|
|
|
|
Changelog for ea-apache24-manual-2.4.58-1.1.2.cpanel.noarch.rpm :
* Thu Oct 19 2023 Cory McIntire - 2.4.58-1- EA-11758: Update ea-apache2 from v2.4.57 to v2.4.58 - CVE-2023-31122: mod_macro buffer over-read - CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 - CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST * Wed Oct 11 2023 Cory McIntire - 2.4.57-4- EA-11729: Rebuild against Updated ea-nghttp2 for CVE-2023-44487 * Thu Jun 29 2023 Tim Mullin - 2.4.57-3- EA-11526: Patch mod_http2 to fix issues with excessive CPU usage * Fri Apr 21 2023 Tim Mullin - 2.4.57-2- EA-11296: Fix posttrans scriptlet failures on RHEL8+ * Fri Apr 07 2023 Cory McIntire - 2.4.57-1- EA-11337: Update ea-apache2 from v2.4.56 to v2.4.57 * Tue Mar 07 2023 Tim Mullin - 2.4.56-1- EA-11284: Update ea-apache2 from v2.4.55 to v2.4.56- CVE-2023-27522: Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting- CVE-2023-25690: HTTP request splitting with mod_rewrite and mod_proxy * Thu Jan 19 2023 Tim Mullin - 2.4.55-2- EA-11167: Patch to fix sporadic 500 errors with 2.4.55 * Tue Jan 17 2023 Cory McIntire - 2.4.55-1- EA-11157: Update ea-apache2 from v2.4.54 to v2.4.55- CVE-2022-37436: Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting- CVE-2022-36760: Apache HTTP Server: mod_proxy_ajp Possible request smuggling- CVE-2006-20001: Apache HTTP Server: mod_dav out of bounds read, or write of zero byte * Tue Jul 26 2022 Tim Mullin - 2.4.54-2- EA-10825: Fix file ownership for ea-apache24-mod_socache_redis * Wed Jun 08 2022 Tim Mullin - 2.4.54-1- EA-10756: Update ea-apache2 from v2.4.53 to v2.4.54 CVE-2022-26377: mod_proxy_ajp: Possible request smuggling CVE-2022-28330: Read beyond bounds in mod_isapi CVE-2022-28614: Read beyond bounds via ap_rwrite() CVE-2022-28615: Read beyond bounds in ap_strcmp_match() CVE-2022-29404: Denial of service in mod_lua r:parsebody CVE-2022-30522: mod_sed: Denial of service CVE-2022-30556: Information Disclosure in mod_lua with websockets CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism * Mon Apr 18 2022 Tim Mullin - 2.4.53-2- EA-10538: Fix compiler warnings in suexec.c * Mon Mar 14 2022 Tim Mullin - 2.4.53-1- EA-10550: Update ea-apache2 from v2.4.52 to v2.4.53 * Wed Jan 26 2022 Travis Holloway - 2.4.52-3- EA-10245: Add patch to change log level of accept mutex * Wed Dec 29 2021 Tim Mullin - 2.4.52-2- EA-10391: Add patch to fix instability issues with Apache v2.4.52 * Mon Dec 20 2021 Travis Holloway - 2.4.52-1- EA-10370: Update ea-apache2 from v2.4.51 to v2.4.52 * Tue Nov 23 2021 Tim Mullin - 2.4.51-2- EA-10258: Patch mod_http2 to fix issue with hanging http2 threads * Thu Oct 07 2021 Cory McIntire - 2.4.51-1- EA-10179: Update ea-apache2 from v2.4.50 to v2.4.51 * Mon Oct 04 2021 Cory McIntire - 2.4.50-1- EA-10157: Update ea-apache2 from v2.4.49 to v2.4.50 * Tue Sep 28 2021 Daniel Muey - 2.4.49-4- ZC-9300: ensure only one package owns http2.conf * Tue Sep 28 2021 Cory McIntire - 2.4.49-3- EA-10152: Patch from upstream * Thu Sep 23 2021 Travis Holloway - 2.4.49-2- EA-10123: Patch apache 2.4.49: Correctly decrement active_daemons also in the case that the child process decides on its own to die because of MaxRequestsPerChild. * Thu Sep 16 2021 Cory McIntire - 2.4.49-1- EA-10107: Update ea-apache2 from v2.4.48 to v2.4.49 * Thu Aug 12 2021 Travis Holloway - 2.4.48-5- EA-10041: Fix instructions in elinks patch * Mon Jul 26 2021 Daniel Muey - 2.4.48-4- ZC-9091: Manage the `httpd` service via scripts shared w/ debs * Tue Jun 22 2021 Travis Holloway - 2.4.48-3- EA-9895: Ensure httpd is configured to start after reboot on chkconfig systems * Wed Jun 02 2021 Cory McIntire - 2.4.48-2- EA-9822: rollback systemd change * Wed May 26 2021 Cory McIntire - 2.4.48-1- EA-9797: Update ea-apache2 from v2.4.46 to v2.4.48 * Tue May 25 2021 Tim Mullin - 2.4.46-7- EA-9784: Change Apache to be a systemd notify service * Wed Feb 03 2021 Cory McIntire - 2.4.46-6- EA-9463: Revert Apache startup changes. * Fri Jan 29 2021 Cory McIntire - 2.4.46-5- EA-9463: Resolve Apache startup race conditions Enable mod_systemd for further startup enhancements * Mon Jan 04 2021 Tim Mullin - 2.4.46-4- EA-9506: Do not start htcacheclean service if mod_cache_disk module is not loaded * Tue Nov 24 2020 Julian Brown - 2.4.46-3- ZC-8005: Replace ea-openssl11 with system openssl on C8 * Thu Oct 15 2020 Hans Borresen - 2.4.46-2- EA-9374: Lower TimeoutStopSec for httpd.service * Fri Aug 07 2020 Tim Mullin - 2.4.46-1- EA-9225: Update ea-apache2 from v2.4.43 to v2.4.46 * Mon May 18 2020 Julian Brown - 2.4.43-6- ZC-6822: Build on CentOS 8 * Thu Apr 30 2020 Tim Mullin - 2.4.43-5- EA-8809: Ensure that MAX_FD_LIMIT is not exceeded * Wed Apr 29 2020 Cory McIntire - 2.4.43-4- EA-9047: Remove proc randoms that could not be found in POSTRANS- Switch to our ea-openssl11 * Tue Apr 28 2020 Cory McIntire - 2.4.43-3- EA-9042: Do not install init.d/httpd files on C7 and above * Thu Apr 16 2020 Tim Mullin - 2.4.43-2- EA-9010: Patch apache 2.4.43 to fix ssl stapling memory leak * Wed Apr 01 2020 Tim Mullin - 2.4.43-1- EA-8958: Update ea-apache2 from v2.4.41 to v2.4.43 * Thu Mar 19 2020 Tim Mullin - 2.4.41-9- A-8786: Patch apxs to use the correct value for top_builddir * Wed Mar 18 2020 Tim Mullin - 2.4.41-8- EA-8927: Patch apache 2.4.x httpd for OCSP stapling bug * Mon Mar 16 2020 Tim Mullin - 2.4.41-7- EA-8876: Made ea-apache24 require ea-apache24-mod_headers * Tue Jan 14 2020 J. Nick Koston - 2.4.41-6- COBRA-10700: Optimizing finding modules * Mon Dec 23 2019 Daniel Muey - 2.4.41-5- ZC-4361: bump release prefix past 4 so these will be newest (4 was added and disappeared due to a faulty revert) * Wed Dec 18 2019 Daniel Muey - 2.4.41-3- ZC-4361: Update ea-openssl requirement to v1.1.1 (ZC-5583) * Thu Dec 12 2019 J. Nick Koston - 2.4.41-2- COBRA-10665: Optimizing finding directives when parsing the configuration * Wed Aug 14 2019 Cory McIntire - 2.4.41-1- EA-8612: Update ea-apache2 from v2.4.39 to v2.4.41 * Thu Aug 08 2019 Tim Mullin - 2.4.39-6- EA-8588: Added default RequestReadTimeout for mod_reqtimeout * Wed Jun 19 2019 Tim Mullin - 2.4.39-5- EA-8533: Set Apache to depend on ea-apr >= 1.7.0-1 * Thu May 30 2019 Tim Mullin - 2.4.39-4- EA-8508: Appended \"Mutex sysvsem\" to 000_mod_mpm_prefork.conf * Fri Apr 26 2019 Rishwanth Yeddula - 2.4.39-3- CPANEL-27056: Fix bug in condition that allowed for non-user files to be served in certain situations when SymlinkProtection was enabled. * Wed Apr 03 2019 Rishwanth Yeddula - 2.4.39-2- CPANEL-22257: Ensure that Paths configured as Aliases are exempt from symlink protection checks * Tue Apr 02 2019 Cory McIntire - 2.4.39-1- EA-8307: Update to 2.4.39, drop 2.4.38 CVE-2019-0211: Apache HTTP Server privilege escalation from modules\' scripts CVE-2019-0196: mod_http2, read-after-free on a string compare CVE-2019-0197: mod_http2, possible crash on late upgrade CVE-2019-0215: mod_ssl access control bypass CVE-2019-0217: mod_auth_digest access control bypass CVE-2019-0220: URL normalization inconsistincies * Thu Mar 07 2019 Cory McIntire - 2.4.38-3- EA-8279: Take out noreplace from old EA3 init script so it will be removed now that EA3 is EOL * Tue Feb 26 2019 Tim Mullin - 2.4.38-2- EA-7318: Increase service timeout to handle a large httpd.conf * Thu Jan 24 2019 Cory McIntire - 2.4.38-1- EA-8165: Apache Update: Drop 2.4.37, update to 2.4.38 * Tue Jan 15 2019 Cory McIntire - 2.4.37-2- EA-7518: Add systemd directives to ensure network is up before starting * Tue Oct 23 2018 Cory McIntire - 2.4.37-1- EA-7941: Update to v2.4.37, drop v2.4.35 * Fri Sep 28 2018 Cory McIntire - 2.4.35-1- EA-7871: Update to v2.4.35, drop v2.4.34 Remove Patch500: 0017-Apply-mod_ratelimit-fix-from-trunk.patch as it was implemented upstream. * Fri Aug 24 2018 Rishwanth Yeddula - 2.4.34-3- EA-7802: Restore mod_ratelimit back to the 2.3.34 version. Applyupstream fixes for it from trunk. * Thu Jul 19 2018 Rishwanth Yeddula - 2.4.34-2- EA-7715: Revert mod_ratelimit back to the 2.3.33 version. This is to ensure that it emits proper chunks, as there are several issues with the 2.3.34 version. * Thu Jul 12 2018 Cory McIntire - 2.4.34-1- EA-7683 Update httpd-2.4.33 to httpd-2.4.34 Redid patches to be a git format-patch set * Tue Jun 19 2018 Rishwanth Yeddula - 2.4.33-8- EA-5971: Ensure that htcacheclean service is functional on Centos 7 systems * Thu May 31 2018 Cory McIntire - 2.4.33-7- EA-7487: Add ExecReload to httpd.service file * Tue May 29 2018 Rishwanth Yeddula - 2.4.33-6- EA-7468: Ensure dependency resolution picks /usr/bin/perl instead of /bin/perl. This helps downstream users of our RPMs as their build environments can be simplified. * Mon Apr 16 2018 Rishwanth Yeddula - 2.4.33-5- EA-7382: Update dependency on ea-openssl to require the latest version with versioned symbols. * Wed Apr 04 2018 Rishwanth Yeddula - 2.4.33-4- EA-7376: Ensure that mod_http2 is properly linked against ea-openssl. * Tue Apr 03 2018 Rishwanth Yeddula - 2.4.33-3- EA-7367: Ensure that the tools are properly linked against ea-openssl. * Tue Apr 03 2018 Rishwanth Yeddula - 2.4.33-2- EA-7366: Ensure that apr-util is properly listed as a dependency. * Thu Mar 29 2018 Daniel Muey - 2.4.33-1- EA-7327: Update to v2.4.33, drop v2.4.29 * Tue Mar 27 2018 Rishwanth Yeddula - 2.4.29-12- EA-7339: Build against the latest apr/apr-util * Mon Mar 19 2018 Rishwanth Yeddula - 2.4.29-11- EA-7164: Build mod_brotli against the ea-brotli package. * Tue Mar 06 2018 Cory McIntire - 2.4.29-10- ZC-3401: ensure building against and using ea-openssl * Wed Feb 14 2018 Dan Muey - 2.4.29-9- EA-7238: use documented and ea3 parity safe suexec_log path * Mon Feb 05 2018 Dan Muey - 2.4.29-8- EA-7217: Make sure we use ea-nghttp2 * Wed Jan 24 2018 Rishwanth Yeddula - 2.4.29-7- EA-7159: Use \'elinks\' instead of \'links\' as a dependency to ensure that EA4 does not pull any packages from the EPEL repos. * Mon Jan 15 2018 Cory McIntire - 2.4.29-6- EA-7125: Remove previous piped logging patch * Mon Jan 15 2018 Rishwanth Yeddula - 2.4.29-5- EA-7127: Ensure the mod_proxy_html and mod_xml2enc modules build against ea-libxml2. Additionally, updated the build process to avoid modifying the LDFLAGS - as it caused the libxml2 dependency to be carried to extensions compiled separately. * Fri Jan 12 2018 Cory McIntire - 2.4.29-4- EA-7060: Supress Long Lost Pids warning- patch provided by Gary Stanley * Wed Dec 27 2017 Cory McIntire - 2.4.29-3- EA-7044: Adjust Apache to use ea-libxml2 * Sun Dec 24 2017 Cory McIntire - 2.4.29-2- EA-6020: Restarting Apache while using splitlogs can result in \"Broken pipe\" errors- Applying patch provided by Gary Stanley (garyAATTcpanel.net) * Wed Oct 18 2017 Jacob Perkins - 2.4.29-1- Updated to version 2.4.29 via update_pkg.pl (ZC-2981)- Removed mod_unique_id patch as it was patched upstream. * Tue Oct 10 2017 Jacob Perkins - 2.4.28-1- Update Apache to 2.4.28 * Tue Sep 19 2017 Jacob Perkins - 2.4.27-8- Patch core for htaccess method registrations - CVE-2017-9798 * Mon Sep 11 2017 Dan Muey - 2.4.27-7- EA-6096: Add note to mod_unique_id summary about performance degradation * Mon Aug 28 2017 Dan Muey - 2.4.27-6- EA-6274 Allow users to override hard coded ulimit() by using /etc/sysconfig/httpd * Thu Aug 10 2017 Jacob Perkins - 2.4.27-5- Patched H2 for stalling when writing > 32k * Thu Aug 10 2017 Felipe Gasper - 2.4.27-4- Require mod_proxy_wstunnel for ea-apache24. * Wed Aug 02 2017 Cory McIntire - 2.4.27-3- Add conflicts between prefork and HTTP2 * Fri Jul 14 2017 Felipe Gasper - 2.4.27-2- Apply fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=61283 * Fri Jul 07 2017 Jacob Perkins - 2.4.27-1- Updated to version 2.4.27 via update_pkg.pl (EA-6522) * Tue Jun 27 2017 Jacob Perkins - 2.4.25-12- Replace __isa w/ifarch * Fri Jun 23 2017 Jacob Perkins - 2.4.25-11- Disable HTTP2 building on 32bit architectures * Fri Jun 09 2017 Jacob Perkins - 2.4.25-10- Add HTTP2 Support * Fri Mar 24 2017 Cory McIntire - 2.4.25-9- Add patch for segfaulting graceful restarts * Thu Mar 16 2017 Dan Muey - 2.4.25-8- ZC-2483: Add ExecStop to systemd config * Mon Mar 13 2017 Jacob Perkins - 2.4.25-7- Added requirement for links for apachectl-status * Wed Feb 22 2017 Jacob Perkins - 2.4.25-6- Add patch for higher seed chunks * Fri Feb 10 2017 Dan Muey - 2.4.25-5- EA-5514: update htcacheclean CACHE_ROOT to match reality * Wed Jan 11 2017 Dan Muey - 2.4.25-4 * EA-5845: Increase the maximum number of file descriptors for init.d systems * Wed Jan 04 2017 Dan Muey - 2.4.25-3 * EA-5836: mod_proxy_hcheck w/ prefork segfaults frequently * Tue Jan 03 2017 Dan Muey - 2.4.25-2EA-5836: Have httpd.service use /run instead of /var/run * Wed Dec 21 2016 Cory McIntire - 2.4.25-1- Updated to version 2.4.25, drop version 2.4.23 * Tue Dec 13 2016 Dan Muey - 2.4.23-9- EA-5557: turn off icon directives by default since the icons are broken under symlink protect- and are used by HTMLTable even when fancy indexinf is off * Tue Dec 06 2016 Dan Muey - 2.4.23-8- EA-5557: turn off fancy indexing by default since the icons are broken under symlink protect * Mon Dec 05 2016 S. Kurt Newman - 2.4.23-7- Update apachectl with ulimit calls modifying the open file descriptor limit so that Apache will start up (EA-5662) * Thu Dec 01 2016 Dan Muey - 2.4.23-6- EA-5712: Patch apachectl to set PORT based on cpanel configuration * Mon Oct 24 2016 Edwin Buck - 2.4.23-5- Add symlink protection root directive. * Mon Oct 24 2016 Edwin Buck - 2.4.23-4- Add symlink protection patch and configuration control. * Wed Jul 20 2016 Edwin Buck - 2.4.23-3- Fixed autoindex.conf suppression of /icons/ in subdomains. * Wed Jul 20 2016 S. Kurt Newman - 2.4.23-2- mod_lua can be installed, but is off by default (EA-4825)- fixed a few rpmlint warnings complaining about lack of attr macros * Tue Jul 19 2016 Edwin Buck - 2.4.23-1- EA-4872: Updated to verison 2.4.23- Added mod_proxy_hcheck (side effect of upstream 2.5 backport into 2.4.23) * Mon Jul 18 2016 Edwin Buck - 2.4.20-6- Apply recommendations in asf-httpoxy-repsponse.txt for CVE-2016-5387 * Thu Jun 30 2016 Edwin Buck - 2.4.20-5- ZC-1937: Move mod_info into a separate child RPM * Mon Jun 20 2016 Dan Muey - 2.4.20-4- EA-4383: Update Release value to OBS-proof versioning * Fri May 27 2016 Jacob Perkins - 2.4.20-3- Updated suexec minimum uid to match EA3 * Tue Apr 26 2016 David Nielson - 2.4.20-2- Remove cp-ssl.conf * Mon Apr 11 2016 Jacob Perkins - 2.4.20-1- Updated to version 2.4.20 via update_pkg.pl (EA-4446) * Mon Mar 21 2016 Matt Dees 2.4.18.5- Create direct dependencies on mod_cgi/mod_cgid for the various MPMs. * Thu Mar 10 2016 Matt Dees - 2.4.18.5- Add PIDFile to httpd.service * Thu Mar 03 2016 S. Kurt Newman - 2.4.18-4- Removed Apache Bug #58854 (ZC-1512) * Tue Mar 01 2016 David Nielson 2.4.18-3- Remove conflict on \'webserver\' and add conflict on \'httpd-mmn\' so Nginx can be installed from EPEL. * Thu Jan 14 2016 S. Kurt Newman - 2.4.18-2- Applied fix for Apache Bug #58854. This patch should be removed once it has made into upstream. * Thu Dec 17 2015 Jacob Perkins - 2.4.18-1- Updated to version 2.4.18 via update_pkg.pl * Wed Dec 16 2015 Dan Muey 2.4.16-9- Add ea-apache24-mod_bwlimited as a requirement * Tue Nov 03 2015 Jacob Perkins * Mon Nov 02 2015 Darren Mobley - 2.4.16-7- Added explicit conflicts for mod_cgi/mod_cgid and the mpms they conflict with. HB-1153 * Fri Oct 02 2015 Dan Muey 2.4.16-6- Stop installing userdir.conf since it is broken and the functionality is handled elsewhere * Thu Oct 01 2015 S. Kurt Newman - 2.4.16-5- Added /etc/apache2/bin directory for apache-specific utility scripts- Added additional macros to /etc/rpm/macros.apache2 so other rpms can make use of those paths * Mon Aug 31 2015 Julian Brown - 2.4.16-4- Added requirements for ea-cpanel-tools, scripting tools to work- with cPanel. * Fri Aug 28 2015 Jacob Perkins 2.4.16-3- Disabled IPv4 Mapping * Fri Aug 28 2015 Julian Brown - 2.4.16-2- Added requirements for ea-apache24-mod_proxy and mod_proxy_http- so we can support proxy subdomains * Wed Aug 26 2015 Jacob Perkins - 2.4.16-1- Updated to version 2.4.16 via update_pkg.pl * Mon Aug 24 2015 Trinity Quirk - 2.4.12-17- Patched apxs so that it correctly handles the conf.modules.d arrangement * Mon Aug 10 2015 Darren Mobley - 2.4.12-16- Added ea-apache24-config and ea-apache24-config-runtime as requirements for ea-apache24 * Wed Aug 05 2015 Trinity Quirk - 2.4.12-15- Missing requirements for mod_session * Mon Aug 03 2015 Dan Muey = 2.4.12-14- Add ea-apache24-tools as a require for ea-apache24 * Sat Aug 01 2015 Darren Mobley - 2.4.12-13- Add ea-documentroot as a require for ea-apache24 * Fri Jul 31 2015 Trinity Quirk - 2.4.12-12- Repair apxs craziness * Thu Jul 30 2015 Trinity Quirk - 2.4.12-11- Reference new locations of apr and apr-util packages * Wed Jul 01 2015 S. Kurt Newman - 2.4.12-10- Fixed mpm conflicts- Removed itk conflict since apache shouldn\'t be concerned with that.. only itk should be- Removed unused cloudlinux cagefs patch * Thu Jun 11 2015 Matt Dees - 2.4.12-9- Added tmpfiles.d entry for c7 * Sat Jun 06 2015 Darren Mobley - 2.4.12-8.el6.cpanel.1- Added includes handler for .shtml files in cperror.conf * Sat Jun 06 2015 Darren Mobley - 2.4.12-7.el6.cpanel.1- Added cperror.conf to handle error page configuration * Wed May 27 2015 Julian Brown - 2.4.12-6.el6.cpanel.1- Changed name of rpms generated to ea-apache24. * Tue Apr 28 2015 Darren Mobley - 2.4.12-5.el6.cpanel.1- Added httpd.service file and installation for CentOS 7 machines * Mon Mar 30 2015 Trinity Quirk - 2.4.12-4.el6.cpanel.1- Added mime.types back into ea-apache24 * Fri Mar 27 2015 S. Kurt Newman - 2.4.12-3.el6.cpanel.1- Removed logrotate.d configuration to let WHM take care of this. * Wed Mar 11 2015 Trinity Quirk - 2.4.12-2.el6.cpanel.1- Split many modules out into their own packages- Set dependencies between packages where needed * Fri Feb 27 2015 Trinity Quirk - 2.4.12-1.el6.cpanel.1- Upgrade to 2.4.12- Remove inappropriate or already-applied patches * Thu Feb 26 2015 Trinity Quirk - 2.4.6-21.el6.cpanel.1- Split the MPMs into their own packages- mod_heartbeat needs to be loaded after mod_status and mod_watchdog * Wed Feb 25 2015 Trinity Quirk - 2.4.6-20.el6.cpanel.1- Each module now has its own conf.modules.d file- conf.modules.d files are created programmatically- Simplified ssl, proxy_html, ldap, and session package file lists * Thu Jan 29 2015 Trinity Quirk - 2.4.6-17.el6.cpanel.1- Added cPanel-specific patches- Removed apache user creation, configured to run as nobody- Repaired incorrect run directories * Tue Dec 30 2014 Kurt Newman - 2.4.6-17.el6.centos.1- Converted from CentOS 7, to CentOS 6 * Tue Jun 17 2014 Jim Perrin - 2.4.6-17.el7.centos.1- Remove index.html, add centos-noindex.tar.gz- update welcome.conf with proper aliases- change symlink for poweredby.png * Thu Mar 20 2014 Jan Kaluza - 2.4.6-17- mod_dav: add security fix for CVE-2013-6438 (#1077907)- mod_log_config: add security fix for CVE-2014-0098 (#1077907) * Wed Mar 05 2014 Joe Orton - 2.4.6-16- mod_ssl: improve DH temp key handling (#1057687) * Wed Mar 05 2014 Joe Orton - 2.4.6-15- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276) * Fri Jan 24 2014 Daniel Mach - 2.4.6-14- Mass rebuild 2014-01-24 * Mon Jan 13 2014 Joe Orton - 2.4.6-13- mod_ssl: sanity-check use of \"SSLCompression\" (#1036666)- mod_proxy_http: fix brigade memory usage (#1040447) * Fri Jan 10 2014 Joe Orton - 2.4.6-12- rebuild * Thu Jan 09 2014 Joe Orton - 2.4.6-11- build with -O3 on ppc64 (#1051066) * Tue Jan 07 2014 Joe Orton - 2.4.6-10- mod_dav: fix locktoken handling (#1004046) * Fri Dec 27 2013 Daniel Mach - 2.4.6-9- Mass rebuild 2013-12-27 * Fri Dec 20 2013 Joe Orton - 2.4.6-8- use unambiguous httpd-mmn (#1029360) * Fri Nov 01 2013 Jan Kaluza - 2.4.6-7- mod_ssl: allow SSLEngine to override Listen-based default (#1023168) * Thu Oct 31 2013 Jan Kaluza - 2.4.6-6- systemd: Use {MAINPID} notation in service file (#969972) * Thu Oct 24 2013 Jan Kaluza - 2.4.6-5- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972) * Thu Oct 03 2013 Jan Kaluza - 2.4.6-4- expand macros in macros.httpd (#1011393) * Mon Aug 26 2013 Jan Kaluza - 2.4.6-3- fix \"LDAPReferrals off\" to really disable LDAP Referrals * Wed Jul 31 2013 Jan Kaluza - 2.4.6-2- revert fix for dumping vhosts twice * Mon Jul 22 2013 Joe Orton - 2.4.6-1- update to 2.4.6- mod_ssl: use revised NPN API (r1487772) * Thu Jul 11 2013 Jan Kaluza - 2.4.4-12- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)- apxs: mention -p option in manpage * Tue Jul 02 2013 Joe Orton - 2.4.4-11- add patch for aarch64 (Dennis Gilmore, #925558) * Mon Jul 01 2013 Joe Orton - 2.4.4-10- remove duplicate apxs man page from httpd-tools * Mon Jun 17 2013 Joe Orton - 2.4.4-9- remove zombie dbmmanage script * Fri May 31 2013 Jan Kaluza - 2.4.4-8- return 400 Bad Request on malformed Host header * Mon May 20 2013 Jan Kaluza - 2.4.4-6- htpasswd/htdbm: fix hash generation bug (#956344)- do not dump vhosts twice in httpd -S output (#928761)- mod_cache: fix potential crash caused by uninitialized variable (#954109) * Thu Apr 18 2013 Jan Kaluza - 2.4.4-5- execute systemctl reload as result of apachectl graceful- mod_ssl: ignore SNI hints unless required by config- mod_cache: forward-port CacheMaxExpire \"hard\" option- mod_ssl: fall back on another module\'s proxy hook if mod_ssl proxy is not configured. * Tue Apr 16 2013 Jan Kaluza - 2.4.4-4- fix service file to not send SIGTERM after ExecStop (#906321, #912288) * Tue Mar 26 2013 Jan Kaluza - 2.4.4-3- protect MIMEMagicFile with IfModule (#893949) * Tue Feb 26 2013 Joe Orton - 2.4.4-2- really package mod_auth_form in mod_session (#915438) * Tue Feb 26 2013 Joe Orton - 2.4.4-1- update to 2.4.4- fix duplicate ownership of mod_session config (#914901) * Fri Feb 22 2013 Joe Orton - 2.4.3-17- add mod_session subpackage, move mod_auth_form there (#894500) * Thu Feb 14 2013 Fedora Release Engineering - 2.4.3-16- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Tue Jan 08 2013 Joe Orton - 2.4.3-15- add systemd service for htcacheclean * Tue Nov 13 2012 Joe Orton - 2.4.3-14- drop patch for r1344712 * Tue Nov 13 2012 Joe Orton - 2.4.3-13- filter mod_ *.so auto-provides (thanks to rcollet)- pull in syslog logging fix from upstream (r1344712) * Fri Oct 26 2012 Joe Orton - 2.4.3-12- rebuild to pick up new apr-util-ldap * Tue Oct 23 2012 Joe Orton - 2.4.3-11- rebuild * Wed Oct 03 2012 Joe Orton - 2.4.3-10- pull upstream patch r1392850 in addition to r1387633 * Mon Oct 01 2012 Joe Orton - 2.4.3-9.1- restore \"ServerTokens Full-Release\" support (#811714) * Mon Oct 01 2012 Joe Orton - 2.4.3-9- define PLATFORM in os.h using vendor string * Mon Oct 01 2012 Joe Orton - 2.4.3-8- use systemd script unconditionally (#850149) * Mon Oct 01 2012 Joe Orton - 2.4.3-7- use systemd scriptlets if available (#850149)- don\'t run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists * Mon Oct 01 2012 Jan Kaluza - 2.4.3-6- use systemctl from apachectl (#842736) * Wed Sep 19 2012 Joe Orton - 2.4.3-5- fix some error log spam with graceful-stop (r1387633)- minor mod_systemd tweaks * Thu Sep 13 2012 Joe Orton - 2.4.3-4- use IncludeOptional for conf.d/ *.conf inclusion * Fri Sep 07 2012 Jan Kaluza - 2.4.3-3- adding mod_systemd to integrate with systemd better * Tue Aug 21 2012 Joe Orton - 2.4.3-2- mod_ssl: add check for proxy keypair match (upstream r1374214) * Tue Aug 21 2012 Joe Orton - 2.4.3-1- update to 2.4.3 (#849883)- own the docroot (#848121) * Mon Aug 06 2012 Joe Orton - 2.4.2-23- add mod_proxy fixes from upstream (r1366693, r1365604) * Thu Jul 19 2012 Fedora Release Engineering - 2.4.2-22- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jul 06 2012 Joe Orton - 2.4.2-21- drop explicit version requirement on initscripts * Thu Jul 05 2012 Joe Orton - 2.4.2-20- mod_ext_filter: fix error_log warnings * Mon Jul 02 2012 Joe Orton - 2.4.2-19- support \"configtest\" and \"graceful\" as initscripts \"legacy actions\" * Fri Jun 08 2012 Joe Orton - 2.4.2-18- avoid use of \"core\" GIF for a \"core\" directory (#168776)- drop use of \"syslog.target\" in systemd unit file * Thu Jun 07 2012 Joe Orton - 2.4.2-17- use _unitdir for systemd unit file- use /run in unit file, ssl.conf * Thu Jun 07 2012 Joe Orton - 2.4.2-16- mod_ssl: fix NPN patch merge * Wed Jun 06 2012 Joe Orton - 2.4.2-15- move tmpfiles.d fragment into /usr/lib per new guidelines- package /run/httpd not /var/run/httpd- set runtimedir to /run/httpd likewise * Wed Jun 06 2012 Joe Orton - 2.4.2-14- fix htdbm/htpasswd crash on crypt() failure (#818684) * Wed Jun 06 2012 Joe Orton - 2.4.2-13- pull fix for NPN patch from upstream (r1345599) * Thu May 31 2012 Joe Orton - 2.4.2-12- update suexec patch to use LOG_AUTHPRIV facility * Thu May 24 2012 Joe Orton - 2.4.2-11- really fix autoindex.conf (thanks to remiAATT) * Thu May 24 2012 Joe Orton - 2.4.2-10- fix autoindex.conf to allow symlink to poweredby.png * Wed May 23 2012 Joe Orton - 2.4.2-9- suexec: use upstream version of patch for capability bit support * Wed May 23 2012 Joe Orton - 2.4.2-8- suexec: use syslog rather than suexec.log, drop dac_override capability * Tue May 01 2012 Joe Orton - 2.4.2-7- mod_ssl: add TLS NPN support (r1332643, #809599) * Tue May 01 2012 Joe Orton - 2.4.2-6- add BR on APR >= 1.4.0 * Fri Apr 27 2012 Joe Orton - 2.4.2-5- use systemctl from logrotate (#221073) * Fri Apr 27 2012 Joe Orton - 2.4.2-4- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+) * Fri Apr 27 2012 Joe Orton - 2.4.2-3.2- rebuild * Fri Apr 20 2012 Joe Orton - 2.4.2-3- really fix restart * Fri Apr 20 2012 Joe Orton - 2.4.2-2- tweak default ssl.conf- fix restart handling (#814645)- use graceful restart by default * Wed Apr 18 2012 Jan Kaluza - 2.4.2-1- update to 2.4.2 * Fri Mar 23 2012 Joe Orton - 2.4.1-6- fix macros * Fri Mar 23 2012 Joe Orton - 2.4.1-5- add _httpd_moddir to macros * Tue Mar 13 2012 Joe Orton - 2.4.1-4- fix symlink for poweredby.png- fix manual.conf * Tue Mar 13 2012 Joe Orton - 2.4.1-3- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage * Tue Mar 13 2012 Joe Orton - 2.4.1-2- clean docroot better- ship proxy, ssl directories within /var/cache/httpd- default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf- ship additional example configs in docdir * Tue Mar 06 2012 Joe Orton - 2.4.1-1- update to 2.4.1- adopt upstream default httpd.conf (almost verbatim)- split all LoadModules to conf.modules.d/ *.conf- include conf.d/ *.conf at end of httpd.conf- trim %changelog * Mon Feb 13 2012 Joe Orton - 2.2.22-2- fix build against PCRE 8.30 * Mon Feb 13 2012 Joe Orton - 2.2.22-1- update to 2.2.22 * Fri Feb 10 2012 Petr Pisar - 2.2.21-8- Rebuild against PCRE 8.30 * Mon Jan 23 2012 Jan Kaluza - 2.2.21-7- fix #783629 - start httpd after named * Mon Jan 16 2012 Joe Orton - 2.2.21-6- complete conversion to systemd, drop init script (#770311)- fix comments in /etc/sysconfig/httpd (#771024)- enable PrivateTmp in service file (#781440)- set LANG=C in /etc/sysconfig/httpd * Fri Jan 13 2012 Fedora Release Engineering - 2.2.21-5- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 06 2011 Jan Kaluza - 2.2.21-4- fix #751591 - start httpd after remote-fs * Mon Oct 24 2011 Jan Kaluza - 2.2.21-3- allow change state of BalancerMember in mod_proxy_balancer web interface * Thu Sep 22 2011 Ville Skyttä - 2.2.21-2- Make mmn available as %{_httpd_mmn}.- Add .svgz to AddEncoding x-gzip example in httpd.conf. * Tue Sep 13 2011 Joe Orton - 2.2.21-1- update to 2.2.21 * Mon Sep 05 2011 Joe Orton - 2.2.20-1- update to 2.2.20- fix MPM stub man page generation * Wed Aug 10 2011 Jan Kaluza - 2.2.19-5- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd | |