SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for httpd-2.4.6-45.el7.centos.x86_64.rpm :

* Thu Nov 03 2016 CentOS Sources - 2.4.6-45.el7.centos- Remove index.html, add centos-noindex.tar.gz- change vstring- change symlink for poweredby.png- update welcome.conf with proper aliases
* Wed Aug 03 2016 Luboš Uhliarik - 2.4.6-45- RFE: run mod_rewrite external mapping program as non-root (#1316900)
* Tue Jul 12 2016 Joe Orton - 2.4.6-44- add security fix for CVE-2016-5387
* Tue Jul 05 2016 Joe Orton - 2.4.6-43- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)
* Fri Jun 17 2016 Joe Orton - 2.4.6-42- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)
* Wed Feb 24 2016 Jan Kaluza - 2.4.6-41- mod_cache: merge r->err_headers_out into r->headers when the response is cached for the first time (#1264989)- mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1298148)- mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038)- fix apache user creation when apache group already exists (#1299889)- fix apache user creation when USERGROUPS_ENAB is set to \'no\' (#1288757)- mod_proxy: fix slow response time for reponses with error status code when using ProxyErrorOverride (#1283653)- mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149)- mod_ssl: use \"localhost\" in the dummy SSL cert for long FQDNs (#1240495)- rotatelogs: improve support for localtime (#1244545)- ab: fix read failure when targeting SSL server (#1255331)- mod_log_debug: fix LogMessage example in documentation (#1279465)- mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime of DB lookup entries independently of the selected DB engine (#1287844)- mod_ssl: fix hardware crypto support with custom DH parms (#1291865)- mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)
* Thu Sep 17 2015 Jan Kaluza - 2.4.6-40- mod_dav: follow up fix for previous commit (#1263975)
* Wed Aug 26 2015 Jan Kaluza - 2.4.6-39- mod_dav: treat dav_resource uri as escaped (#1255480)
* Wed Aug 19 2015 Jan Kaluza - 2.4.6-38- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)
* Mon Aug 10 2015 Jan Kaluza - 2.4.6-37- core: fix chunk header parsing defect (CVE-2015-3183)- core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185)
* Tue Jul 14 2015 Jan Kaluza - 2.4.6-36- Revert fix for #1162152, it is not needed in RHEL7- mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)
* Wed Jul 01 2015 Jan Kaluza - 2.4.6-35- mod_remoteip: correct the trusted proxy match test (#1179306)- mod_dav: send complete response when resource is created (#1235383)- apachectl: correct the apachectl status man page (#1231924)
* Wed Jun 03 2015 Jan Kaluza - 2.4.6-34- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328)- do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820)- fix -D[efined] or [d] variables lifetime accross restarts (#1227219)- mod_ssl: do not send NPN extension with not configured (#1226015)
* Mon May 18 2015 Jan Kaluza - 2.4.6-33- mod_authz_dbm: fix crash when using \"Require dbm-file-group\" (#1221575)
* Wed Apr 15 2015 Jan Kaluza - 2.4.6-32- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779)- mod_remoteip: correct the trusted proxy match test (#1179306)- mod_status: honor remote_ip as documented (#1169081)- mod_deflate: fix decompression of files larger than 4GB (#1170214)- core: improve error message for inaccessible DocumentRoot (#1170220)- ab: try all addresses instead of failing on first one when not available (#1125276)- mod_proxy_wstunnel: add support for SSL (#1180745)- mod_proxy_wstunnel: load this module by default (#1180745)- mod_rewrite: add support for WebSockets (#1180745)- mod_rewrite: do not search for directory if a URL will be rewritten (#1210091)- mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1170206)- mod_ssl: fix memory leak on httpd reloads (#1181690)- mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476)- mod_cgi: return error code 408 on timeout (#1162152)- mod_dav_fs: set default value of DAVLockDB (#1176449)- add Documentation= to the httpd.service and htcacheclean.service (#1184118)- do not display \"bomb\" icon for files ending with \"core\" (#1170215)- add missing Reason-Phrase in HTTP response headers (#1162159)- fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625)- apachectl: ignore HTTPD variable from sysconfig (#1214401)- apachectl: fix \"graceful\" documentation (#1214398)- apachectl: fix \"graceful\" behaviour when httpd is not running (#1214430)
* Tue Dec 02 2014 Jan Kaluza - 2.4.6-31- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled instead of hardcoding it (#1168050)- mod_proxy: support Unix Domain Sockets (#1168081)
* Tue Nov 25 2014 Jan Kaluza - 2.4.6-30- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
* Tue Nov 04 2014 Jan Kaluza - 2.4.6-29- rebuild against proper version of OpenSSL (#1080125)
* Wed Oct 22 2014 Jan Kaluza - 2.4.6-28- set vstring based on /etc/os-release (#1114123)
* Mon Oct 06 2014 Jan Kaluza - 2.4.6-27- fix the dependency on openssl-libs to match the fix for #1080125
* Mon Sep 22 2014 Jan Kaluza - 2.4.6-26- allow *ProviderAlias>\'es to be seen under virtual hosts (#1131847)
* Fri Sep 19 2014 Jan Kaluza - 2.4.6-25- do not use hardcoded curve for ECDHE suites (#1080125)
* Wed Sep 03 2014 Jan Kaluza - 2.4.6-24- allow reverse-proxy to be set via SetHandler (#1136290)
* Thu Aug 21 2014 Jan Kaluza - 2.4.6-23- fix possible crash in SIGINT handling (#1131006)
* Mon Aug 18 2014 Jan Kaluza - 2.4.6-22- ab: fix integer overflow when printing stats with lot of requests (#1092420)
* Mon Aug 11 2014 Jan Kaluza - 2.4.6-21- add pre_htaccess so mpm-itk can be build as separate module (#1059143)
* Tue Aug 05 2014 Jan Kaluza - 2.4.6-20- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)
* Mon Aug 04 2014 Jan Kaluza - 2.4.6-19- fix build on ppc64le by using configure macro (#1125545)- compile httpd with -O3 on ppc64le (#1123490)- mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)
* Thu Jul 17 2014 Jan Kaluza - 2.4.6-18- mod_cgid: add security fix for CVE-2014-0231 (#1120608)- mod_proxy: add security fix for CVE-2014-0117 (#1120608)- mod_deflate: add security fix for CVE-2014-0118 (#1120608)- mod_status: add security fix for CVE-2014-0226 (#1120608)- mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)
* Thu Mar 20 2014 Jan Kaluza - 2.4.6-17- mod_dav: add security fix for CVE-2013-6438 (#1077907)- mod_log_config: add security fix for CVE-2014-0098 (#1077907)
* Wed Mar 05 2014 Joe Orton - 2.4.6-16- mod_ssl: improve DH temp key handling (#1057687)
* Wed Mar 05 2014 Joe Orton - 2.4.6-15- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)
* Fri Jan 24 2014 Daniel Mach - 2.4.6-14- Mass rebuild 2014-01-24
* Mon Jan 13 2014 Joe Orton - 2.4.6-13- mod_ssl: sanity-check use of \"SSLCompression\" (#1036666)- mod_proxy_http: fix brigade memory usage (#1040447)
* Fri Jan 10 2014 Joe Orton - 2.4.6-12- rebuild
* Thu Jan 09 2014 Joe Orton - 2.4.6-11- build with -O3 on ppc64 (#1051066)
* Tue Jan 07 2014 Joe Orton - 2.4.6-10- mod_dav: fix locktoken handling (#1004046)
* Fri Dec 27 2013 Daniel Mach - 2.4.6-9- Mass rebuild 2013-12-27
* Fri Dec 20 2013 Joe Orton - 2.4.6-8- use unambiguous httpd-mmn (#1029360)
* Fri Nov 01 2013 Jan Kaluza - 2.4.6-7- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)
* Thu Oct 31 2013 Jan Kaluza - 2.4.6-6- systemd: Use {MAINPID} notation in service file (#969972)
* Thu Oct 24 2013 Jan Kaluza - 2.4.6-5- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)
* Thu Oct 03 2013 Jan Kaluza - 2.4.6-4- expand macros in macros.httpd (#1011393)
* Mon Aug 26 2013 Jan Kaluza - 2.4.6-3- fix \"LDAPReferrals off\" to really disable LDAP Referrals
* Wed Jul 31 2013 Jan Kaluza - 2.4.6-2- revert fix for dumping vhosts twice
* Mon Jul 22 2013 Joe Orton - 2.4.6-1- update to 2.4.6- mod_ssl: use revised NPN API (r1487772)
* Thu Jul 11 2013 Jan Kaluza - 2.4.4-12- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)- apxs: mention -p option in manpage
* Tue Jul 02 2013 Joe Orton - 2.4.4-11- add patch for aarch64 (Dennis Gilmore, #925558)
* Mon Jul 01 2013 Joe Orton - 2.4.4-10- remove duplicate apxs man page from httpd-tools
* Mon Jun 17 2013 Joe Orton - 2.4.4-9- remove zombie dbmmanage script
* Fri May 31 2013 Jan Kaluza - 2.4.4-8- return 400 Bad Request on malformed Host header
* Mon May 20 2013 Jan Kaluza - 2.4.4-6- htpasswd/htdbm: fix hash generation bug (#956344)- do not dump vhosts twice in httpd -S output (#928761)- mod_cache: fix potential crash caused by uninitialized variable (#954109)
* Thu Apr 18 2013 Jan Kaluza - 2.4.4-5- execute systemctl reload as result of apachectl graceful- mod_ssl: ignore SNI hints unless required by config- mod_cache: forward-port CacheMaxExpire \"hard\" option- mod_ssl: fall back on another module\'s proxy hook if mod_ssl proxy is not configured.
* Tue Apr 16 2013 Jan Kaluza - 2.4.4-4- fix service file to not send SIGTERM after ExecStop (#906321, #912288)
* Tue Mar 26 2013 Jan Kaluza - 2.4.4-3- protect MIMEMagicFile with IfModule (#893949)
* Tue Feb 26 2013 Joe Orton - 2.4.4-2- really package mod_auth_form in mod_session (#915438)
* Tue Feb 26 2013 Joe Orton - 2.4.4-1- update to 2.4.4- fix duplicate ownership of mod_session config (#914901)
* Fri Feb 22 2013 Joe Orton - 2.4.3-17- add mod_session subpackage, move mod_auth_form there (#894500)
* Thu Feb 14 2013 Fedora Release Engineering - 2.4.3-16- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan 08 2013 Joe Orton - 2.4.3-15- add systemd service for htcacheclean
* Tue Nov 13 2012 Joe Orton - 2.4.3-14- drop patch for r1344712
* Tue Nov 13 2012 Joe Orton - 2.4.3-13- filter mod_
*.so auto-provides (thanks to rcollet)- pull in syslog logging fix from upstream (r1344712)
* Fri Oct 26 2012 Joe Orton - 2.4.3-12- rebuild to pick up new apr-util-ldap
* Tue Oct 23 2012 Joe Orton - 2.4.3-11- rebuild
* Wed Oct 03 2012 Joe Orton - 2.4.3-10- pull upstream patch r1392850 in addition to r1387633
* Mon Oct 01 2012 Joe Orton - 2.4.3-9.1- restore \"ServerTokens Full-Release\" support (#811714)
* Mon Oct 01 2012 Joe Orton - 2.4.3-9- define PLATFORM in os.h using vendor string
* Mon Oct 01 2012 Joe Orton - 2.4.3-8- use systemd script unconditionally (#850149)
* Mon Oct 01 2012 Joe Orton - 2.4.3-7- use systemd scriptlets if available (#850149)- don\'t run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists
* Mon Oct 01 2012 Jan Kaluza - 2.4.3-6- use systemctl from apachectl (#842736)
* Wed Sep 19 2012 Joe Orton - 2.4.3-5- fix some error log spam with graceful-stop (r1387633)- minor mod_systemd tweaks
* Thu Sep 13 2012 Joe Orton - 2.4.3-4- use IncludeOptional for conf.d/
*.conf inclusion
* Fri Sep 07 2012 Jan Kaluza - 2.4.3-3- adding mod_systemd to integrate with systemd better
* Tue Aug 21 2012 Joe Orton - 2.4.3-2- mod_ssl: add check for proxy keypair match (upstream r1374214)
* Tue Aug 21 2012 Joe Orton - 2.4.3-1- update to 2.4.3 (#849883)- own the docroot (#848121)
* Mon Aug 06 2012 Joe Orton - 2.4.2-23- add mod_proxy fixes from upstream (r1366693, r1365604)
* Thu Jul 19 2012 Fedora Release Engineering - 2.4.2-22- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jul 06 2012 Joe Orton - 2.4.2-21- drop explicit version requirement on initscripts
* Thu Jul 05 2012 Joe Orton - 2.4.2-20- mod_ext_filter: fix error_log warnings
* Mon Jul 02 2012 Joe Orton - 2.4.2-19- support \"configtest\" and \"graceful\" as initscripts \"legacy actions\"
* Fri Jun 08 2012 Joe Orton - 2.4.2-18- avoid use of \"core\" GIF for a \"core\" directory (#168776)- drop use of \"syslog.target\" in systemd unit file
* Thu Jun 07 2012 Joe Orton - 2.4.2-17- use _unitdir for systemd unit file- use /run in unit file, ssl.conf
* Thu Jun 07 2012 Joe Orton - 2.4.2-16- mod_ssl: fix NPN patch merge
* Wed Jun 06 2012 Joe Orton - 2.4.2-15- move tmpfiles.d fragment into /usr/lib per new guidelines- package /run/httpd not /var/run/httpd- set runtimedir to /run/httpd likewise
* Wed Jun 06 2012 Joe Orton - 2.4.2-14- fix htdbm/htpasswd crash on crypt() failure (#818684)
* Wed Jun 06 2012 Joe Orton - 2.4.2-13- pull fix for NPN patch from upstream (r1345599)
* Thu May 31 2012 Joe Orton - 2.4.2-12- update suexec patch to use LOG_AUTHPRIV facility
* Thu May 24 2012 Joe Orton - 2.4.2-11- really fix autoindex.conf (thanks to remiAATT)
* Thu May 24 2012 Joe Orton - 2.4.2-10- fix autoindex.conf to allow symlink to poweredby.png
* Wed May 23 2012 Joe Orton - 2.4.2-9- suexec: use upstream version of patch for capability bit support
* Wed May 23 2012 Joe Orton - 2.4.2-8- suexec: use syslog rather than suexec.log, drop dac_override capability
* Tue May 01 2012 Joe Orton - 2.4.2-7- mod_ssl: add TLS NPN support (r1332643, #809599)
* Tue May 01 2012 Joe Orton - 2.4.2-6- add BR on APR >= 1.4.0
* Fri Apr 27 2012 Joe Orton - 2.4.2-5- use systemctl from logrotate (#221073)
* Fri Apr 27 2012 Joe Orton - 2.4.2-4- pull from upstream:
* use TLS close_notify alert for dummy_connection (r1326980+)
* cleanup symbol exports (r1327036+)
* Fri Apr 27 2012 Joe Orton - 2.4.2-3.2- rebuild
* Fri Apr 20 2012 Joe Orton - 2.4.2-3- really fix restart
* Fri Apr 20 2012 Joe Orton - 2.4.2-2- tweak default ssl.conf- fix restart handling (#814645)- use graceful restart by default
* Wed Apr 18 2012 Jan Kaluza - 2.4.2-1- update to 2.4.2
* Fri Mar 23 2012 Joe Orton - 2.4.1-6- fix macros
* Fri Mar 23 2012 Joe Orton - 2.4.1-5- add _httpd_moddir to macros
* Tue Mar 13 2012 Joe Orton - 2.4.1-4- fix symlink for poweredby.png- fix manual.conf
* Tue Mar 13 2012 Joe Orton - 2.4.1-3- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage
* Tue Mar 13 2012 Joe Orton - 2.4.1-2- clean docroot better- ship proxy, ssl directories within /var/cache/httpd- default config:
* unrestricted access to (only) /var/www
* remove (commented) Mutex, MaxRanges, ScriptSock
* split autoindex config to conf.d/autoindex.conf- ship additional example configs in docdir
* Tue Mar 06 2012 Joe Orton - 2.4.1-1- update to 2.4.1- adopt upstream default httpd.conf (almost verbatim)- split all LoadModules to conf.modules.d/
*.conf- include conf.d/
*.conf at end of httpd.conf- trim %changelog
* Mon Feb 13 2012 Joe Orton - 2.2.22-2- fix build against PCRE 8.30
* Mon Feb 13 2012 Joe Orton - 2.2.22-1- update to 2.2.22
* Fri Feb 10 2012 Petr Pisar - 2.2.21-8- Rebuild against PCRE 8.30
* Mon Jan 23 2012 Jan Kaluza - 2.2.21-7- fix #783629 - start httpd after named
* Mon Jan 16 2012 Joe Orton - 2.2.21-6- complete conversion to systemd, drop init script (#770311)- fix comments in /etc/sysconfig/httpd (#771024)- enable PrivateTmp in service file (#781440)- set LANG=C in /etc/sysconfig/httpd
* Fri Jan 13 2012 Fedora Release Engineering - 2.2.21-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 06 2011 Jan Kaluza - 2.2.21-4- fix #751591 - start httpd after remote-fs
* Mon Oct 24 2011 Jan Kaluza - 2.2.21-3- allow change state of BalancerMember in mod_proxy_balancer web interface
* Thu Sep 22 2011 Ville Skyttä - 2.2.21-2- Make mmn available as %{_httpd_mmn}.- Add .svgz to AddEncoding x-gzip example in httpd.conf.
* Tue Sep 13 2011 Joe Orton - 2.2.21-1- update to 2.2.21
* Mon Sep 05 2011 Joe Orton - 2.2.20-1- update to 2.2.20- fix MPM stub man page generation
* Wed Aug 10 2011 Jan Kaluza - 2.2.19-5- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd
* Fri Jul 22 2011 Iain Arnell 1:2.2.19-4- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names
* Wed Jul 20 2011 Jan Kaluza - 2.2.19-3- fix #716621 - suexec now works without setuid bit
* Thu Jul 14 2011 Jan Kaluza - 2.2.19-2- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve
* Fri Jul 01 2011 Joe Orton - 2.2.19-1- update to 2.2.19- enable dbd, authn_dbd in default config
* Thu Apr 14 2011 Joe Orton - 2.2.17-13- fix path expansion in service files
* Tue Apr 12 2011 Joe Orton - 2.2.17-12- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)
* Wed Mar 23 2011 Joe Orton - 2.2.17-11- minor updates to httpd.conf- drop old patches
* Wed Mar 02 2011 Joe Orton - 2.2.17-10- rebuild
* Wed Feb 23 2011 Joe Orton - 2.2.17-9- use arch-specific mmn
* Wed Feb 09 2011 Fedora Release Engineering - 2.2.17-8- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan 31 2011 Joe Orton - 2.2.17-7- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)- add man page stubs for httpd.event, httpd.worker- drop distcache support- add STOP_TIMEOUT support to init script
* Sat Jan 08 2011 Joe Orton - 2.2.17-6- update default SSLCipherSuite per upstream trunk
* Wed Jan 05 2011 Joe Orton - 2.2.17-5- fix requires (#667397)
* Wed Jan 05 2011 Joe Orton - 2.2.17-4- de-ghost /var/run/httpd
* Tue Jan 04 2011 Joe Orton - 2.2.17-3- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)
* Sat Nov 20 2010 Joe Orton - 2.2.17-2- drop setuid bit, use capabilities for suexec binary
* Wed Oct 27 2010 Joe Orton - 2.2.17-1- update to 2.2.17
* Fri Sep 10 2010 Joe Orton - 2.2.16-2- link everything using -z relro and -z now
* Mon Jul 26 2010 Joe Orton - 2.2.16-1- update to 2.2.16
* Fri Jul 09 2010 Joe Orton - 2.2.15-3- default config tweaks:
* harden httpd.conf w.r.t. .htaccess restriction (#591293)
* load mod_substitute, mod_version by default
* drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
* add commented list of shipped-but-unloaded modules
* bump up worker defaults a little
* drop KeepAliveTimeout to 5 secs per upstream- fix LSB compliance in init script (#522074)- bundle NOTICE in -tools- use init script in logrotate postrotate to pick up PIDFILE- drop some old Obsoletes/Conflicts
* Sun Apr 04 2010 Robert Scheck - 2.2.15-1- update to 2.2.15 (#572404, #579311)
  
ICM