SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for hiawatha-libmbedtls-10.9-lp150.21.1.x86_64.rpm :

* Mon Aug 07 2017 andre.ramnitzAATTmail.de- Init repo for Leap 42.x (forked from factory)
* use inbuilt mbedtls lib
* Sat Jun 17 2017 fisiuAATTopensuse.org- Update to version 10.6:
* Added PublicKeyPins option.
* Added renewal-scripts to Let\'s Encrypt script.
* Small changes to CMake build system.
* Added CustomHeaderBackend option.
* Renamed CustomHeader option to CustomHeaderClient. Old name still works.
* Hiawatha ignores FileHashes and ReverseProxy for Let\'s Encrypt authentication requests.
* Small improvements and bugfixes.
* Tue Nov 15 2016 mpluskalAATTsuse.com- Update to version 10.4:
* SkipCacheCookie option added.
* Added Systemd init script to Debian package.
* Small improvements and bugfixes.- Small packaging changes and requirements update
* Sun Oct 02 2016 fisiuAATTopensuse.org- Build fails with mbedtls < 2.
* Sat Aug 27 2016 mpluskalAATTsuse.com- Update to version 10.3:
* PreventCSRF, PreventSQLi and PreventXSS improved.
* Prevention of MySQL data mining via SQL injection.
* Added revoke option to Let\'s Encrypt script.
* Hiawatha ignores RequireTLS for Let\'s Encrypt authentication requests.
* Small bugfixes and improvements.
* Bugfix: possible HTTP request pipelining error after CSRF prevented.- Changes for version 10.2:
* Added Let\'s Encrypt script (see extra/letsencrypt).
* Added support for requesting Let\'s Encrypt certificates (see AccessList and PasswordFile settings in manual page).
* Small improvements.
* Bugfix: HideProxy not working for Forwarded header.- Changes for 10.1:
* Added Extensions setting.
* Added support for X-Sendfile header.
* mbed TLS updated to 2.2.1.
* Improved SQL injection detection.
* Small bugfixes and improvements.- Changes for 10.0:
* Usage of Directory sections changed.
* Added support for RFC 5785.
* Added support for GZip compression. Removed the UseGZfile option.
* Added ECDSA support for TLS 1.0 and TLS 1.1.
* Replaced UrlToolkit Expire option with ExpirePeriod in Directory section.
* Replaced IgnoreDotHiawatha option with UseLocalConfig.
* Removed the VolatileObject option.
* Improved SQL injection detection.
* mbed TLS updated to 2.2.0.
* Small improvements.- Changes for 9.15:
* Support for WebSockets via reverse proxy.
* UNIX socket support for connections to WebSockets.
* Responsive design for directory index and error message.
* mbed TLS updated to 2.1.2.
* Fixed mbed TLS linking in CMake configuration.
* ListenBacklog option added.
* Small bugfixes.- Changes for 9.14:
* mbed TLS updated to 2.0.0.
* Small bugfixes.
* Bugfix: crash when sending very large request to FastCGI server.
* Sat Jun 20 2015 mpluskalAATTsuse.com- Fix rpmlint warnings
* add rcsymlink
* fix log directory permissions
* Mon Jun 15 2015 fisiuAATTopensuse.org- Update to 9.13:
* Renamed SSLcertFile to TLScertFile.
* Renamed RequireSSL to RequireTLS.
* Renamed SSL_
* CGI environment variables to TLS_
*.
* Renamed UrlToolkit option UseSSL to UseTLS.
* Replaced MinSSLversion by MinTLSversion.
* LogTimeouts option added.
* Added \'skip directories\' parameter to reverse proxy.
* Failed logins sent to Hiawatha Monitor.
* Small bugfix and improvements.
* Thu Feb 26 2015 fisiuAATTopensuse.org- Update to 9.12:
* Bugfix: memory leak in SSL library.
* Small bugfix.
* Tue Feb 03 2015 fisiuAATTopensuse.org- Update to 9.11:
* ChallengeClient option added.
* UrlToolkit options TotalConnections and OmitRequestLog added.
* Improvements to UrlToolkit and reverse proxy swap.
* UrlToolkit rules are also applied to PUT and DELETE.
* Small improvements.
* Sun Jan 11 2015 fisiuAATTopensuse.org- Update to 9.10:
* Support for banning bad clients who connect via a proxy.
* UrlToolkit option Do added. Changed how Call and Skip should be called.
* General UrlToolkit improvements. See config/toolkit.conf for syntax.
* Hiawatha now prefers reverse proxies with a scheme matching the one of the client connection. See config/toolkit.conf for syntax.
* Hiawatha will now first process UrlToolkit rules before using ReverseProxy.
* Small bugfixes and improvements.
* Sat Dec 13 2014 fisiuAATTopensuse.org- Update to 9.9:
* HTTPAuthToCGI option added.
* BanByCGI option added.
* Improved SSL ciphersuite selections.
* CAcertificates options added.
* Dropped support for SSL3.0.
* Small bugfixes and improvements.
* Sun Nov 02 2014 fisiuAATTopensuse.org- Update to 9.8:
* Added support for websockets. WebSocket option added.
* SSL key and certificate checks added to wigwam.
* Small bugfixes and improvements.
* Wed Sep 10 2014 jengelhAATTinai.de- Avoid generating libpolarssl.so.7, which led to \"have choice for libpolarssl.so.7: libpolarssl7 hiawatha\" and make other polarssl-using applications not run in practice because the library is in a non-standard directory, yet discovered by rpm as a provider.
* Sun Sep 07 2014 fisiuAATTopensuse.org- Update to 9.7:
* UseToolkit now possible in .hiawatha file at root of website.
* Method option added to URL Toolkit.
* SetResourceLimit option added.
* ThreadKillRate option added.
* Improved SQL injection detection.
* Default value for DHsize set to 2048.
* PolarSSL updated to version 1.3.8.
* Memory allocation debugger module added.
* Small bugfixes and improvements.
* Bugfix: incorrect file hash printing by wigwam with directory as symlink.
* Sun Jun 08 2014 fisiuAATTopensuse.org- Update to 9.6:
* Logfile rotation for access logfiles.
* HTTP Strict Transport Security header made optional for RequireSSL.
* Support for chunked transfer encoded requests (not for PUT).
* Support for improved server statistics in Hiawatha Monitor.
* The Hiawatha Monitor is now supported without the need for XSLT.
* PolarSSL updated to version 1.3.7.
* A few bugfixes as reported by Coverity.
* Bugfix: SQL injection detection was broken since 8.6.
* Bugfix: XSS detection didn\'t work for reverse proxy.
* Small bugfixes.
* Sun May 18 2014 fisiuAATTopensuse.org- Update to 9.5:
* Added support for CGI statistics in Hiawatha Monitor.
* MonitorRequests and MonitorStatsInterval option removed.
* Added support for Origin HTTP header to prevent CSRF.
* EnforceFirstHostname option added.
* ScriptAlias option added.
* PolarSSL updated to version 1.3.6.
* Dropped support for PolarSSL 1.2.
* Mon Mar 24 2014 fisiuAATTopensuse.org- Update to 9.4:
* Keep-Alive connections for reverse proxy made optional.
* ErrorXSLTfile option added.
* IgnoreDotHiawatha option added.
* RandomHeader option added.
* Dropped support for RC4.
* PolarSSL updated to version 1.3.4.
* Added support for Hyper Text Coffee Pot Control Protocol (RFC2324).
* Added SSL_CIPHER to CGI environment.
* Added Public/Private to UrlToolkit expire option.
* Small improvements.
* Mon Feb 17 2014 fisiuAATTopensuse.org- Add firewall rules for http and https.
* Thu Dec 12 2013 fisiuAATTopensuse.org- Update to 9.3.1:
* Several bugfixes in reverse proxy.
* Thu Nov 21 2013 fisiuAATTopensuse.org- Update to 9.3:
* PolarSSL updated to version 1.3.2.
* Added support for Elliptic Curve Cryptography.
* TunnelSSH option added.
* AnonymizeIP option added.
* Keep-alive connections for reverse proxy.
* Small improvements.
* Tue Aug 13 2013 fisiuAATTopensuse.org- Don\'t use cutom pid file in systemd service.- Fix logrotate config.- Spec cleanup.
* Thu Aug 01 2013 fisiuAATTopensuse.org- Update source URL.
* Mon Jun 24 2013 fisiuAATTopensuse.org- Drop hiawatha.permissions file and related option. Use 0755 and %verify(not mode) for %{_sbindir}cgi-wrapper.
* Sun Jun 23 2013 fisiuAATTopensuse.org- Update to 9.2:
* Added support for compiling Hiawatha against the system\'s default version (>=1.2.0) of the PolarSSL library.
* PolarSSL updated to version 1.2.8.
* Small bugfixes (memory leaks in error situations).
* Bugfix: virtual hostname selection for IPv6 with non-standard port.
* Sun Jun 02 2013 fisiuAATTopensuse.org- Update to 9.1:
* FileHashes option added.
* PolarSSL updated to version 1.2.7. Enabled ciphersuite selection based on protocol version.
* Enabled accf_http support for FreeBSD. Thanks to Martin Tournoij.
* ImageReferer option removed.
* Bugfix: incorrect BanOnFlooding behavior.
* Small improvements.
* Thu Apr 04 2013 fisiuAATTopensuse.org- Update to 9.0:
* Clients handled via thread pool instead of creating threads on the fly.
* ThreadPoolSize option added.
* Header option added to URL Toolkit.
* Improved client SSL certificate handling. Environment variables renamed.
* PolarSSL updated to version 1.2.6.
* Improved Reverse Proxy caching support for requests with URL parameters.
* CacheMinFilesize option removed.
* DenyBot option removed. Use UrlToolkit\'s Header option instead.
* OldBrowser option removed from URL Toolkit. Use Header option instead.
* Improved UrlToolkit rule testing in wigwam.
* Small bugfixes and improvements.
* Wed Mar 20 2013 fisiuAATTopensuse.org- Run server as wwwrun user.
* Fri Mar 08 2013 fisiuAATTopensuse.org- update to 8.8.1 (changes since 7.7):
* Bugfix: Incorrect size of buffer for poll() can lead to a crash when using Tomahawk.
* Caching for Reverse Proxy. CacheRProxyExtensions option added.
* Basic HTTP authentication now supports the glibc2 version of crypt().
* Hostname in ImageReferer can now contain a wildcard.
* DenyBody matching is now case insensitive.
* PolarSSL updated to version 1.2.5.
* Support for HTTP Strict Transport Security (RFC 6797). Integrated in RequireSSL option.
* DHsize option added.
* PolarSSL updated to version 1.2.3.
* CloudFlare headers placed in environment variables.
* Removed php-fcgi.
* Bugfix: slow page loading via Reverse Proxy.
* PolarSSL updated to version 1.2. Added support for TLS 1.2 and secure renegotiation.
* Added support for Server Name Indication.
* MinSSLversion option added.
* ServerRoot option removed.
* Improved MacOS X package building script.
* Marked php-fcgi as deprecated. Use php-fpm instead.
* Improved Reverse Proxy.
* Changed error message style.
* Renamed Command Channel to Tomahawk.
* Return 403 instead of 401 upon correct password for HTTP authentication but user not in right group.
* Bugfix: replaced select() with poll() to prevent crashes in case of large amount of simultaneous connections. Thanks to Peter Bex.
* MaxServerLoad option added.
* PolarSSL updated to version 1.1.4.
* Bugfix: invalid reverse proxy request when URL parameters are present.
* Bugfix: memory leak in SSL library.
* Improved security for reverse proxy (works with PreventSQLi, etc).
* ReverseProxy option added.
* PolarSSL updated to version 1.1.3.
* WebDAVapp option added. Enables support for WebDAV applications like ownCloud (http://owncloud.org/).
* Removed support for the OPTIONS method.
* AllowDotFiles option added.
* Global forks setting in php-fcgi.conf moved to Server setting.
* BanOnInvalidURL option added.
* PolarSSL updated to version 1.1.1.
* Bugfix: paths missing in default values and examples in manual pages.
* Replaced Autoconf with CMake. Many thanks to Sander Niemeijer.
* Replaced OpenSSL with PolarSSL. Many thanks to Paul Bakker.
* AllowedCiphers and DHparameters options removed.
* Added IE7 to UrlToolkit\'s OldBrowser list, removed IE5.
* MaxUrlLength option added, can return 414 Request-URI Too Long.
* Changed default value of TriggerOnCGIstatus to \'no\'.
* Equalized format of logfiles.
* Extra checks added to php-fcgi.
* Improved SQL injection detection.
* Bugfix: memory leak in PreventSQLi routine.
* Bugfix: potential server freeze with 100% CPU in CGI output caching.
* Bugfix: null byte in HTTP header of cached CGI content.
* Control CGI output cache via X-Hiawatha-Cache and X-Hiawatha-Cache-Remove CGI headers. See the CGI OUTPUT CACHE section in the manual page.
* BanOnWrongPassword now also triggers on wrong username.
* Bugfix: timeout issue with large POST requests on SSL connections.
* Sun Oct 09 2011 detlefAATTlinks2linux.de- new upstream version <7.7>
* First parameter of Alias can now contain subdirectories.
* Improved stability for connections with SSL client authentication.
* Bugfix: BanOnFlooding was broken.
* Mon Sep 05 2011 detlefAATTlinks2linux.de- new upstream version <7.6>
* PreventSQLi option rewritten.
* Wed Jun 01 2011 detlefAATTlinks2linux.de- new upstream version <7.5>
* OldBrowser option added to URL toolkit.
* Improved mimetype configuration.
* Do-not-track HTTP header support.
* Password file entries can now be created with Wigwam.
* Small bugfixes and improvements.
* Bugfix: sent one byte too few for Range -XX.
* Bugfix: possible crash when using PreventSQLi.
* Tue Apr 12 2011 detlefAATTlinks2linux.de- new upstream version <7.4.1>
* Bugfix: integer overflow in fetch_request() which could lead to a server crash.
* Mon Nov 15 2010 detlefAATTlinks2linux.de- new upstream version <7.4>
* Connections per IP added to RequestLimitMask.
* NoExtensionAs made a per-host setting.
* Small bugfixes and improvements.
* Bugfix: usage of HideProxy caused Hiawatha to refuse new connections after ConnectionsTotal connections.
* Bugfix: memory leak in XSLT module.
* Fri Jun 11 2010 detlefAATTlinks2linux.de- new upstream version <7.3>
* RequestLimitMask option added.
* URL parameters for ErrorHandler.
* Support for Haiku OS.
* Small security bugfixes.
* Thu Apr 22 2010 detlefAATTlinks2linux.de- new upstream version <7.2>
* URL toolkit code restructured.
* UseSSL option added to URL toolkit.
* Digest HTTP authentication works with htdigest(1) created password files.
* Small improvements.
* Mon Mar 29 2010 detlefAATTlinks2linux.de- new upstream version <7.1>
* Small bugfixes.
* Bugfix: deny access and redirect result via toolkit subroutine.
* Bugfix: broken flooding protection.
* Mon Feb 15 2010 detlefAATTlinks2linux.de- new upstream version <7.0>- added logrotate/init file.
* Mon Mar 09 2009 mrueckertAATTsuse.de- update to 6.11
  
ICM