|
|
|
|
Changelog for httpd-debuginfo-2.2.3-74.el5.i386.rpm :
Thu Oct 25 00:00:00 2012 Joe Orton - 2.2.3-74 - further %post scriptlet fix (#752618, #867736)
Fri Oct 19 00:00:00 2012 Joe Orton - 2.2.3-73 - fix %post scriptlet output (#752618, #867736)
Fri Sep 21 00:00:00 2012 Joe Orton - 2.2.3-72 - add security fix for CVE-2008-0456
Sat Sep 1 00:00:00 2012 Joe Orton - 2.2.3-71 - add security fix for CVE-2012-2687 (#850794)
Sat Sep 1 00:00:00 2012 Joe Orton - 2.2.3-70 - relax checks for status-line validity (#853128)
Thu Aug 16 00:00:00 2012 Joe Orton - 2.2.3-69 - mod_cache: fix header merging for 304 case, thanks to Roy Badami (#845532) - correct CVE reference in old changelog entry (#849160)
Wed Jul 25 00:00:00 2012 Joe Orton - 2.2.3-68 - mod_ssl: add _userID DN variable suffix for NID_userId (#840036) - fix handling of long chunk-line (#840845) - omit %posttrans daemon restart if /etc/sysconfig/httpd-disable-posttrans exists (#833042)
Fri Jul 6 00:00:00 2012 Joe Orton - 2.2.3-67 - add server aliases to \"httpd -S\" output (#833043) - LSB compliance fixes for init script (#783242) - mod_ldap: add LDAPReferrals directive alias (#727342)
Fri Jun 29 00:00:00 2012 Jan Kaluza - 2.2.3-66 - check if localhost.key is valid (#752618) - mod_proxy_ajp: honour ProxyErrorOverride (#767890) - mod_ssl: fixed start with FIPS 140-2 mode enabled (#773473)
Sat May 26 00:00:00 2012 Joe Orton - 2.2.3-65 - mod_cache: fix handling of 304 responses (#825210)
Wed Feb 8 23:00:00 2012 Joe Orton - 2.2.3-64 - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787597) - remove patch for CVE-2011-3638, obviated by fix for CVE-2011-3639
Wed Jan 4 23:00:00 2012 Joe Orton - 2.2.3-63 - revert addition of LDAP nested group support (#546443)
Wed Dec 21 23:00:00 2011 Joe Orton - 2.2.3-62 - mod_ldap: add support for nested groups (#546443) - mod_ssl: fix segfault with bad SSLCryptoDevice argument (#767990)
Wed Dec 7 23:00:00 2011 Jan Kaluza - 2.2.3-61 - rotatelogs: include new manpage (#677279,#677288)
Fri Oct 28 00:00:00 2011 Jan Kaluza - 2.2.3-60 - rotatelogs: create files even if they are empty (#677279) - rotatelogs: option to rotate files into a custom location (#677288) - mod_proxy: allow change BalancerMember state in web interface (#709869)
Thu Oct 27 00:00:00 2011 Jan Kaluza - 2.2.3-59 - mod_proxy: add connectiontimeout option (#719907) - mod_alias: support Redirect to local path (#714725)
Wed Oct 26 00:00:00 2011 Jan Kaluza - 2.2.3-58 - add apr callback to handle OOM (#700322)
Wed Oct 26 00:00:00 2011 Joe Orton - 2.2.3-57 - updated patch for CVE-2011-3192 (#733061) - add security fix for CVE-2011-3368 (#743904)
Wed Oct 26 00:00:00 2011 Jan Kaluza - 2.2.3-56 - restart service in posttrans (#719941)
Fri Sep 9 00:00:00 2011 Joe Orton - 2.2.3-55 - add security fix for CVE-2011-3192 (#733061, #736593)
Fri Jun 17 00:00:00 2011 Joe Orton - 2.2.3-53 - mod_cache: add \"hard\" argument to CacheMaxExpire (#379811)
Thu May 12 00:00:00 2011 Joe Orton - 2.2.3-52 - mod_include: fix parsing across bucket boundaries (#698402)
Fri Apr 15 00:00:00 2011 Joe Orton - 2.2.3-50 - fix patch for #658766
Thu Apr 7 00:00:00 2011 Joe Orton - 2.2.3-49 - mod_proxy: add support for \'bybusyness\' balancer (#555870) - mod_authnz_ldap: enable handling of referrals (#604727) - add mod_reqtimeout (#612198) - mod_ssl: fix use of overlapping memcpy (#636427) - mod_ssl: fix startup with duplicate SSL vhost configurations (#649648) - mod_proxy: fix proxy via chained SSL intermediary (#658766) - mod_proxy: fix header mapping for balancer:// URLS (#678057) - mod_filter: fix matching against response headers (#679994) - mod_ldap: fix caching in some configs (#264681) - mod_headers: correctly handle multiple matched headers (#673276)
Tue Apr 5 00:00:00 2011 Joe Orton - 2.2.3-48 - mod_ssl: add fix for handling incomplete lines w/revproxy (#691497)
Wed Feb 23 23:00:00 2011 Joe Orton - 2.2.3-47 - add proxy fixes for PR 37770, PR 45792 (#632407, #552303) - add fix for PR 36780 (#580008)
Thu Feb 10 23:00:00 2011 Joe Orton - 2.2.3-46 - prefork: ensure early child exit during graceful restart (#674102)
Mon Dec 6 23:00:00 2010 Joe Orton - 2.2.3-45 - ab: fail gracefully for OOM allocating stats structures (#645845) - init script: use $STOP_DELAY as delay before SIGKILL of parent (#644223) - mod_dav: don\'t delete the existing resource if a PUT fails (#572910) - core: don\'t replace Date header when acting as reverse proxy (#565865) - mod_dbd: fix pool usage (#633955)
Fri Aug 20 00:00:00 2010 Joe Orton - 2.2.3-44 - mod_ssl: improved fix for SSLRequire\'s OID() function (#614423) - add security fixes for CVE-2010-1452, CVE-2010-2791 (#623211) - mod_deflate: rebase to 2.2.15 (#612211) - stop multiple invocations of filter init functions (#570628)
Thu Mar 4 23:00:00 2010 Joe Orton - 2.2.3-43 - add security fixes for CVE-2010-0408, CVE-2010-0434 (#570441)
Tue Feb 23 23:00:00 2010 Joe Orton - 2.2.3-42 - require and BR a version of OpenSSL with the secure reneg API (#566659)
Tue Feb 23 23:00:00 2010 Joe Orton - 2.2.3-41 - mod_ssl: add SSLInsecureRenegotiation (#566659)
Mon Feb 1 23:00:00 2010 Joe Orton - 2.2.3-40 - mod_ssl: further fix for OID() handling (#552942)
Thu Jan 28 23:00:00 2010 Joe Orton - 2.2.3-39 - prevent use of rsync during \"make install\" (#557049)
Thu Jan 28 23:00:00 2010 Joe Orton - 2.2.3-38 - mod_ssl: fix additional case for OID() handling (#552942) - mod_authnz_ldap: fix handling of empty filter in group defn (#252038)
Tue Jan 19 23:00:00 2010 Joe Orton - 2.2.3-37 - mod_ssl: use ASN1_STRING_print() in SSLRequire\'s OID() (#552942)
Sun Dec 20 23:00:00 2009 Joe Orton - 2.2.3-36 - mod_ssl: add further mitigation for CVE-2009-3555 (#534042) - add mod_substitute (#539256)
Fri Dec 18 23:00:00 2009 Joe Orton - 2.2.3-35.el5 - mod_authnz_ldap: dynamic group fixes (#252038)
Thu Dec 17 23:00:00 2009 Joe Orton - 2.2.3-34.el5 - mod_authnz_ldap: add support for dynamic group lookup (#252038)
Wed Dec 16 23:00:00 2009 Joe Orton - 2.2.3-33.el5 - add security fixes for CVE-2009-3555, CVE-2009-3094, CVE-2009-3095 (#534042)
Wed Dec 2 23:00:00 2009 Joe Orton - 2.2.3-32.el5 - fix hard-coded default pidfile to match default config (#505002) - mod_ssl: fix potential hang in renegotiation (#510515) - drop legacy X-Pad header from short responses (#526110) - mod_proxy_ajp: fix handling of large uploads (#528640) - mod_authnz_ldap: add AuthLDAPRemoteUserAttribute directive (#520838) - mod_rewrite: add DiscardPathInfo flag (#517500) - mod_authnz_ldap: don\'t fail authz if no ldap- * configured (#448350) - disable keepalive for Expect: 100-continue and error response (#533407)
Wed Jul 15 00:00:00 2009 Joe Orton 2.2.3-31.el5 - mod_rewrite: correct backport of URI escaping fix (#480604)
Sat Jul 11 00:00:00 2009 Joe Orton 2.2.3-30.el5 - add security fixes for CVE-2009-1890, CVE-2009-1891 (#509783)
Tue Jun 23 00:00:00 2009 Joe Orton 2.2.3-29.el5 - add image/png to conf/magic (#240844)
Wed Jun 17 00:00:00 2009 Joe Orton 2.2.3-28.el5 - fix backwards compat for CVE-2009-1195 fix (#502998)
Thu May 21 00:00:00 2009 Joe Orton 2.2.3-27.el5 - mod_cgi, mod_cgid: fix logging on input read error (#498170) - mod_rewrite: don\'t serialize logfile access (#493023) - mod_ext_filter: fix spurious error log output (#479463)
Sat May 16 00:00:00 2009 Joe Orton 2.2.3-26.el5 - add security fixes for CVE-2008-1678, CVE-2009-1195 (#499285)
Sat Apr 18 00:00:00 2009 Joe Orton 2.2.3-25.el5 - mod_rewrite: fix URI escaping with [P] in directory context (#480604) - mod_cgi: fix headers/status in error responses (#480932) - mod_speling: fix handling of directory names (#485524) - init script: use ${pidfile} in more places (#491135) - mod_log_config: support remote/local with \'p\' format (#493070) - remove Obsolete for mod_jk (#493592) - mod_ssl: fix SSL per-dir-reneg buffering with internal redirects (#488886) - fix spurious error messages on graceful restart (#233955)
Wed Mar 18 23:00:00 2009 Joe Orton 2.2.3-24.el5 - mod_ssl: add SSLRenegBufferSize directive (#479806)
Fri Feb 6 23:00:00 2009 Joe Orton 2.2.3-23.el5 - mod_proxy: set c->remote_host for backend SSL connection (#479410)
Wed Nov 12 23:00:00 2008 Joe Orton 2.2.3-22.el5 - add security fixes for CVE-2008-2939 (#468841) - note that the mod_proxy 2.2.9 rebase fixed CVE-2008-2364
Wed Oct 22 00:00:00 2008 Joe Orton 2.2.3-21.el5 - avoid strict-aliasing warnings (#462877)
Wed Oct 22 00:00:00 2008 Joe Orton 2.2.3-20.el5 - mod_proxy: scoreboard access fix (#252024)
Fri Sep 19 00:00:00 2008 Joe Orton 2.2.3-19.el5 - mod_proxy: various backport fixes (#252024)
Fri Sep 19 00:00:00 2008 Joe Orton 2.2.3-17.el5 - fix mod_proxy symbol use
Tue Sep 16 00:00:00 2008 Joe Orton 2.2.3-16.el5 - mod_proxy *, mod_cache *: rebase to 2.2.9 (#252024, #249534, - backport changes to make chunk filter non-blocking (#454098)
Sat Sep 13 00:00:00 2008 Joe Orton 2.2.3-15.el5 - mod_ldap: fix memory lifetime issues (#440259) - mod_ssl: configure OpenSSL dynamic lock callbacks (#462044) - escape the Request-Method in canned error responses (#445888) - build the event MPM and fix a deadlock therein (#444643) - mod_headers: support \"RequestHeader edit\" (#428253) - use \"OPTIONS *\" rather than \"GET /\" in dummy connection (#367981)
Fri Aug 15 00:00:00 2008 Joe Orton 2.2.3-14.el5 - mod_proxy: add ProxyPassMatch support (#449159)
Tue Jul 22 00:00:00 2008 Joe Orton 2.2.3-13.el5 - mod_proxy_balancer: allow alternative string to match for stickysession parameter (#439218) - fix dist tag in Release (#440615)
Fri Jan 11 23:00:00 2008 Joe Orton 2.2.3-12.el5_1.3 - further update to backport for CVE-2007-6421 (#427240)
Fri Jan 11 23:00:00 2008 Joe Orton 2.2.3-12.el5_1.2 - updated backport for CVE-2007-6421 (#427240)
Mon Jan 7 23:00:00 2008 Joe Orton 2.2.3-11.el5_1.1 - add security fixes for CVE-2007-6388, CVE-2007-6421 and CVE-2007-6422 (#427240) - add security fix for CVE-2007-4465, CVE-2007-5000 (#421631) - add security fix for mod_proxy_ftp UTF-7 XSS (#427745)
Tue Aug 7 00:00:00 2007 Joe Orton 2.2.3-11.el5 - mark httpd.conf config(noreplace) (#247881)
Sat Aug 4 00:00:00 2007 Joe Orton 2.2.3-10.el5 - add security fix for CVE-2007-3847 (#250761)
Thu Aug 2 00:00:00 2007 Joe Orton 2.2.3-9.el5 - load mod_version by default (#247881)
Wed Jun 27 00:00:00 2007 Joe Orton 2.2.3-8.el5 - add \'ServerTokens Full-Release\' config option (#240857) - use init script in logrotate postrotate (#241680) - fix mod_proxy option inheritance (#245719) - fix ProxyErrorOverride to only affect 4xx, 5xx responses (#240024) - bump logresolve line buffer length to 10K (#245763) - add security fixes for CVE-2007-1863, CVE-2007-3304, and CVE-2006-5752 (#244666)
Wed Nov 29 23:00:00 2006 Joe Orton 2.2.3-6.el5 - fix path to instdso.sh in special.mk (#217677) - fix detection of links in \"apachectl fullstatus\"
Wed Sep 20 00:00:00 2006 Joe Orton 2.2.3-5.el5 - rebuild
Sat Aug 12 00:00:00 2006 Joe Orton 2.2.3-3.el5 - use RHEL branding
Fri Aug 4 00:00:00 2006 Joe Orton 2.2.3-3 - init: use killproc() delay to avoid race killing parent
Sat Jul 29 00:00:00 2006 Joe Orton 2.2.3-2 - update to 2.2.3 - trim %changelog to >=2.0.52
Fri Jul 21 00:00:00 2006 Joe Orton 2.2.2-8 - fix segfault on dummy connection failure at graceful restart (#199429)
Thu Jul 20 00:00:00 2006 Joe Orton 2.2.2-7 - fix \"apxs -g\"-generated Makefile - fix buildconf with autoconf 2.60
Thu Jul 13 00:00:00 2006 Jesse Keating - 2.2.2-5.1 - rebuild
Thu Jun 8 00:00:00 2006 Joe Orton 2.2.2-5 - require pkgconfig for -devel (#194152) - fixes for installed support makefiles (special.mk et al) - BR autoconf
Sat Jun 3 00:00:00 2006 Joe Orton 2.2.2-4 - make -devel package multilib-safe (#192686)
Fri May 12 00:00:00 2006 Joe Orton 2.2.2-3 - build DSOs using -z relro linker flag
Thu May 4 00:00:00 2006 Joe Orton 2.2.2-2 - update to 2.2.2
Fri Apr 7 00:00:00 2006 Joe Orton 2.2.0-6 - rebuild to pick up apr-util LDAP interface fix (#188073)
Fri Feb 10 23:00:00 2006 Jesse Keating - (none):2.2.0-5.1.2 - bump again for double-long bug on ppc(64)
Tue Feb 7 23:00:00 2006 Jesse Keating - (none):2.2.0-5.1.1 - rebuilt for new gcc4.1 snapshot and glibc changes
Mon Feb 6 23:00:00 2006 Joe Orton 2.2.0-5.1 - mod_auth_basic/mod_authn_file: if no provider is configured, and AuthUserFile is not configured, decline to handle authn silently rather than failing noisily.
Fri Feb 3 23:00:00 2006 Joe Orton 2.2.0-5 - mod_ssl: add security fix for CVE-2005-3357 (#177914) - mod_imagemap: add security fix for CVE-2005-3352 (#177913) - add fix for AP_INIT_ * designated initializers with C++ compilers - httpd.conf: enable HTMLTable in default IndexOptions - httpd.conf: add more \"redirect-carefully\" matches for DAV clients
Thu Jan 5 23:00:00 2006 Joe Orton 2.2.0-4 - mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)
Fri Dec 9 23:00:00 2005 Jesse Keating - rebuilt
Wed Dec 7 23:00:00 2005 Joe Orton 2.2.0-3 - strip manual to just English content
Mon Dec 5 23:00:00 2005 Joe Orton 2.2.0-2 - don\'t strip C-L from HEAD responses (Greg Ames, #110552) - load mod_proxy_balancer by default - add proxy_ajp.conf to load/configure mod_proxy_ajp - Obsolete mod_jk - update docs URLs in httpd.conf/ssl.conf
Fri Dec 2 23:00:00 2005 Joe Orton 2.2.0-1 - update to 2.2.0
Wed Nov 30 23:00:00 2005 Joe Orton 2.1.10-2 - enable mod_authn_alias, mod_authn_anon - update default httpd.conf
Fri Nov 25 23:00:00 2005 Joe Orton 2.1.10-1 - update to 2.1.10 - require apr >= 1.2.0, apr-util >= 1.2.0
Wed Nov 9 23:00:00 2005 Tomas Mraz 2.0.54-16 - rebuilt against new openssl
Thu Nov 3 23:00:00 2005 Joe Orton 2.0.54-15 - log notice giving SELinux context at startup if enabled - drop SSLv2 and restrict default cipher suite in default SSL configuration
Fri Oct 21 00:00:00 2005 Joe Orton 2.0.54-14 - mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700) - add security fix for byterange filter DoS (CVE-2005-2728) - add security fix for C-L vs T-E handling (CVE-2005-2088) - mod_ssl: add security fix for CRL overflow (CVE-2005-1268) - mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc) - add fix for dummy connection handling (#167425) - mod_auth_digest: fix hostinfo comparison in CONNECT requests - mod_include: fix variable corruption in nested includes (upstream #12655) - mod_ssl: add fix for handling non-blocking reads - mod_ssl: fix to enable output buffering (upstream #35279) - mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)
Sun Aug 14 00:00:00 2005 Joe Orton 2.0.54-13 - don\'t load by default: mod_cern_meta, mod_asis - do load by default: mod_ext_filter (#165893)
Fri Jul 29 00:00:00 2005 Joe Orton 2.0.54-12 - drop broken epoch deps
Fri Jul 1 00:00:00 2005 Joe Orton 2.0.54-11 - mod_dav_fs: fix uninitialized variable (#162144) - add epoch to dependencies as appropriate - mod_ssl: drop dependencies on dev, make - mod_ssl: mark post script dependencies as such
Tue May 24 00:00:00 2005 Joe Orton 2.0.54-10 - remove broken symlink (Robert Scheck, #158404)
Thu May 19 00:00:00 2005 Joe Orton 2.0.54-9 - add piped logger fixes (w/Jeff Trawick)
Tue May 10 00:00:00 2005 Joe Orton 2.0.54-8 - drop old \"powered by Red Hat\" logos
Thu May 5 00:00:00 2005 Joe Orton 2.0.54-7 - mod_userdir: fix memory allocation issue (upstream #34588) - mod_ldap: fix memory corruption issue (Brad Nicholes, upstream #34618)
Wed Apr 27 00:00:00 2005 Joe Orton 2.0.54-6 - fix key/cert locations in post script
Tue Apr 26 00:00:00 2005 Joe Orton 2.0.54-5 - create default dummy cert in /etc/pki/tls - use a pseudo-random serial number on the dummy cert - change default ssl.conf to point at /etc/pki/tls - merge back -suexec subpackage; SELinux policy can now be used to persistently disable suexec (#155716) - drop /etc/httpd/conf/ssl. * directories and Makefiles - unconditionally enable PIE support - mod_ssl: fix for picking up -shutdown options (upstream #34452)
Tue Apr 19 00:00:00 2005 Joe Orton 2.0.54-4 - replace PreReq with Requires(pre)
Tue Apr 19 00:00:00 2005 Joe Orton 2.0.54-3 - update to 2.0.54
Wed Mar 30 00:00:00 2005 Joe Orton 2.0.53-6 - update default httpd.conf: * clarify the comments on AddDefaultCharset usage (#135821) * remove all the AddCharset default extensions * don\'t load mod_imap by default * synch with upstream 2.0.53 httpd-std.conf - mod_ssl: set user from SSLUserName in access hook (upstream #31418) - htdigest: fix permissions of created files (upstream #33765) - remove htsslpass
Wed Mar 2 23:00:00 2005 Joe Orton 2.0.53-5 - apachectl: restore use of $OPTIONS again
Wed Feb 9 23:00:00 2005 Joe Orton 2.0.53-4 - update to 2.0.53 - move prefork/worker modules comparison to %check
Mon Feb 7 23:00:00 2005 Joe Orton 2.0.52-7 - fix cosmetic issues in \"service httpd reload\" - move User/Group higher in httpd.conf (#146793) - load mod_logio by default in httpd.conf - apachectl: update for correct libselinux tools locations
Tue Nov 16 23:00:00 2004 Joe Orton 2.0.52-6 - add security fix for CVE CAN-2004-0942 (memory consumption DoS) - SELinux: run httpd -t under runcon in configtest (Steven Smalley) - fix SSLSessionCache comment for distcache in ssl.conf - restart using SIGHUP not SIGUSR1 after logrotate - add ap_save_brigade fix (upstream #31247) - mod_ssl: fix possible segfault in auth hook (upstream #31848) - add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677) - apachectl: restore use of $OPTIONS - apachectl, httpd.init: refuse to restart if $HTTPD -t fails - apachectl: run $HTTPD -t in user SELinux context for configtest - update for pcre-5.0 header locations
Sat Nov 13 23:00:00 2004 Jeff Johnson 2.0.52-5 - rebuild against db-4.3.21 aware apr-util.
Thu Nov 11 23:00:00 2004 Jeff Johnson 2.0.52-4 - rebuild against db-4.3-21.
Wed Sep 29 00:00:00 2004 Joe Orton 2.0.52-3 - add dummy connection address fixes from HEAD - mod_ssl: add security fix for CAN-2004-0885
Wed Sep 29 00:00:00 2004 Joe Orton 2.0.52-2 - update to 2.0.52
|
|
|