Changelog for apache2-mod_fcgid-2.3.9-bp156.4.5.x86_64.rpm :

* Wed Nov 25 2020 pgajdosAATTsuse.com- use /usr/sbin/apxs for build, not -prefork
* Tue Jun 25 2019 pgajdosAATTsuse.com- test via apache-rex instead
* Fri May 12 2017 pgajdosAATTsuse.com- amend example in %check to see how output to stderr get logged in error_log
* Mon Mar 13 2017 pgajdosAATTsuse.com- add a true example to %check
* Wed Jul 27 2016 kstreitovaAATTsuse.com- add mod_fcgid-2.3.9-CVE-2016-1000104.patch - don\'t allow setting the HTTP_PROXY environment variable from a http header [CVE-2016-1000104], [bsc#988492]- run spec-cleaner to clean specfile
* Thu Sep 03 2015 pgajdosAATTsuse.com- test module with %apache_test_module_load
* Thu Jul 16 2015 pgajdosAATTsuse.com- Requries: %{apache_suse_maintenance_mmn} This will pull this module to the update (in released distribution) when apache maintainer thinks it is good (due api/abi changes).
* Fri Oct 31 2014 pgajdosAATTsuse.com- call spec-cleaner- use apache rpm macros
* Wed Nov 06 2013 drahtAATTsuse.de- update to 2.3.9: + obsoletes apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff and fixes CVE-2013-4365 [bnc#844935] (heap overflow). The heap overflow discovery and fix was done by Robert Matthews . + quoting and spaces parsing correction for FcgidWrapper directive and commandline options. + logging improvements for access controls + remove redundant processing of Location headers when running in FCGI_AUTHORIZER mode
* Mon Oct 21 2013 drahtAATTsuse.de- Intermediate fix for openSUSE:Factory eg. openSUSE:13.1: apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff fixes a heap overflow identified by CVE-2013-4365 [bnc#844935]. This patch will be obsoleted by the next version update (to 2.3.9 or higher).