 00:00:00 2004 Elliot Lee 2.0.49-6
- rebuilt

Fri Jun 11 00:00:00 2004 Joe Orton 2.0.49-5
- remove comments about ScoreBoardFile in httpd.conf
- avoid redundant name lookup in pod code
- mod_headers: add %{...}s feature for using SSL variables
- mod_autoindex: don\'t truncate output on stat() failure (#117959)
- mod_ssl: fix shmcb corruption with small caches (Geoff Thorpe)
- mod_ssl: security fix for overflow in FakeBasicAuth (CVE CAN-2004-0488)
- mod_deflate: fix memory consumption for large responses
- check that suexec is setuid root (André Malo)
- worker: add ThreadStackSize (Jeff Trawick) and ThreadGuardSize directives

Fri May 7 00:00:00 2004 Joe Orton 2.0.49-4
- make \"noindex\" page valid XHTML 1.1 (Pascal Volk, #122020)
- fix SEGV with no Listen directives (Michael Corcoran)
- mod_cgi: synch with 2.0 backport proposed upstream

Fri Apr 23 00:00:00 2004 Joe Orton 2.0.49-3
- conflict with older pcre (#121531)
- include mod_ext_filter
- mod_cgi: handle concurrent stderr/stdout from script

Fri Mar 26 23:00:00 2004 Joe Orton 2.0.49-2
- mod_ssl: fix session cache memory leak (Madhu Mathihalli)
- mod_ssl: fix SEGV when trying to shutdown during pool cleanup
- merge the mod_proxy HTTP/1.1-compliance fixes
- apply fix for #118020

Thu Mar 18 23:00:00 2004 Joe Orton 2.0.49-1
- update to 2.0.49 (#118798, thanks to Robert Scheck)
- only link ab and mod_ssl against SSL_LIBS
- open log files using APR_LARGEFILE where available

Wed Mar 17 23:00:00 2004 Joe Orton 2.0.48-18
- add fix for #118020
- ssl.conf tweaks: seed SSL PRNG with 256 bytes from /dev/urandom

Mon Mar 15 23:00:00 2004 Joe Orton 2.0.48-17
- use \"SSLMutex default\" in default ssl.conf
- limit to 128K XML request bodies in default httpd.conf; fix to
give a 413 error not a 400 if the limit is exceeded
- mod_rewrite: add %{SSL:...} and %{HTTPS} variable lookups
- mod_dav: propagate executable property across COPY/MOVE
- mod_dav: give 507 on out-of-space errors in more places
- mod_ssl: add ssl_is_https optional function
- mod_ssl: support indexed lookup of DN components
- mod_ssl: optimised variable lookup
- mod_ssl: install only minimal mod_ssl.h
- worker: fix potential hang at restart

Tue Mar 2 23:00:00 2004 Elliot Lee 2.0.48-16.1
- Rebuilt.

Mon Feb 23 23:00:00 2004 Joe Orton 2.0.48-16
- fix apxs -q installbuilddir
- really update to ab from HEAD
- remove check that accept() returns an fd < FD_SETSIZE

Fri Feb 13 23:00:00 2004 Elliot Lee 2.0.48-15
- Rebuilt.

Tue Feb 3 23:00:00 2004 Joe Orton 2.0.48-14
- mod_dav: fix 401 on destination and reject unescaped fragment in URI
- remove redundant ldconfig invocation from mod_ssl %post
- remove unnecessary -headusage patch

Fri Jan 30 23:00:00 2004 Joe Orton 2.0.48-13
- allow further customisation of init script (Peter Bieringer, #114619)
- worker fixes from upstream
- use basename(filename) in APLOG_MARK to reduce noise levels at
\"LogLevel debug\"

Wed Jan 28 23:00:00 2004 Joe Orton 2.0.48-12
- mod_ssl: cosmetic tweaks for pass phrase prompting
- simplify rebranding a little

Tue Jan 27 23:00:00 2004 Joe Orton 2.0.48-11
- trim pre-2.0 history from CHANGES to limit size

Tue Jan 27 23:00:00 2004 Joe Orton 2.0.48-10
- update to ab from HEAD
- remove dbmmanage man page (part of #114080)
- mod_ssl: fix streaming nph- CGI scripts over SSL
- mod_autoindex: fixes from 2.0 branch (André Malo)
- add NameVirtualHost vs mod_ssl warning to httpd.conf (#114315)
- mod_proxy: HTTP/1.1-compliance fixes from HEAD

Tue Jan 20 23:00:00 2004 Joe Orton 2.0.48-9
- use a large BSS in the test PIE executable to trigger bugs early
- tighten check on CPP output in MMN check (#113934)

Mon Jan 19 23:00:00 2004 Joe Orton 2.0.48-8
- add man page fixes
- mod_include: use parser rewrite+fixes from 2.0 branch (André Malo et al)
- mod_ssl: add distcache support (Geoff Thorpe)
- mod_ssl: SSL variable handling fixes for non-SSL connections (various)
- allow linking modules against specific libraries found during configure

Mon Jan 19 23:00:00 2004 Joe Orton 2.0.48-7
- hack to ensure that /usr/sbin/suexec gets stripped
- merges from upstream:

* fix for CVE CAN-2003-0020 (André Malo)

* open log files read-only (Jeff Trawick)

* mod_cgi: fix logging of script exec failure messages (Jeff Trawick)

* mod_proxy: fix leak in request body handling (Larry Toppi)
- merges from Taroon:

* move away /var/www/html/index.html before upgrade from 1.3 (#70705)

* allow upgrade from Stronghold 4.0

* migration guide updates

* mod_log_config: fix logging of timezone (upstream #23642)

* mod_ssl: restore readable error descriptions in error log

Mon Jan 19 23:00:00 2004 Joe Orton 2.0.48-6
- fix httpd.init issues reported by Behdad Esfahbod
- add fix for mod_usertrack (#113269)
- automatically raise RLIMIT_CORE if CoreDumpDirectory is used
- emit warning at end of %prep if PIE support is not enabled
- add symlink to libtool script from build directory (#113720)
- don\'t link suexec against the world

Sun Jan 4 23:00:00 2004 Joe Orton 2.0.48-5
- use graceful restart in logrotate
- bump default MaxRequestsPerChild for prefork to 4000
- move vendor string for Server header into spec file
- include mod_status extension hook and use it in mod_ssl to include
SSL session cache statistics in server-status output

Thu Dec 18 23:00:00 2003 Joe Orton 2.0.48-4
- rebuild

Sat Dec 13 23:00:00 2003 Jeff Johnson 2.0.48-3
- rebuild against db-4.2.52.

Tue Oct 28 23:00:00 2003 Joe Orton 2.0.48-2
- update to 2.0.48
- includes security fix for CVE CAN-2003-0542
- include mpm
*.h to fix mod_fastcgi build (#108080)
- increase DYNAMIC_MODULE_LIMIT to 128
- re-enable ap_hack_
* export trimming patch
- only use -export-dynamic when linking httpd, not suexec etc
- don\'t load mod_unique_id by default

Fri Oct 24 00:00:00 2003 Joe Orton 2.0.47-10
- httpd.conf: configure test page in welcome.conf, load suexec,
don\'t use custom error docs by default, sync with upstream.
- add \"Powered by Fedora\" icon (Garrett LeSage)
- migration guide updates
- drop mod_cgid
- enable SSL_EXPERIMENTAL_ENGINE (#106858)
- drop minimum suexec gid to 100 (#74753, #107083)
- speed up graceful restarts in prefork (#105725)
- mod_ssl fixes

Thu Oct 23 00:00:00 2003 Joe Orton 2.0.47-9
- updated index.html (Matt Wilson, #107378)
- change server version string comment to \"(Fedora)\"

Tue Oct 14 00:00:00 2003 Jeff Johnson 2.0.47-8.1
- rebuild against db-4.2.42.

Thu Oct 9 00:00:00 2003 Joe Orton 2.0.47-8
- use -fPIE not -fpie to fix s390x (Florian La Roche)
- include VERSIONING in docdir

Tue Oct 7 00:00:00 2003 Joe Orton 2.0.47-7
- enable PIE support
- include bug fix for #78019

Tue Sep 9 00:00:00 2003 Joe Orton 2.0.47-6
- update httpd.conf for manual changes (alietssAATTyahoo.com, #101015)
- use anonymous shm for LDAP auth cache (#103566)

Mon Sep 8 00:00:00 2003 Joe Orton 2.0.47-5
- include unixd.h again
- fix EXTRA_INCLUDES

Tue Jul 29 00:00:00 2003 Joe Orton 2.0.47-4
- add mod_include fixes from upstream
- httpd.conf updates: wording fixes from upstream; load
mod_deflate by default, update AddLanguage section (#98455)
- don\'t add eNULL cipher in default ssl.conf (#98401)
- only bind to IPv4 addresses in default config (#98916)

Fri Jul 25 00:00:00 2003 Joe Orton 2.0.47-3
- fix for segfaults in php-snmp init (#97207)

Thu Jul 24 00:00:00 2003 Joe Orton 2.0.47-2
- fix apxs -c again

Tue Jul 15 00:00:00 2003 Joe Orton 2.0.47-1
- update to 2.0.47
- add mod_logio (#100436)
- remove Vendor tag

Fri Jul 11 00:00:00 2003 Joe Orton 2.0.45-14
- use libtool script included in apr
- fix apxs -q LIBTOOL (more #92313)

Wed Jul 9 00:00:00 2003 Joe Orton 2.0.45-13
- use system pcre library

Fri Jul 4 00:00:00 2003 Joe Orton 2.0.45-12
- remove some installed headers
- fix for use of libtool 1.5

Fri Jun 6 00:00:00 2003 Elliot Lee
- Rebuilt.

Fri Jun 6 00:00:00 2003 Joe Orton 2.0.45-10
- fix apxs -g (#92313)

Sun Jun 1 00:00:00 2003 Joe Orton 2.0.45-9
- trim manual sources properly
- remove ExcludeArch

Fri May 30 00:00:00 2003 Joe Orton 2.0.45-8
- rebuild

Tue May 20 00:00:00 2003 Joe Orton 2.0.45-6
- don\'t load /usr/sbin/envvars from apxs
- add fix for mod_dav_fs namespace handling
- add fix for mod_dav If header etag comparison
- remove irrelevant warning from mod_proxy
- don\'t conflict with thttpd (#91422)

Mon May 19 00:00:00 2003 Joe Orton 2.0.45-5
- don\'t package any XML sources in httpd-manual
- fix examples in default httpd.conf for enabling caching

Mon May 19 00:00:00 2003 Joe Orton 2.0.45-4
- change default charset to UTF-8 (#88964)

Fri May 16 00:00:00 2003 Joe Orton 2.0.45-3
- update httpd.conf for changes from default in 2.0.45
- include conf.d/
*.conf after loading standard modules
- include LDAP and cache modules (#75370, #88277)
- run buildconf in %build not %prep

Wed May 14 00:00:00 2003 Joe Orton 2.0.45-2
- have apxs always use /usr/bin/libtool

Tue May 6 00:00:00 2003 Joe Orton 2.0.45-1
- update to 2.0.45 (#82227)
- use separate apr, apr-util packages (#74951)
- mark logrotate file as noreplace (#85654)
- mark all of /var/www/error as %config-not-noreplace
- remove dates from error pages (#86474)
- don\'t enable mod_cgid for worker MPM (#88819)

Thu May 1 00:00:00 2003 Elliot Lee 2.0.40-22
- headusage patch to fix build on ppc64 etc.

Wed Apr 2 00:00:00 2003 Joe Orton 2.0.40-21.1
- add security fixes for CAN-2003-0020, CAN-2003-0132, CAN-2003-0083
- add security fix for file descriptor leaks, #82142
- add bug fix for #82587

Mon Feb 24 23:00:00 2003 Joe Orton 2.0.40-21
- add security fix for CAN-2003-0020; replace non-printable characters
with \'!\' when printing to error log.
- disable debuginfo on IA64.

Tue Feb 11 23:00:00 2003 Joe Orton 2.0.40-20
- disable POSIX semaphores to support 2.4.18 kernel (#83324)

Wed Jan 29 23:00:00 2003 Joe Orton 2.0.40-19
- require xmlto 0.0.11 or later
- fix apr_strerror on glibc2.3

Wed Jan 22 23:00:00 2003 Tim Powers 2.0.40-18
- Rebuilt.

Thu Jan 16 23:00:00 2003 Joe Orton 2.0.40-17
- add mod_cgid and httpd binary built with worker MPM (#75496)
- allow choice of httpd binary in init script
- pick appropriate CGI module based on loaded MPM in httpd.conf
- source /etc/sysconfig/httpd in apachectl to get httpd choice
- make \"apachectl status\" fail gracefully when links isn\'t found (#78159)

Mon Jan 13 23:00:00 2003 Joe Orton 2.0.40-16
- rebuild for OpenSSL 0.9.7

Fri Jan 3 23:00:00 2003 Joe Orton 2.0.40-15
- fix possible infinite recursion in config dir processing (#77206)
- fix memory leaks in request body processing (#79282)

Thu Dec 12 23:00:00 2002 Joe Orton 2.0.40-14
- remove unstable shmht session cache from mod_ssl
- get SSL libs from pkg-config if available (Nalin Dahyabhai)
- stop \"apxs -a -i\" from inserting AddModule into httpd.conf (#78676)

Wed Nov 6 23:00:00 2002 Joe Orton 2.0.40-13
- fix location of installbuilddir in apxs when libdir!=/usr/lib

Wed Nov 6 23:00:00 2002 Joe Orton 2.0.40-12
- pass libdir to configure; clean up config_vars.mk
- package instdso.sh, fixing apxs -i (#73428)
- prevent build if upstream MMN differs from mmn macro
- remove installed but unpackaged files

Thu Oct 10 00:00:00 2002 Joe Orton 2.0.40-11
- correct SERVER_NAME encoding in i18n error pages (thanks to Andre Malo)

Thu Oct 10 00:00:00 2002 Joe Orton 2.0.40-10
- fix patch for CAN-2002-0840 to also cover i18n error pages

Thu Oct 3 00:00:00 2002 Joe Orton 2.0.40-9
- security fixes for CAN-2002-0840 and CAN-2002-0843
- fix for possible mod_dav segfault for certain requests

Wed Sep 25 00:00:00 2002 Gary Benson
- updates to the migration guide

Thu Sep 5 00:00:00 2002 Nalin Dahyabhai 2.0.40-8
- link httpd with libssl to avoid library loading/unloading weirdness

Wed Sep 4 00:00:00 2002 Joe Orton 2.0.40-7
- add LoadModule lines for proxy modules in httpd.conf (#73349)
- fix permissions of conf/ssl.
*/ directories; add Makefiles for
certificate management (#73352)

Tue Sep 3 00:00:00 2002 Joe Orton 2.0.40-6
- provide \"httpd-mmn\" to manage module ABI compatibility

Mon Sep 2 00:00:00 2002 Joe Orton 2.0.40-5
- fix SSL session cache (#69699)
- revert addition of LDAP support to apr-util

Tue Aug 27 00:00:00 2002 Joe Orton 2.0.40-4
- set SIGXFSZ disposition to \"ignored\" (#69520)
- make dummy connections to the first listener in config (#72692)

Tue Aug 27 00:00:00 2002 Joe Orton 2.0.40-3
- allow \"apachectl configtest\" on a 1.3 httpd.conf
- add mod_deflate
- enable LDAP support in apr-util
- don\'t package everything in /var/www/error as config(noreplace)

Thu Aug 22 00:00:00 2002 Bill Nottingham 2.0.40-2
- add trigger (#68657)

Tue Aug 13 00:00:00 2002 Joe Orton 2.0.40-1
- update to 2.0.40

Thu Jul 25 00:00:00 2002 Joe Orton 2.0.36-8
- improve comment on use of UserDir in default config (#66886)

Thu Jul 11 00:00:00 2002 Joe Orton 2.0.36-7
- use /sbin/nologin as shell for apache user (#68371)
- add patch from CVS to fix possible infinite loop when processing
internal redirects

Thu Jun 27 00:00:00 2002 Gary Benson 2.0.36-6
- modify init script to detect 1.3.x httpd.conf\'s and direct users
to the migration guide

Wed Jun 26 00:00:00 2002 Gary Benson 2.0.36-5
- patch apachectl to detect 1.3.x httpd.conf\'s and direct users
to the migration guide
- ship the migration guide

Sat Jun 22 00:00:00 2002 Joe Orton
- move /etc/httpd2 back to /etc/httpd
- add noindex.html page and poweredby logo; tweak default config
to load noindex.html if no default \"/\" page is present.
- add patch to prevent mutex errors on graceful restart

Sat Jun 22 00:00:00 2002 Tim Powers 2.0.36-4
- automated rebuild

Thu Jun 13 00:00:00 2002 Joe Orton 2.0.36-3
- add patch to fix SSL mutex handling

Thu Jun 13 00:00:00 2002 Joe Orton 2.0.36-2
- improved config directory patch

Tue May 21 00:00:00 2002 Joe Orton
- initial build; based heavily on apache.spec and mod_ssl.spec
- fixes: #65214, #58490, #57376, #61265, #65518, #58177, #57245