SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for httpd-debuginfo-2.2.3-43.el5_5.3.i386.rpm :
Fri Aug 20 00:00:00 2010 Joe Orton - 2.2.3-43.3
- mod_ssl: improved fix for SSLRequire\'s OID() function (#625452)

Sat Aug 14 00:00:00 2010 Joe Orton - 2.2.3-43.2
- add security fixes for CVE-2010-1452, CVE-2010-2791 (#623210)
- mod_deflate: rebase to 2.2.15 (#625435)
- stop multiple invocations of filter init functions (#625451)

Thu Mar 4 23:00:00 2010 Joe Orton - 2.2.3-43
- add security fixes for CVE-2010-0408, CVE-2010-0434 (#570441)

Tue Feb 23 23:00:00 2010 Joe Orton - 2.2.3-42
- require and BR a version of OpenSSL with the secure reneg API (#566659)

Tue Feb 23 23:00:00 2010 Joe Orton - 2.2.3-41
- mod_ssl: add SSLInsecureRenegotiation (#566659)

Mon Feb 1 23:00:00 2010 Joe Orton - 2.2.3-40
- mod_ssl: further fix for OID() handling (#552942)

Thu Jan 28 23:00:00 2010 Joe Orton - 2.2.3-39
- prevent use of rsync during \"make install\" (#557049)

Thu Jan 28 23:00:00 2010 Joe Orton - 2.2.3-38
- mod_ssl: fix additional case for OID() handling (#552942)
- mod_authnz_ldap: fix handling of empty filter in group defn (#252038)

Tue Jan 19 23:00:00 2010 Joe Orton - 2.2.3-37
- mod_ssl: use ASN1_STRING_print() in SSLRequire\'s OID() (#552942)

Sun Dec 20 23:00:00 2009 Joe Orton - 2.2.3-36
- mod_ssl: add further mitigation for CVE-2009-3555 (#534042)
- add mod_substitute (#539256)

Fri Dec 18 23:00:00 2009 Joe Orton - 2.2.3-35.el5
- mod_authnz_ldap: dynamic group fixes (#252038)

Thu Dec 17 23:00:00 2009 Joe Orton - 2.2.3-34.el5
- mod_authnz_ldap: add support for dynamic group lookup (#252038)

Wed Dec 16 23:00:00 2009 Joe Orton - 2.2.3-33.el5
- add security fixes for CVE-2009-3555, CVE-2009-3094,
CVE-2009-3095 (#534042)

Wed Dec 2 23:00:00 2009 Joe Orton - 2.2.3-32.el5
- fix hard-coded default pidfile to match default config (#505002)
- mod_ssl: fix potential hang in renegotiation (#510515)
- drop legacy X-Pad header from short responses (#526110)
- mod_proxy_ajp: fix handling of large uploads (#528640)
- mod_authnz_ldap: add AuthLDAPRemoteUserAttribute directive (#520838)
- mod_rewrite: add DiscardPathInfo flag (#517500)
- mod_authnz_ldap: don\'t fail authz if no ldap-
* configured (#448350)
- disable keepalive for Expect: 100-continue and error response (#533407)

Wed Jul 15 00:00:00 2009 Joe Orton 2.2.3-31.el5
- mod_rewrite: correct backport of URI escaping fix (#480604)

Sat Jul 11 00:00:00 2009 Joe Orton 2.2.3-30.el5
- add security fixes for CVE-2009-1890, CVE-2009-1891 (#509783)

Tue Jun 23 00:00:00 2009 Joe Orton 2.2.3-29.el5
- add image/png to conf/magic (#240844)

Wed Jun 17 00:00:00 2009 Joe Orton 2.2.3-28.el5
- fix backwards compat for CVE-2009-1195 fix (#502998)

Thu May 21 00:00:00 2009 Joe Orton 2.2.3-27.el5
- mod_cgi, mod_cgid: fix logging on input read error (#498170)
- mod_rewrite: don\'t serialize logfile access (#493023)
- mod_ext_filter: fix spurious error log output (#479463)

Sat May 16 00:00:00 2009 Joe Orton 2.2.3-26.el5
- add security fixes for CVE-2008-1678, CVE-2009-1195 (#499285)

Sat Apr 18 00:00:00 2009 Joe Orton 2.2.3-25.el5
- mod_rewrite: fix URI escaping with [P] in directory context (#480604)
- mod_cgi: fix headers/status in error responses (#480932)
- mod_speling: fix handling of directory names (#485524)
- init script: use ${pidfile} in more places (#491135)
- mod_log_config: support remote/local with \'p\' format (#493070)
- remove Obsolete for mod_jk (#493592)
- mod_ssl: fix SSL per-dir-reneg buffering with internal redirects (#488886)
- fix spurious error messages on graceful restart (#233955)

Wed Mar 18 23:00:00 2009 Joe Orton 2.2.3-24.el5
- mod_ssl: add SSLRenegBufferSize directive (#479806)

Fri Feb 6 23:00:00 2009 Joe Orton 2.2.3-23.el5
- mod_proxy: set c->remote_host for backend SSL connection (#479410)

Wed Nov 12 23:00:00 2008 Joe Orton 2.2.3-22.el5
- add security fixes for CVE-2008-2939 (#468841)
- note that the mod_proxy 2.2.9 rebase fixed CVE-2008-2634

Wed Oct 22 00:00:00 2008 Joe Orton 2.2.3-21.el5
- avoid strict-aliasing warnings (#462877)

Wed Oct 22 00:00:00 2008 Joe Orton 2.2.3-20.el5
- mod_proxy: scoreboard access fix (#252024)

Fri Sep 19 00:00:00 2008 Joe Orton 2.2.3-19.el5
- mod_proxy: various backport fixes (#252024)

Fri Sep 19 00:00:00 2008 Joe Orton 2.2.3-17.el5
- fix mod_proxy symbol use

Tue Sep 16 00:00:00 2008 Joe Orton 2.2.3-16.el5
- mod_proxy
*, mod_cache
*: rebase to 2.2.9 (#252024, #249534,
- backport changes to make chunk filter non-blocking (#454098)

Sat Sep 13 00:00:00 2008 Joe Orton 2.2.3-15.el5
- mod_ldap: fix memory lifetime issues (#440259)
- mod_ssl: configure OpenSSL dynamic lock callbacks (#462044)
- escape the Request-Method in canned error responses (#445888)
- build the event MPM and fix a deadlock therein (#444643)
- mod_headers: support \"RequestHeader edit\" (#428253)
- use \"OPTIONS
*\" rather than \"GET /\" in dummy connection (#367981)

Fri Aug 15 00:00:00 2008 Joe Orton 2.2.3-14.el5
- mod_proxy: add ProxyPassMatch support (#449159)

Tue Jul 22 00:00:00 2008 Joe Orton 2.2.3-13.el5
- mod_proxy_balancer: allow alternative string to match for
stickysession parameter (#439218)
- fix dist tag in Release (#440615)

Fri Jan 11 23:00:00 2008 Joe Orton 2.2.3-12.el5_1.3
- further update to backport for CVE-2007-6421 (#427240)

Fri Jan 11 23:00:00 2008 Joe Orton 2.2.3-12.el5_1.2
- updated backport for CVE-2007-6421 (#427240)

Mon Jan 7 23:00:00 2008 Joe Orton 2.2.3-11.el5_1.1
- add security fixes for CVE-2007-6388, CVE-2007-6421
and CVE-2007-6422 (#427240)
- add security fix for CVE-2007-4465, CVE-2007-5000 (#421631)
- add security fix for mod_proxy_ftp UTF-7 XSS (#427745)

Tue Aug 7 00:00:00 2007 Joe Orton 2.2.3-11.el5
- mark httpd.conf config(noreplace) (#247881)

Sat Aug 4 00:00:00 2007 Joe Orton 2.2.3-10.el5
- add security fix for CVE-2007-3847 (#250761)

Thu Aug 2 00:00:00 2007 Joe Orton 2.2.3-9.el5
- load mod_version by default (#247881)

Wed Jun 27 00:00:00 2007 Joe Orton 2.2.3-8.el5
- add \'ServerTokens Full-Release\' config option (#240857)
- use init script in logrotate postrotate (#241680)
- fix mod_proxy option inheritance (#245719)
- fix ProxyErrorOverride to only affect 4xx, 5xx responses (#240024)
- bump logresolve line buffer length to 10K (#245763)
- add security fixes for CVE-2007-1863, CVE-2007-3304,
and CVE-2006-5752 (#244666)

Wed Nov 29 23:00:00 2006 Joe Orton 2.2.3-6.el5
- fix path to instdso.sh in special.mk (#217677)
- fix detection of links in \"apachectl fullstatus\"

Wed Sep 20 00:00:00 2006 Joe Orton 2.2.3-5.el5
- rebuild

Sat Aug 12 00:00:00 2006 Joe Orton 2.2.3-3.el5
- use RHEL branding

Fri Aug 4 00:00:00 2006 Joe Orton 2.2.3-3
- init: use killproc() delay to avoid race killing parent

Sat Jul 29 00:00:00 2006 Joe Orton 2.2.3-2
- update to 2.2.3
- trim %changelog to >=2.0.52

Fri Jul 21 00:00:00 2006 Joe Orton 2.2.2-8
- fix segfault on dummy connection failure at graceful restart (#199429)

Thu Jul 20 00:00:00 2006 Joe Orton 2.2.2-7
- fix \"apxs -g\"-generated Makefile
- fix buildconf with autoconf 2.60

Thu Jul 13 00:00:00 2006 Jesse Keating - 2.2.2-5.1
- rebuild

Thu Jun 8 00:00:00 2006 Joe Orton 2.2.2-5
- require pkgconfig for -devel (#194152)
- fixes for installed support makefiles (special.mk et al)
- BR autoconf

Sat Jun 3 00:00:00 2006 Joe Orton 2.2.2-4
- make -devel package multilib-safe (#192686)

Fri May 12 00:00:00 2006 Joe Orton 2.2.2-3
- build DSOs using -z relro linker flag

Thu May 4 00:00:00 2006 Joe Orton 2.2.2-2
- update to 2.2.2

Fri Apr 7 00:00:00 2006 Joe Orton 2.2.0-6
- rebuild to pick up apr-util LDAP interface fix (#188073)

Fri Feb 10 23:00:00 2006 Jesse Keating - (none):2.2.0-5.1.2
- bump again for double-long bug on ppc(64)

Tue Feb 7 23:00:00 2006 Jesse Keating - (none):2.2.0-5.1.1
- rebuilt for new gcc4.1 snapshot and glibc changes

Mon Feb 6 23:00:00 2006 Joe Orton 2.2.0-5.1
- mod_auth_basic/mod_authn_file: if no provider is configured,
and AuthUserFile is not configured, decline to handle authn
silently rather than failing noisily.

Fri Feb 3 23:00:00 2006 Joe Orton 2.2.0-5
- mod_ssl: add security fix for CVE-2005-3357 (#177914)
- mod_imagemap: add security fix for CVE-2005-3352 (#177913)
- add fix for AP_INIT_
* designated initializers with C++ compilers
- httpd.conf: enable HTMLTable in default IndexOptions
- httpd.conf: add more \"redirect-carefully\" matches for DAV clients

Thu Jan 5 23:00:00 2006 Joe Orton 2.2.0-4
- mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)

Fri Dec 9 23:00:00 2005 Jesse Keating
- rebuilt

Wed Dec 7 23:00:00 2005 Joe Orton 2.2.0-3
- strip manual to just English content

Mon Dec 5 23:00:00 2005 Joe Orton 2.2.0-2
- don\'t strip C-L from HEAD responses (Greg Ames, #110552)
- load mod_proxy_balancer by default
- add proxy_ajp.conf to load/configure mod_proxy_ajp
- Obsolete mod_jk
- update docs URLs in httpd.conf/ssl.conf

Fri Dec 2 23:00:00 2005 Joe Orton 2.2.0-1
- update to 2.2.0

Wed Nov 30 23:00:00 2005 Joe Orton 2.1.10-2
- enable mod_authn_alias, mod_authn_anon
- update default httpd.conf

Fri Nov 25 23:00:00 2005 Joe Orton 2.1.10-1
- update to 2.1.10
- require apr >= 1.2.0, apr-util >= 1.2.0

Wed Nov 9 23:00:00 2005 Tomas Mraz 2.0.54-16
- rebuilt against new openssl

Thu Nov 3 23:00:00 2005 Joe Orton 2.0.54-15
- log notice giving SELinux context at startup if enabled
- drop SSLv2 and restrict default cipher suite in default
SSL configuration

Fri Oct 21 00:00:00 2005 Joe Orton 2.0.54-14
- mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)
- add security fix for byterange filter DoS (CVE-2005-2728)
- add security fix for C-L vs T-E handling (CVE-2005-2088)
- mod_ssl: add security fix for CRL overflow (CVE-2005-1268)
- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
- add fix for dummy connection handling (#167425)
- mod_auth_digest: fix hostinfo comparison in CONNECT requests
- mod_include: fix variable corruption in nested includes (upstream #12655)
- mod_ssl: add fix for handling non-blocking reads
- mod_ssl: fix to enable output buffering (upstream #35279)
- mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)

Sun Aug 14 00:00:00 2005 Joe Orton 2.0.54-13
- don\'t load by default: mod_cern_meta, mod_asis
- do load by default: mod_ext_filter (#165893)

Fri Jul 29 00:00:00 2005 Joe Orton 2.0.54-12
- drop broken epoch deps

Fri Jul 1 00:00:00 2005 Joe Orton 2.0.54-11
- mod_dav_fs: fix uninitialized variable (#162144)
- add epoch to dependencies as appropriate
- mod_ssl: drop dependencies on dev, make
- mod_ssl: mark post script dependencies as such

Tue May 24 00:00:00 2005 Joe Orton 2.0.54-10
- remove broken symlink (Robert Scheck, #158404)

Thu May 19 00:00:00 2005 Joe Orton 2.0.54-9
- add piped logger fixes (w/Jeff Trawick)

Tue May 10 00:00:00 2005 Joe Orton 2.0.54-8
- drop old \"powered by Red Hat\" logos

Thu May 5 00:00:00 2005 Joe Orton 2.0.54-7
- mod_userdir: fix memory allocation issue (upstream #34588)
- mod_ldap: fix memory corruption issue (Brad Nicholes, upstream #34618)

Wed Apr 27 00:00:00 2005 Joe Orton 2.0.54-6
- fix key/cert locations in post script

Tue Apr 26 00:00:00 2005 Joe Orton 2.0.54-5
- create default dummy cert in /etc/pki/tls
- use a pseudo-random serial number on the dummy cert
- change default ssl.conf to point at /etc/pki/tls
- merge back -suexec subpackage; SELinux policy can now be
used to persistently disable suexec (#155716)
- drop /etc/httpd/conf/ssl.
* directories and Makefiles
- unconditionally enable PIE support
- mod_ssl: fix for picking up -shutdown options (upstream #34452)

Tue Apr 19 00:00:00 2005 Joe Orton 2.0.54-4
- replace PreReq with Requires(pre)

Tue Apr 19 00:00:00 2005 Joe Orton 2.0.54-3
- update to 2.0.54

Wed Mar 30 00:00:00 2005 Joe Orton 2.0.53-6
- update default httpd.conf:

* clarify the comments on AddDefaultCharset usage (#135821)

* remove all the AddCharset default extensions

* don\'t load mod_imap by default

* synch with upstream 2.0.53 httpd-std.conf
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
- htdigest: fix permissions of created files (upstream #33765)
- remove htsslpass

Wed Mar 2 23:00:00 2005 Joe Orton 2.0.53-5
- apachectl: restore use of $OPTIONS again

Wed Feb 9 23:00:00 2005 Joe Orton 2.0.53-4
- update to 2.0.53
- move prefork/worker modules comparison to %check

Mon Feb 7 23:00:00 2005 Joe Orton 2.0.52-7
- fix cosmetic issues in \"service httpd reload\"
- move User/Group higher in httpd.conf (#146793)
- load mod_logio by default in httpd.conf
- apachectl: update for correct libselinux tools locations

Tue Nov 16 23:00:00 2004 Joe Orton 2.0.52-6
- add security fix for CVE CAN-2004-0942 (memory consumption DoS)
- SELinux: run httpd -t under runcon in configtest (Steven Smalley)
- fix SSLSessionCache comment for distcache in ssl.conf
- restart using SIGHUP not SIGUSR1 after logrotate
- add ap_save_brigade fix (upstream #31247)
- mod_ssl: fix possible segfault in auth hook (upstream #31848)
- add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677)
- apachectl: restore use of $OPTIONS
- apachectl, httpd.init: refuse to restart if $HTTPD -t fails
- apachectl: run $HTTPD -t in user SELinux context for configtest
- update for pcre-5.0 header locations

Sat Nov 13 23:00:00 2004 Jeff Johnson 2.0.52-5
- rebuild against db-4.3.21 aware apr-util.

Thu Nov 11 23:00:00 2004 Jeff Johnson 2.0.52-4
- rebuild against db-4.3-21.

Wed Sep 29 00:00:00 2004 Joe Orton 2.0.52-3
- add dummy connection address fixes from HEAD
- mod_ssl: add security fix for CAN-2004-0885

Wed Sep 29 00:00:00 2004 Joe Orton 2.0.52-2
- update to 2.0.52


  
ICM