SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ea-apache24-manual-2.4.58-1.1.2.cpanel.noarch.rpm :

* Thu Oct 19 2023 Cory McIntire - 2.4.58-1- EA-11758: Update ea-apache2 from v2.4.57 to v2.4.58 - CVE-2023-31122: mod_macro buffer over-read - CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 - CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST
* Wed Oct 11 2023 Cory McIntire - 2.4.57-4- EA-11729: Rebuild against Updated ea-nghttp2 for CVE-2023-44487
* Thu Jun 29 2023 Tim Mullin - 2.4.57-3- EA-11526: Patch mod_http2 to fix issues with excessive CPU usage
* Fri Apr 21 2023 Tim Mullin - 2.4.57-2- EA-11296: Fix posttrans scriptlet failures on RHEL8+
* Fri Apr 07 2023 Cory McIntire - 2.4.57-1- EA-11337: Update ea-apache2 from v2.4.56 to v2.4.57
* Tue Mar 07 2023 Tim Mullin - 2.4.56-1- EA-11284: Update ea-apache2 from v2.4.55 to v2.4.56- CVE-2023-27522: Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting- CVE-2023-25690: HTTP request splitting with mod_rewrite and mod_proxy
* Thu Jan 19 2023 Tim Mullin - 2.4.55-2- EA-11167: Patch to fix sporadic 500 errors with 2.4.55
* Tue Jan 17 2023 Cory McIntire - 2.4.55-1- EA-11157: Update ea-apache2 from v2.4.54 to v2.4.55- CVE-2022-37436: Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting- CVE-2022-36760: Apache HTTP Server: mod_proxy_ajp Possible request smuggling- CVE-2006-20001: Apache HTTP Server: mod_dav out of bounds read, or write of zero byte
* Tue Jul 26 2022 Tim Mullin - 2.4.54-2- EA-10825: Fix file ownership for ea-apache24-mod_socache_redis
* Wed Jun 08 2022 Tim Mullin - 2.4.54-1- EA-10756: Update ea-apache2 from v2.4.53 to v2.4.54 CVE-2022-26377: mod_proxy_ajp: Possible request smuggling CVE-2022-28330: Read beyond bounds in mod_isapi CVE-2022-28614: Read beyond bounds via ap_rwrite() CVE-2022-28615: Read beyond bounds in ap_strcmp_match() CVE-2022-29404: Denial of service in mod_lua r:parsebody CVE-2022-30522: mod_sed: Denial of service CVE-2022-30556: Information Disclosure in mod_lua with websockets CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
* Mon Apr 18 2022 Tim Mullin - 2.4.53-2- EA-10538: Fix compiler warnings in suexec.c
* Mon Mar 14 2022 Tim Mullin - 2.4.53-1- EA-10550: Update ea-apache2 from v2.4.52 to v2.4.53
* Wed Jan 26 2022 Travis Holloway - 2.4.52-3- EA-10245: Add patch to change log level of accept mutex
* Wed Dec 29 2021 Tim Mullin - 2.4.52-2- EA-10391: Add patch to fix instability issues with Apache v2.4.52
* Mon Dec 20 2021 Travis Holloway - 2.4.52-1- EA-10370: Update ea-apache2 from v2.4.51 to v2.4.52
* Tue Nov 23 2021 Tim Mullin - 2.4.51-2- EA-10258: Patch mod_http2 to fix issue with hanging http2 threads
* Thu Oct 07 2021 Cory McIntire - 2.4.51-1- EA-10179: Update ea-apache2 from v2.4.50 to v2.4.51
* Mon Oct 04 2021 Cory McIntire - 2.4.50-1- EA-10157: Update ea-apache2 from v2.4.49 to v2.4.50
* Tue Sep 28 2021 Daniel Muey - 2.4.49-4- ZC-9300: ensure only one package owns http2.conf
* Tue Sep 28 2021 Cory McIntire - 2.4.49-3- EA-10152: Patch from upstream
* Thu Sep 23 2021 Travis Holloway - 2.4.49-2- EA-10123: Patch apache 2.4.49: Correctly decrement active_daemons also in the case that the child process decides on its own to die because of MaxRequestsPerChild.
* Thu Sep 16 2021 Cory McIntire - 2.4.49-1- EA-10107: Update ea-apache2 from v2.4.48 to v2.4.49
* Thu Aug 12 2021 Travis Holloway - 2.4.48-5- EA-10041: Fix instructions in elinks patch
* Mon Jul 26 2021 Daniel Muey - 2.4.48-4- ZC-9091: Manage the `httpd` service via scripts shared w/ debs
* Tue Jun 22 2021 Travis Holloway - 2.4.48-3- EA-9895: Ensure httpd is configured to start after reboot on chkconfig systems
* Wed Jun 02 2021 Cory McIntire - 2.4.48-2- EA-9822: rollback systemd change
* Wed May 26 2021 Cory McIntire - 2.4.48-1- EA-9797: Update ea-apache2 from v2.4.46 to v2.4.48
* Tue May 25 2021 Tim Mullin - 2.4.46-7- EA-9784: Change Apache to be a systemd notify service
* Wed Feb 03 2021 Cory McIntire - 2.4.46-6- EA-9463: Revert Apache startup changes.
* Fri Jan 29 2021 Cory McIntire - 2.4.46-5- EA-9463: Resolve Apache startup race conditions Enable mod_systemd for further startup enhancements
* Mon Jan 04 2021 Tim Mullin - 2.4.46-4- EA-9506: Do not start htcacheclean service if mod_cache_disk module is not loaded
* Tue Nov 24 2020 Julian Brown - 2.4.46-3- ZC-8005: Replace ea-openssl11 with system openssl on C8
* Thu Oct 15 2020 Hans Borresen - 2.4.46-2- EA-9374: Lower TimeoutStopSec for httpd.service
* Fri Aug 07 2020 Tim Mullin - 2.4.46-1- EA-9225: Update ea-apache2 from v2.4.43 to v2.4.46
* Mon May 18 2020 Julian Brown - 2.4.43-6- ZC-6822: Build on CentOS 8
* Thu Apr 30 2020 Tim Mullin - 2.4.43-5- EA-8809: Ensure that MAX_FD_LIMIT is not exceeded
* Wed Apr 29 2020 Cory McIntire - 2.4.43-4- EA-9047: Remove proc randoms that could not be found in POSTRANS- Switch to our ea-openssl11
* Tue Apr 28 2020 Cory McIntire - 2.4.43-3- EA-9042: Do not install init.d/httpd files on C7 and above
* Thu Apr 16 2020 Tim Mullin - 2.4.43-2- EA-9010: Patch apache 2.4.43 to fix ssl stapling memory leak
* Wed Apr 01 2020 Tim Mullin - 2.4.43-1- EA-8958: Update ea-apache2 from v2.4.41 to v2.4.43
* Thu Mar 19 2020 Tim Mullin - 2.4.41-9- A-8786: Patch apxs to use the correct value for top_builddir
* Wed Mar 18 2020 Tim Mullin - 2.4.41-8- EA-8927: Patch apache 2.4.x httpd for OCSP stapling bug
* Mon Mar 16 2020 Tim Mullin - 2.4.41-7- EA-8876: Made ea-apache24 require ea-apache24-mod_headers
* Tue Jan 14 2020 J. Nick Koston - 2.4.41-6- COBRA-10700: Optimizing finding modules
* Mon Dec 23 2019 Daniel Muey - 2.4.41-5- ZC-4361: bump release prefix past 4 so these will be newest (4 was added and disappeared due to a faulty revert)
* Wed Dec 18 2019 Daniel Muey - 2.4.41-3- ZC-4361: Update ea-openssl requirement to v1.1.1 (ZC-5583)
* Thu Dec 12 2019 J. Nick Koston - 2.4.41-2- COBRA-10665: Optimizing finding directives when parsing the configuration
* Wed Aug 14 2019 Cory McIntire - 2.4.41-1- EA-8612: Update ea-apache2 from v2.4.39 to v2.4.41
* Thu Aug 08 2019 Tim Mullin - 2.4.39-6- EA-8588: Added default RequestReadTimeout for mod_reqtimeout
* Wed Jun 19 2019 Tim Mullin - 2.4.39-5- EA-8533: Set Apache to depend on ea-apr >= 1.7.0-1
* Thu May 30 2019 Tim Mullin - 2.4.39-4- EA-8508: Appended \"Mutex sysvsem\" to 000_mod_mpm_prefork.conf
* Fri Apr 26 2019 Rishwanth Yeddula - 2.4.39-3- CPANEL-27056: Fix bug in condition that allowed for non-user files to be served in certain situations when SymlinkProtection was enabled.
* Wed Apr 03 2019 Rishwanth Yeddula - 2.4.39-2- CPANEL-22257: Ensure that Paths configured as Aliases are exempt from symlink protection checks
* Tue Apr 02 2019 Cory McIntire - 2.4.39-1- EA-8307: Update to 2.4.39, drop 2.4.38 CVE-2019-0211: Apache HTTP Server privilege escalation from modules\' scripts CVE-2019-0196: mod_http2, read-after-free on a string compare CVE-2019-0197: mod_http2, possible crash on late upgrade CVE-2019-0215: mod_ssl access control bypass CVE-2019-0217: mod_auth_digest access control bypass CVE-2019-0220: URL normalization inconsistincies
* Thu Mar 07 2019 Cory McIntire - 2.4.38-3- EA-8279: Take out noreplace from old EA3 init script so it will be removed now that EA3 is EOL
* Tue Feb 26 2019 Tim Mullin - 2.4.38-2- EA-7318: Increase service timeout to handle a large httpd.conf
* Thu Jan 24 2019 Cory McIntire - 2.4.38-1- EA-8165: Apache Update: Drop 2.4.37, update to 2.4.38
* Tue Jan 15 2019 Cory McIntire - 2.4.37-2- EA-7518: Add systemd directives to ensure network is up before starting
* Tue Oct 23 2018 Cory McIntire - 2.4.37-1- EA-7941: Update to v2.4.37, drop v2.4.35
* Fri Sep 28 2018 Cory McIntire - 2.4.35-1- EA-7871: Update to v2.4.35, drop v2.4.34 Remove Patch500: 0017-Apply-mod_ratelimit-fix-from-trunk.patch as it was implemented upstream.
* Fri Aug 24 2018 Rishwanth Yeddula - 2.4.34-3- EA-7802: Restore mod_ratelimit back to the 2.3.34 version. Applyupstream fixes for it from trunk.
* Thu Jul 19 2018 Rishwanth Yeddula - 2.4.34-2- EA-7715: Revert mod_ratelimit back to the 2.3.33 version. This is to ensure that it emits proper chunks, as there are several issues with the 2.3.34 version.
* Thu Jul 12 2018 Cory McIntire - 2.4.34-1- EA-7683 Update httpd-2.4.33 to httpd-2.4.34 Redid patches to be a git format-patch set
* Tue Jun 19 2018 Rishwanth Yeddula - 2.4.33-8- EA-5971: Ensure that htcacheclean service is functional on Centos 7 systems
* Thu May 31 2018 Cory McIntire - 2.4.33-7- EA-7487: Add ExecReload to httpd.service file
* Tue May 29 2018 Rishwanth Yeddula - 2.4.33-6- EA-7468: Ensure dependency resolution picks /usr/bin/perl instead of /bin/perl. This helps downstream users of our RPMs as their build environments can be simplified.
* Mon Apr 16 2018 Rishwanth Yeddula - 2.4.33-5- EA-7382: Update dependency on ea-openssl to require the latest version with versioned symbols.
* Wed Apr 04 2018 Rishwanth Yeddula - 2.4.33-4- EA-7376: Ensure that mod_http2 is properly linked against ea-openssl.
* Tue Apr 03 2018 Rishwanth Yeddula - 2.4.33-3- EA-7367: Ensure that the tools are properly linked against ea-openssl.
* Tue Apr 03 2018 Rishwanth Yeddula - 2.4.33-2- EA-7366: Ensure that apr-util is properly listed as a dependency.
* Thu Mar 29 2018 Daniel Muey - 2.4.33-1- EA-7327: Update to v2.4.33, drop v2.4.29
* Tue Mar 27 2018 Rishwanth Yeddula - 2.4.29-12- EA-7339: Build against the latest apr/apr-util
* Mon Mar 19 2018 Rishwanth Yeddula - 2.4.29-11- EA-7164: Build mod_brotli against the ea-brotli package.
* Tue Mar 06 2018 Cory McIntire - 2.4.29-10- ZC-3401: ensure building against and using ea-openssl
* Wed Feb 14 2018 Dan Muey - 2.4.29-9- EA-7238: use documented and ea3 parity safe suexec_log path
* Mon Feb 05 2018 Dan Muey - 2.4.29-8- EA-7217: Make sure we use ea-nghttp2
* Wed Jan 24 2018 Rishwanth Yeddula - 2.4.29-7- EA-7159: Use \'elinks\' instead of \'links\' as a dependency to ensure that EA4 does not pull any packages from the EPEL repos.
* Mon Jan 15 2018 Cory McIntire - 2.4.29-6- EA-7125: Remove previous piped logging patch
* Mon Jan 15 2018 Rishwanth Yeddula - 2.4.29-5- EA-7127: Ensure the mod_proxy_html and mod_xml2enc modules build against ea-libxml2. Additionally, updated the build process to avoid modifying the LDFLAGS - as it caused the libxml2 dependency to be carried to extensions compiled separately.
* Fri Jan 12 2018 Cory McIntire - 2.4.29-4- EA-7060: Supress Long Lost Pids warning- patch provided by Gary Stanley
* Wed Dec 27 2017 Cory McIntire - 2.4.29-3- EA-7044: Adjust Apache to use ea-libxml2
* Sun Dec 24 2017 Cory McIntire - 2.4.29-2- EA-6020: Restarting Apache while using splitlogs can result in \"Broken pipe\" errors- Applying patch provided by Gary Stanley (garyAATTcpanel.net)
* Wed Oct 18 2017 Jacob Perkins - 2.4.29-1- Updated to version 2.4.29 via update_pkg.pl (ZC-2981)- Removed mod_unique_id patch as it was patched upstream.
* Tue Oct 10 2017 Jacob Perkins - 2.4.28-1- Update Apache to 2.4.28
* Tue Sep 19 2017 Jacob Perkins - 2.4.27-8- Patch core for htaccess method registrations - CVE-2017-9798
* Mon Sep 11 2017 Dan Muey - 2.4.27-7- EA-6096: Add note to mod_unique_id summary about performance degradation
* Mon Aug 28 2017 Dan Muey - 2.4.27-6- EA-6274 Allow users to override hard coded ulimit() by using /etc/sysconfig/httpd
* Thu Aug 10 2017 Jacob Perkins - 2.4.27-5- Patched H2 for stalling when writing > 32k
* Thu Aug 10 2017 Felipe Gasper - 2.4.27-4- Require mod_proxy_wstunnel for ea-apache24.
* Wed Aug 02 2017 Cory McIntire - 2.4.27-3- Add conflicts between prefork and HTTP2
* Fri Jul 14 2017 Felipe Gasper - 2.4.27-2- Apply fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=61283
* Fri Jul 07 2017 Jacob Perkins - 2.4.27-1- Updated to version 2.4.27 via update_pkg.pl (EA-6522)
* Tue Jun 27 2017 Jacob Perkins - 2.4.25-12- Replace __isa w/ifarch
* Fri Jun 23 2017 Jacob Perkins - 2.4.25-11- Disable HTTP2 building on 32bit architectures
* Fri Jun 09 2017 Jacob Perkins - 2.4.25-10- Add HTTP2 Support
* Fri Mar 24 2017 Cory McIntire - 2.4.25-9- Add patch for segfaulting graceful restarts
* Thu Mar 16 2017 Dan Muey - 2.4.25-8- ZC-2483: Add ExecStop to systemd config
* Mon Mar 13 2017 Jacob Perkins - 2.4.25-7- Added requirement for links for apachectl-status
* Wed Feb 22 2017 Jacob Perkins - 2.4.25-6- Add patch for higher seed chunks
* Fri Feb 10 2017 Dan Muey - 2.4.25-5- EA-5514: update htcacheclean CACHE_ROOT to match reality
* Wed Jan 11 2017 Dan Muey - 2.4.25-4
* EA-5845: Increase the maximum number of file descriptors for init.d systems
* Wed Jan 04 2017 Dan Muey - 2.4.25-3
* EA-5836: mod_proxy_hcheck w/ prefork segfaults frequently
* Tue Jan 03 2017 Dan Muey - 2.4.25-2EA-5836: Have httpd.service use /run instead of /var/run
* Wed Dec 21 2016 Cory McIntire - 2.4.25-1- Updated to version 2.4.25, drop version 2.4.23
* Tue Dec 13 2016 Dan Muey - 2.4.23-9- EA-5557: turn off icon directives by default since the icons are broken under symlink protect- and are used by HTMLTable even when fancy indexinf is off
* Tue Dec 06 2016 Dan Muey - 2.4.23-8- EA-5557: turn off fancy indexing by default since the icons are broken under symlink protect
* Mon Dec 05 2016 S. Kurt Newman - 2.4.23-7- Update apachectl with ulimit calls modifying the open file descriptor limit so that Apache will start up (EA-5662)
* Thu Dec 01 2016 Dan Muey - 2.4.23-6- EA-5712: Patch apachectl to set PORT based on cpanel configuration
* Mon Oct 24 2016 Edwin Buck - 2.4.23-5- Add symlink protection root directive.
* Mon Oct 24 2016 Edwin Buck - 2.4.23-4- Add symlink protection patch and configuration control.
* Wed Jul 20 2016 Edwin Buck - 2.4.23-3- Fixed autoindex.conf suppression of /icons/ in subdomains.
* Wed Jul 20 2016 S. Kurt Newman - 2.4.23-2- mod_lua can be installed, but is off by default (EA-4825)- fixed a few rpmlint warnings complaining about lack of attr macros
* Tue Jul 19 2016 Edwin Buck - 2.4.23-1- EA-4872: Updated to verison 2.4.23- Added mod_proxy_hcheck (side effect of upstream 2.5 backport into 2.4.23)
* Mon Jul 18 2016 Edwin Buck - 2.4.20-6- Apply recommendations in asf-httpoxy-repsponse.txt for CVE-2016-5387
* Thu Jun 30 2016 Edwin Buck - 2.4.20-5- ZC-1937: Move mod_info into a separate child RPM
* Mon Jun 20 2016 Dan Muey - 2.4.20-4- EA-4383: Update Release value to OBS-proof versioning
* Fri May 27 2016 Jacob Perkins - 2.4.20-3- Updated suexec minimum uid to match EA3
* Tue Apr 26 2016 David Nielson - 2.4.20-2- Remove cp-ssl.conf
* Mon Apr 11 2016 Jacob Perkins - 2.4.20-1- Updated to version 2.4.20 via update_pkg.pl (EA-4446)
* Mon Mar 21 2016 Matt Dees 2.4.18.5- Create direct dependencies on mod_cgi/mod_cgid for the various MPMs.
* Thu Mar 10 2016 Matt Dees - 2.4.18.5- Add PIDFile to httpd.service
* Thu Mar 03 2016 S. Kurt Newman - 2.4.18-4- Removed Apache Bug #58854 (ZC-1512)
* Tue Mar 01 2016 David Nielson 2.4.18-3- Remove conflict on \'webserver\' and add conflict on \'httpd-mmn\' so Nginx can be installed from EPEL.
* Thu Jan 14 2016 S. Kurt Newman - 2.4.18-2- Applied fix for Apache Bug #58854. This patch should be removed once it has made into upstream.
* Thu Dec 17 2015 Jacob Perkins - 2.4.18-1- Updated to version 2.4.18 via update_pkg.pl
* Wed Dec 16 2015 Dan Muey 2.4.16-9- Add ea-apache24-mod_bwlimited as a requirement
* Tue Nov 03 2015 Jacob Perkins * Mon Nov 02 2015 Darren Mobley - 2.4.16-7- Added explicit conflicts for mod_cgi/mod_cgid and the mpms they conflict with. HB-1153
* Fri Oct 02 2015 Dan Muey 2.4.16-6- Stop installing userdir.conf since it is broken and the functionality is handled elsewhere
* Thu Oct 01 2015 S. Kurt Newman - 2.4.16-5- Added /etc/apache2/bin directory for apache-specific utility scripts- Added additional macros to /etc/rpm/macros.apache2 so other rpms can make use of those paths
* Mon Aug 31 2015 Julian Brown - 2.4.16-4- Added requirements for ea-cpanel-tools, scripting tools to work- with cPanel.
* Fri Aug 28 2015 Jacob Perkins 2.4.16-3- Disabled IPv4 Mapping
* Fri Aug 28 2015 Julian Brown - 2.4.16-2- Added requirements for ea-apache24-mod_proxy and mod_proxy_http- so we can support proxy subdomains
* Wed Aug 26 2015 Jacob Perkins - 2.4.16-1- Updated to version 2.4.16 via update_pkg.pl
* Mon Aug 24 2015 Trinity Quirk - 2.4.12-17- Patched apxs so that it correctly handles the conf.modules.d arrangement
* Mon Aug 10 2015 Darren Mobley - 2.4.12-16- Added ea-apache24-config and ea-apache24-config-runtime as requirements for ea-apache24
* Wed Aug 05 2015 Trinity Quirk - 2.4.12-15- Missing requirements for mod_session
* Mon Aug 03 2015 Dan Muey = 2.4.12-14- Add ea-apache24-tools as a require for ea-apache24
* Sat Aug 01 2015 Darren Mobley - 2.4.12-13- Add ea-documentroot as a require for ea-apache24
* Fri Jul 31 2015 Trinity Quirk - 2.4.12-12- Repair apxs craziness
* Thu Jul 30 2015 Trinity Quirk - 2.4.12-11- Reference new locations of apr and apr-util packages
* Wed Jul 01 2015 S. Kurt Newman - 2.4.12-10- Fixed mpm conflicts- Removed itk conflict since apache shouldn\'t be concerned with that.. only itk should be- Removed unused cloudlinux cagefs patch
* Thu Jun 11 2015 Matt Dees - 2.4.12-9- Added tmpfiles.d entry for c7
* Sat Jun 06 2015 Darren Mobley - 2.4.12-8.el6.cpanel.1- Added includes handler for .shtml files in cperror.conf
* Sat Jun 06 2015 Darren Mobley - 2.4.12-7.el6.cpanel.1- Added cperror.conf to handle error page configuration
* Wed May 27 2015 Julian Brown - 2.4.12-6.el6.cpanel.1- Changed name of rpms generated to ea-apache24.
* Tue Apr 28 2015 Darren Mobley - 2.4.12-5.el6.cpanel.1- Added httpd.service file and installation for CentOS 7 machines
* Mon Mar 30 2015 Trinity Quirk - 2.4.12-4.el6.cpanel.1- Added mime.types back into ea-apache24
* Fri Mar 27 2015 S. Kurt Newman - 2.4.12-3.el6.cpanel.1- Removed logrotate.d configuration to let WHM take care of this.
* Wed Mar 11 2015 Trinity Quirk - 2.4.12-2.el6.cpanel.1- Split many modules out into their own packages- Set dependencies between packages where needed
* Fri Feb 27 2015 Trinity Quirk - 2.4.12-1.el6.cpanel.1- Upgrade to 2.4.12- Remove inappropriate or already-applied patches
* Thu Feb 26 2015 Trinity Quirk - 2.4.6-21.el6.cpanel.1- Split the MPMs into their own packages- mod_heartbeat needs to be loaded after mod_status and mod_watchdog
* Wed Feb 25 2015 Trinity Quirk - 2.4.6-20.el6.cpanel.1- Each module now has its own conf.modules.d file- conf.modules.d files are created programmatically- Simplified ssl, proxy_html, ldap, and session package file lists
* Thu Jan 29 2015 Trinity Quirk - 2.4.6-17.el6.cpanel.1- Added cPanel-specific patches- Removed apache user creation, configured to run as nobody- Repaired incorrect run directories
* Tue Dec 30 2014 Kurt Newman - 2.4.6-17.el6.centos.1- Converted from CentOS 7, to CentOS 6
* Tue Jun 17 2014 Jim Perrin - 2.4.6-17.el7.centos.1- Remove index.html, add centos-noindex.tar.gz- update welcome.conf with proper aliases- change symlink for poweredby.png
* Thu Mar 20 2014 Jan Kaluza - 2.4.6-17- mod_dav: add security fix for CVE-2013-6438 (#1077907)- mod_log_config: add security fix for CVE-2014-0098 (#1077907)
* Wed Mar 05 2014 Joe Orton - 2.4.6-16- mod_ssl: improve DH temp key handling (#1057687)
* Wed Mar 05 2014 Joe Orton - 2.4.6-15- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)
* Fri Jan 24 2014 Daniel Mach - 2.4.6-14- Mass rebuild 2014-01-24
* Mon Jan 13 2014 Joe Orton - 2.4.6-13- mod_ssl: sanity-check use of \"SSLCompression\" (#1036666)- mod_proxy_http: fix brigade memory usage (#1040447)
* Fri Jan 10 2014 Joe Orton - 2.4.6-12- rebuild
* Thu Jan 09 2014 Joe Orton - 2.4.6-11- build with -O3 on ppc64 (#1051066)
* Tue Jan 07 2014 Joe Orton - 2.4.6-10- mod_dav: fix locktoken handling (#1004046)
* Fri Dec 27 2013 Daniel Mach - 2.4.6-9- Mass rebuild 2013-12-27
* Fri Dec 20 2013 Joe Orton - 2.4.6-8- use unambiguous httpd-mmn (#1029360)
* Fri Nov 01 2013 Jan Kaluza - 2.4.6-7- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)
* Thu Oct 31 2013 Jan Kaluza - 2.4.6-6- systemd: Use {MAINPID} notation in service file (#969972)
* Thu Oct 24 2013 Jan Kaluza - 2.4.6-5- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)
* Thu Oct 03 2013 Jan Kaluza - 2.4.6-4- expand macros in macros.httpd (#1011393)
* Mon Aug 26 2013 Jan Kaluza - 2.4.6-3- fix \"LDAPReferrals off\" to really disable LDAP Referrals
* Wed Jul 31 2013 Jan Kaluza - 2.4.6-2- revert fix for dumping vhosts twice
* Mon Jul 22 2013 Joe Orton - 2.4.6-1- update to 2.4.6- mod_ssl: use revised NPN API (r1487772)
* Thu Jul 11 2013 Jan Kaluza - 2.4.4-12- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)- apxs: mention -p option in manpage
* Tue Jul 02 2013 Joe Orton - 2.4.4-11- add patch for aarch64 (Dennis Gilmore, #925558)
* Mon Jul 01 2013 Joe Orton - 2.4.4-10- remove duplicate apxs man page from httpd-tools
* Mon Jun 17 2013 Joe Orton - 2.4.4-9- remove zombie dbmmanage script
* Fri May 31 2013 Jan Kaluza - 2.4.4-8- return 400 Bad Request on malformed Host header
* Mon May 20 2013 Jan Kaluza - 2.4.4-6- htpasswd/htdbm: fix hash generation bug (#956344)- do not dump vhosts twice in httpd -S output (#928761)- mod_cache: fix potential crash caused by uninitialized variable (#954109)
* Thu Apr 18 2013 Jan Kaluza - 2.4.4-5- execute systemctl reload as result of apachectl graceful- mod_ssl: ignore SNI hints unless required by config- mod_cache: forward-port CacheMaxExpire \"hard\" option- mod_ssl: fall back on another module\'s proxy hook if mod_ssl proxy is not configured.
* Tue Apr 16 2013 Jan Kaluza - 2.4.4-4- fix service file to not send SIGTERM after ExecStop (#906321, #912288)
* Tue Mar 26 2013 Jan Kaluza - 2.4.4-3- protect MIMEMagicFile with IfModule (#893949)
* Tue Feb 26 2013 Joe Orton - 2.4.4-2- really package mod_auth_form in mod_session (#915438)
* Tue Feb 26 2013 Joe Orton - 2.4.4-1- update to 2.4.4- fix duplicate ownership of mod_session config (#914901)
* Fri Feb 22 2013 Joe Orton - 2.4.3-17- add mod_session subpackage, move mod_auth_form there (#894500)
* Thu Feb 14 2013 Fedora Release Engineering - 2.4.3-16- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan 08 2013 Joe Orton - 2.4.3-15- add systemd service for htcacheclean
* Tue Nov 13 2012 Joe Orton - 2.4.3-14- drop patch for r1344712
* Tue Nov 13 2012 Joe Orton - 2.4.3-13- filter mod_
*.so auto-provides (thanks to rcollet)- pull in syslog logging fix from upstream (r1344712)
* Fri Oct 26 2012 Joe Orton - 2.4.3-12- rebuild to pick up new apr-util-ldap
* Tue Oct 23 2012 Joe Orton - 2.4.3-11- rebuild
* Wed Oct 03 2012 Joe Orton - 2.4.3-10- pull upstream patch r1392850 in addition to r1387633
* Mon Oct 01 2012 Joe Orton - 2.4.3-9.1- restore \"ServerTokens Full-Release\" support (#811714)
* Mon Oct 01 2012 Joe Orton - 2.4.3-9- define PLATFORM in os.h using vendor string
* Mon Oct 01 2012 Joe Orton - 2.4.3-8- use systemd script unconditionally (#850149)
* Mon Oct 01 2012 Joe Orton - 2.4.3-7- use systemd scriptlets if available (#850149)- don\'t run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists
* Mon Oct 01 2012 Jan Kaluza - 2.4.3-6- use systemctl from apachectl (#842736)
* Wed Sep 19 2012 Joe Orton - 2.4.3-5- fix some error log spam with graceful-stop (r1387633)- minor mod_systemd tweaks
* Thu Sep 13 2012 Joe Orton - 2.4.3-4- use IncludeOptional for conf.d/
*.conf inclusion
* Fri Sep 07 2012 Jan Kaluza - 2.4.3-3- adding mod_systemd to integrate with systemd better
* Tue Aug 21 2012 Joe Orton - 2.4.3-2- mod_ssl: add check for proxy keypair match (upstream r1374214)
* Tue Aug 21 2012 Joe Orton - 2.4.3-1- update to 2.4.3 (#849883)- own the docroot (#848121)
* Mon Aug 06 2012 Joe Orton - 2.4.2-23- add mod_proxy fixes from upstream (r1366693, r1365604)
* Thu Jul 19 2012 Fedora Release Engineering - 2.4.2-22- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jul 06 2012 Joe Orton - 2.4.2-21- drop explicit version requirement on initscripts
* Thu Jul 05 2012 Joe Orton - 2.4.2-20- mod_ext_filter: fix error_log warnings
* Mon Jul 02 2012 Joe Orton - 2.4.2-19- support \"configtest\" and \"graceful\" as initscripts \"legacy actions\"
* Fri Jun 08 2012 Joe Orton - 2.4.2-18- avoid use of \"core\" GIF for a \"core\" directory (#168776)- drop use of \"syslog.target\" in systemd unit file
* Thu Jun 07 2012 Joe Orton - 2.4.2-17- use _unitdir for systemd unit file- use /run in unit file, ssl.conf
* Thu Jun 07 2012 Joe Orton - 2.4.2-16- mod_ssl: fix NPN patch merge
* Wed Jun 06 2012 Joe Orton - 2.4.2-15- move tmpfiles.d fragment into /usr/lib per new guidelines- package /run/httpd not /var/run/httpd- set runtimedir to /run/httpd likewise
* Wed Jun 06 2012 Joe Orton - 2.4.2-14- fix htdbm/htpasswd crash on crypt() failure (#818684)
* Wed Jun 06 2012 Joe Orton - 2.4.2-13- pull fix for NPN patch from upstream (r1345599)
* Thu May 31 2012 Joe Orton - 2.4.2-12- update suexec patch to use LOG_AUTHPRIV facility
* Thu May 24 2012 Joe Orton - 2.4.2-11- really fix autoindex.conf (thanks to remiAATT)
* Thu May 24 2012 Joe Orton - 2.4.2-10- fix autoindex.conf to allow symlink to poweredby.png
* Wed May 23 2012 Joe Orton - 2.4.2-9- suexec: use upstream version of patch for capability bit support
* Wed May 23 2012 Joe Orton - 2.4.2-8- suexec: use syslog rather than suexec.log, drop dac_override capability
* Tue May 01 2012 Joe Orton - 2.4.2-7- mod_ssl: add TLS NPN support (r1332643, #809599)
* Tue May 01 2012 Joe Orton - 2.4.2-6- add BR on APR >= 1.4.0
* Fri Apr 27 2012 Joe Orton - 2.4.2-5- use systemctl from logrotate (#221073)
* Fri Apr 27 2012 Joe Orton - 2.4.2-4- pull from upstream:
* use TLS close_notify alert for dummy_connection (r1326980+)
* cleanup symbol exports (r1327036+)
* Fri Apr 27 2012 Joe Orton - 2.4.2-3.2- rebuild
* Fri Apr 20 2012 Joe Orton - 2.4.2-3- really fix restart
* Fri Apr 20 2012 Joe Orton - 2.4.2-2- tweak default ssl.conf- fix restart handling (#814645)- use graceful restart by default
* Wed Apr 18 2012 Jan Kaluza - 2.4.2-1- update to 2.4.2
* Fri Mar 23 2012 Joe Orton - 2.4.1-6- fix macros
* Fri Mar 23 2012 Joe Orton - 2.4.1-5- add _httpd_moddir to macros
* Tue Mar 13 2012 Joe Orton - 2.4.1-4- fix symlink for poweredby.png- fix manual.conf
* Tue Mar 13 2012 Joe Orton - 2.4.1-3- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage
* Tue Mar 13 2012 Joe Orton - 2.4.1-2- clean docroot better- ship proxy, ssl directories within /var/cache/httpd- default config:
* unrestricted access to (only) /var/www
* remove (commented) Mutex, MaxRanges, ScriptSock
* split autoindex config to conf.d/autoindex.conf- ship additional example configs in docdir
* Tue Mar 06 2012 Joe Orton - 2.4.1-1- update to 2.4.1- adopt upstream default httpd.conf (almost verbatim)- split all LoadModules to conf.modules.d/
*.conf- include conf.d/
*.conf at end of httpd.conf- trim %changelog
* Mon Feb 13 2012 Joe Orton - 2.2.22-2- fix build against PCRE 8.30
* Mon Feb 13 2012 Joe Orton - 2.2.22-1- update to 2.2.22
* Fri Feb 10 2012 Petr Pisar - 2.2.21-8- Rebuild against PCRE 8.30
* Mon Jan 23 2012 Jan Kaluza - 2.2.21-7- fix #783629 - start httpd after named
* Mon Jan 16 2012 Joe Orton - 2.2.21-6- complete conversion to systemd, drop init script (#770311)- fix comments in /etc/sysconfig/httpd (#771024)- enable PrivateTmp in service file (#781440)- set LANG=C in /etc/sysconfig/httpd
* Fri Jan 13 2012 Fedora Release Engineering - 2.2.21-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 06 2011 Jan Kaluza - 2.2.21-4- fix #751591 - start httpd after remote-fs
* Mon Oct 24 2011 Jan Kaluza - 2.2.21-3- allow change state of BalancerMember in mod_proxy_balancer web interface
* Thu Sep 22 2011 Ville Skyttä - 2.2.21-2- Make mmn available as %{_httpd_mmn}.- Add .svgz to AddEncoding x-gzip example in httpd.conf.
* Tue Sep 13 2011 Joe Orton - 2.2.21-1- update to 2.2.21
* Mon Sep 05 2011 Joe Orton - 2.2.20-1- update to 2.2.20- fix MPM stub man page generation
* Wed Aug 10 2011 Jan Kaluza - 2.2.19-5- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd
* Fri Jul 22 2011 Iain Arnell 1:2.2.19-4- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names
* Wed Jul 20 2011 Jan Kaluza - 2.2.19-3- fix #716621 - suexec now works without setuid bit
* Thu Jul 14 2011 Jan Kaluza - 2.2.19-2- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve
* Fri Jul 01 2011 Joe Orton - 2.2.19-1- update to 2.2.19- enable dbd, authn_dbd in default config
* Thu Apr 14 2011 Joe Orton - 2.2.17-13- fix path expansion in service files
* Tue Apr 12 2011 Joe Orton - 2.2.17-12- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)
* Wed Mar 23 2011 Joe Orton - 2.2.17-11- minor updates to httpd.conf- drop old patches
* Wed Mar 02 2011 Joe Orton - 2.2.17-10- rebuild
* Wed Feb 23 2011 Joe Orton - 2.2.17-9- use arch-specific mmn
* Wed Feb 09 2011 Fedora Release Engineering - 2.2.17-8- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan 31 2011 Joe Orton - 2.2.17-7- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)- add man page stubs for httpd.event, httpd.worker- drop distcache support- add STOP_TIMEOUT support to init script
* Sat Jan 08 2011 Joe Orton - 2.2.17-6- update default SSLCipherSuite per upstream trunk
* Wed Jan 05 2011 Joe Orton - 2.2.17-5- fix requires (#667397)
* Wed Jan 05 2011 Joe Orton - 2.2.17-4- de-ghost /var/run/httpd
* Tue Jan 04 2011 Joe Orton - 2.2.17-3- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)
* Sat Nov 20 2010 Joe Orton - 2.2.17-2- drop setuid bit, use capabilities for suexec binary
* Wed Oct 27 2010 Joe Orton - 2.2.17-1- update to 2.2.17
* Fri Sep 10 2010 Joe Orton - 2.2.16-2- link everything using -z relro and -z now
* Mon Jul 26 2010 Joe Orton - 2.2.16-1- update to 2.2.16
* Fri Jul 09 2010 Joe Orton - 2.2.15-3- default config tweaks:
* harden httpd.conf w.r.t. .htaccess restriction (#591293)
* load mod_substitute, mod_version by default
* drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
* add commented list of shipped-but-unloaded modules
* bump up worker defaults a little
* drop KeepAliveTimeout to 5 secs per upstream- fix LSB compliance in init script (#522074)- bundle NOTICE in -tools- use init script in logrotate postrotate to pick up PIDFILE- drop some old Obsoletes/Conflicts
* Sun Apr 04 2010 Robert Scheck - 2.2.15-1- update to 2.2.15 (#572404, #579311)
 
ICM