SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for httpd-2.2.15-69.el6.centos.x86_64.rpm :

* Tue Jun 19 2018 Johnny Hughes - 2.2.15-69- Roll in centOS Branding
* Mon Feb 19 2018 Luboš Uhliarik - 2.2.15-69- Resolves: #1471383 - httpd.worker abort()s with misc/apr_reslist.c:159: reslist_cleanup: Assertion `rl->ntotal == 0\' failed
* Wed Jan 17 2018 Luboš Uhliarik - 2.2.15-68- Resolves: #1450298 - when ProxyErrorOverride is On, modcluster return 503 status code on subsequent requests (2)
* Tue Sep 19 2017 Luboš Uhliarik - 2.2.15-67- Resolves: #1493060 - CVE-2017-9798 httpd: various flaws
* Wed Jul 26 2017 Luboš Uhliarik - 2.2.15-66- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest
* Fri Jul 07 2017 Luboš Uhliarik - 2.2.15-65- Related: #1412974 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects
* Thu Jun 29 2017 Luboš Uhliarik - 2.2.15-64- Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
* Tue Jun 20 2017 Luboš Uhliarik - 2.2.15-63- Related: #1456324 - segfault in ap_proxy_set_scoreboard_lb
* Fri Jun 16 2017 Luboš Uhliarik - 2.2.15-62- Resolves: #1456324 - segfault in ap_proxy_set_scoreboard_lb
* Tue Jun 13 2017 Luboš Uhliarik - 2.2.15-61- Resolves: #1412974 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects
* Fri Dec 09 2016 Luboš Uhliarik - 2.2.15-59- Resolves: #1401694 - rotatelogs: creation of zombie processes when -p is used
* Mon Nov 07 2016 Luboš Uhliarik - 2.2.15-58- Resolves: #1349546 - comments no longer allowed at the end of Allow from statements and maybe other statements from mod_authz
*
* Mon Nov 07 2016 Luboš Uhliarik - 2.2.15-57- Resolves: #1356938 - mod_ssl install fails with a long hostname
* Thu Nov 03 2016 Luboš Uhliarik - 2.2.15-56- Resolves: #1310582 - when ProxyErrorOverride is On, modcluster return 503 status code on subsequent requests
* Thu Sep 08 2016 Luboš Uhliarik - 2.2.15-55- Resolves: #1372315 - ProxyRemote with HTTPS backend sends requests with absoluteURI instead of abs_path
* Tue Jul 12 2016 Joe Orton - 2.2.15-54- add security fix for CVE-2016-5387
* Thu Feb 04 2016 Jan Kaluza - 2.2.15-53- core: fix possible long graceful restart caused by race condition between httpd children processes (#1301758)
* Thu Jan 21 2016 Jan Kaluza - 2.2.15-52- core: fix crash when handling interim response from backend (#1298866)
* Thu Jan 14 2016 Joe Orton - 2.2.15-51- fix mod_rewrite external mapping program spawning (#1035230)
* Wed Dec 16 2015 Jan Kaluza - 2.2.15-50- mod_ssl: fix hardware crypto support with custom DH parms (#1291658)
* Tue Dec 15 2015 Jan Kaluza - 2.2.15-49- core: do not break API in AllowEncodedSlashes fix (#1002658)
* Mon Nov 02 2015 Jan Kaluza - 2.2.15-48- core: backport NoDecode option of AllowEncodedSlashes (#1002658)- mod_authz_host: disallow the \'#\' character in allow, deny (#1179911)- mod_ssl: fix memory leak on httpd reloads (#1236515)- mod_proxy: fix regression caused inherited workers to use a different scoreboard slot then the original one (#1252574)- mod_rewrite: allow running external mapping program as non-root (#1035230)- mod_reqtimeout: fix a timed out connection going into the keep-alive state after a timeout when discarding a request body (#1213967)- core: fix possible crash in SIGINT handling (#1233109)- mod_ssl: extend SSLSessionCacheTimeout to sessions resumed by TLS (#1190509)- initscript: do not print error when stopping stopped httpd (#1189941)- mod_ssl: fail for colons in credentials with FakeBasicAuth (#1027442)- mod_proxy: add \"proxy-flushall\" env variable which reduces the impact of caching 16K of the request body. (#952395)- mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1289096)
* Tue Aug 18 2015 Jan Kaluza - 2.2.15-47- fix regressions caused by fix for CVE-2015-3183
* Mon Aug 10 2015 Jan Kaluza - 2.2.15-46- core: fix chunk header parsing defect (CVE-2015-3183)
* Tue Mar 03 2015 Jan Kaluza - 2.2.15-45- mod_proxy_balancer: add support for \"drain mode\" (N) (#767130)
* Fri Jan 23 2015 Jan Kaluza - 2.2.15-44- set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES (#1086771)
* Fri Jan 23 2015 Jan Kaluza - 2.2.15-43- revert DirectoryMatch patch from 2.2.15-40 (#1016963)
* Fri Dec 19 2014 Jan Kaluza - 2.2.15-42- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
* Wed Dec 17 2014 Jan Kaluza - 2.2.15-41- fix compilation with older OpenSSL caused by misspelling in patch (#1162268)
* Tue Dec 02 2014 Jan Kaluza - 2.2.15-40- mod_proxy: do not mix workers shared memory during graceful restart (#1149906)- mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1149703)- mod_ssl: log revoked certificates at the INFO level (#1161328)- mod_ssl: use -extensions v3_req for certificate generation (#906476)- core: check the config file before restarting the server (#1146194)- core: do not match files when using DirectoryMatch (#1016963)- core: improve error message for inaccessible DocumentRoot (#987590)- rotatelogs: improve support for localtime (#922844)- mod_deflate: fix decompression of files larger than 4GB (#1057695)- ab: fix integer overflow when printing stats with lot of requests (#1092419)- ab: try all addresses instead of failing on first one when not available (#1125269)- ab: fix read failure when targeting SSL server (#1045477)- apachectl: support HTTPD_LANG variable from /etc/sysconfig/httpd (#963146)- do not display \"bomb\" icon for files ending with \"core\" (#1069625)
* Tue Aug 05 2014 Jan Kaluza - 2.2.15-39- mod_proxy: close client connection if the backend closes connection (#1111410)
* Thu Jul 17 2014 Jan Kaluza - 2.2.15-38- mod_cgid: add security fix for CVE-2014-0231- mod_deflate: add security fix for CVE-2014-0118- mod_status: add security fix for CVE-2014-0226
* Fri Jun 27 2014 Joe Orton - 2.2.15-37- mod_ssl: fix SSLCipherSuite (#1035818)
* Mon Jun 23 2014 Jan Kaluza - 2.2.15-36- mod_ssl: Add a wildcard common name match (#1035666)- mod_cache: avoid thundering herd (#1094990)- mod_cgi: return error code 408 on timeout (#979129)
* Mon Jun 23 2014 Jan Kaluza - 2.2.15-35- mod_proxy_http: cleanup bucket brigade even on error (#991556)- add missing Reason-Phrase in HTTP response headers (#1032733)- mod_ldap: fix crash in uldap_cache_getattrvals (#1048757)
* Fri Jun 20 2014 Joe Orton - 2.2.15-34- mod_ssl: prevent use of AECDH (#1035818)
* Fri Jun 20 2014 Joe Orton - 2.2.15-33- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1103115)
* Thu Jun 19 2014 Joe Orton - 2.2.15-32- mod_ssl: adjust DH temp key selection, prefer larger and up to 8192-bit. (#1071883)
* Tue Jun 10 2014 Jan Kaluza - 2.2.15-31- mod_proxy: fix bybusyness algorithm to balance the load after failed worker has recovered (#972949)- mod_proxy: ignore EINTR when polling in proxy_connect (#976644)- mod_proxy_http: log \"reading response\" error to proper log file (#1012766)- mod_ssl: add ECDH support (#1035818)- mod_ssl: improve DH temp key handling (#1071883)- mod_ssl: enable support at run-time for TLSv1.x with newer OpenSSL (#1034984)- mod_ssl: fix crash when loaded for first time during the reload (#876626)- mod_ssl: make lazy CRL caching configurable (#1037832)- apachectl status: return exit code 3 when httpd is not running (#1077336)
* Thu Mar 20 2014 Jan Kaluza - 2.2.15-30- mod_dav: add security fix for CVE-2013-6438 (#1078175)- mod_log_config: add security fix for CVE-2014-0098 (#1078175)
* Fri Aug 02 2013 Jan Kaluza - 2.2.15-29- mod_dav: add security fix for CVE-2013-1896 (#991369)
* Mon Apr 29 2013 Joe Orton - 2.2.15-28- mod_rewrite: add security fix for CVE-2013-1862 (#953729)
* Thu Mar 07 2013 - 2.2.15-27- add security fixes for CVE-2012-3499, CVE-2012-4558 (#915883, #915884)
* Wed Dec 05 2012 Jan Kaluza - 2.2.15-26- htcacheclean: exit with code 4 also for \"restart\" action (#805810)
* Mon Dec 03 2012 Jan Kaluza - 2.2.15-25- htcacheclean: exit with code 4 if nonprivileged user runs initscript (#805810)- rotatelogs: omit the second arg when invoking a post-rotate program (#876923)
* Thu Nov 08 2012 Joe Orton - 2.2.15-24- mod_ssl: improved patch for mod_nss fallback (w/mharmsen, #805720)
* Wed Nov 07 2012 Jan Kaluza - 2.2.15-23- mod_log_config: fix cookie parsing substring mismatch (#867268)
* Mon Oct 22 2012 Jan Kaluza - 2.2.15-22- mod_cache: fix header merging for 304 case, thanks to Roy Badami (#868283)- mod_cache: fix handling of 304 responses (#868253)
* Thu Oct 18 2012 Jan Kaluza - 2.2.15-21- mod_proxy_ajp: ignore flushing if headers have not been sent (#853160)- mod_proxy_ajp: do not mark worker in error state when one request timeouts (#864317)- mod_ssl: do not run post script if all files are already created (#752618)
* Mon Oct 15 2012 Joe Orton - 2.2.15-20- add htcacheclean init script (Jan Kaluza, #805810)
* Mon Sep 17 2012 Joe Orton - 2.2.15-19- mod_ssl: fall back on another module\'s proxy hook if mod_ssl proxy is not configured. (#805720)
* Wed Sep 05 2012 Joe Orton - 2.2.15-18- add security fix for CVE-2012-2687 (#850794)
* Mon Sep 03 2012 Jan Kaluza - 2.2.15-17- mod_proxy: allow change BalancerMember state in web interface (#748400)- mod_proxy: Tone down \"worker [URL] used by another worker\" warning (#787247)- mod_proxy: add support for \"failonstatus\" option (#824571)- mod_proxy: avoid DNS lookup on hostname from request URI if ProxyRemote
* is configured (#837086)- rotatelogs: create files even if they are empty (#757739)- rotatelogs: option to rotate files into a custom location (#757735)- rotatelogs: add support for -L option (#838493)- fix handling of long chunk-line (#842376)- add server aliases to \"httpd -S\" output (#833092)- omit %posttrans daemon restart if /etc/sysconfig/httpd-disable-posttrans exists (#833064)- mod_ldap: treat LDAP_UNAVAILABLE as a transient error (#829689)- ab: fix double free when SSL request fails in verbose mode (#837613)- mod_cache: do not cache partial results (#822587)- mod_ldap: add LDAPReferrals directive alias (#796958)- mod_ssl: add _userID DN variable suffix for NID_userId (#842375)- mod_ssl: fix test for missing decrypted private keys, and ensure that the keypair matches (#848954)- mod_authnz_ldap: set AUTHORIZE_
* variables in LDAP authorization (#828896)- relax checks for status-line validity (#853348)
* Mon Feb 06 2012 Joe Orton - 2.2.15-16- add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787599)- obviates fix for CVE-2011-3638, patch removed
* Thu Oct 06 2011 Joe Orton - 2.2.15-15- mod_proxy_ftp: fix handling of EPSV w/IPv6 localhost (#737960)- core: add security fix for CVE-2011-3368 (#743659)- mod_proxy_ajp: add security fix for CVE-2011-3348 (#738961)- mod_cache: forward-port CacheMaxExpire \"hard\" option (#740242)
* Wed Sep 28 2011 Joe Orton - 2.2.15-14- update to byterange patch (#736592)
* Thu Sep 08 2011 Joe Orton - 2.2.15-13- add security fix for CVE-2011-3192 (#733063, #736592)
* Mon Aug 08 2011 Joe Orton - 2.2.15-12- mod_ssl: ignore SNI hints unless required by config (#714704)- mod_ssl: fix segfault with bad SSLCryptoDevice argument (#729585)
* Tue Jul 26 2011 Joe Orton - 2.2.15-11- rebase mod_reqtimeout to 2.2.17 (#676634)- mod_proxy_ajp: honour ProxyErrorOverride (#694939)- mod_ssl: add fix for handling incomplete lines w/revproxy (#700074)- mod_filter: fix matching against non-std response headers (#700075)- core: abort() on malloc() failure (#700393)- mod_ssl: fix startup crash w/client cert shared across vhosts (#720980)
* Tue Jun 07 2011 Joe Orton - 2.2.15-10- mod_filter: fix test against non-standard response headers (#700075)
* Fri Apr 08 2011 Joe Orton - 2.2.15-9- mod_ssl: complete fix for overlapping memcpy (#652335)
* Mon Mar 21 2011 Joe Orton - 2.2.15-8- mod_ssl: fix compat with FIPS-enabled OpenSSL (#684144)
* Thu Feb 24 2011 Joe Orton - 2.2.15-7- mod_ldap: fix caching with per-vhost directive use (#676635)- mod_ssl: fix startup with duplicate SSL vhost configurations (#676831)- prefork: ensure early child exit during graceful restart (#679476)
* Mon Jan 31 2011 Joe Orton - 2.2.15-6- ab: fail gracefully for OOM allocating stats structures (#645846)- init script: use $STOP_DELAY as delay before SIGKILL of parent (#657480)- stop multiple invocations of filter init functions (#631849)- mod_ssl: avoid overlapping memcpy (#652335)- mark httpd.conf as noreplace
* Fri Aug 13 2010 Joe Orton - 2.2.15-5- add security fix for CVE-2010-1452 (#618193)
* Wed Jun 23 2010 Joe Orton - 2.2.15-4- use init script to rotate logs (#606955)- disable keepalive for 100-continue and error response (#606964)
* Tue May 25 2010 Joe Orton - 2.2.15-3- add \"Satisfy All\" for .htaccess in httpd.conf (#594981)- adjust user/group creation in %pre (#594395)- mod_ssl: tweak OID() evaluation of unknown exts (#594980)
* Thu May 06 2010 Joe Orton - 2.2.15-2- init script fixes for LSB compliance (#546252)
* exit code 2 for an unknown script argument
* exit code 6 for a reload if config-test fails
* exit code 7 for a reload on a stopped service
* fixed help output to cover all options- mod_dav: handle PUT failure more cleanly (#572911)
* Thu Mar 11 2010 Joe Orton - 2.2.15-1- update to 2.2.15 (#570465, #570442)- fix version string (#572140)- mod_ssl: use ASN1_STRING_print() in SSLRequire\'s OID() (#552942)- prevent use of rsync during \"make install\" (#557049)- load mod_version by default in httpd.conf
* Tue Feb 09 2010 Joe Orton - 2.2.14-5- mod_ssl: fix CVE-2009-3555 backport (#563119)- mod_authnz_ldap: fix for dynamic group support- mod_ssl: add SSLInsecureRenegotiation directive (#561435)
* Thu Jan 14 2010 Joe Orton - 2.2.14-4- mod_ssl: add further mitigation for CVE-2009-3555- drop proxy_ajp.conf- update httpd.conf: decrease Timeout to 1m, update LoadModule directives, bump worker to 4 proc/300clients- fix hard-coded default pidfile to match default config (#547629)- drop legacy X-Pad header from short responses (#526110)- disable keepalive for Expect: 100-continue and error response (#533407)- mod_ext_filter: fix spurious error log output (#479463)- mod_rewrite: don\'t serialize logfile access (#493023)- fix spurious error messages on graceful restart (#233955)- mod_ssl: fix potential hang in renegotiation (#510515)- mod_proxy_connect: support use SSL client connection (#523594)
* Wed Dec 09 2009 Joe Orton - 2.2.14-3- add \'ServerTokens Full-Release\' config option (#477006)
* Tue Dec 08 2009 Joe Orton - 2.2.14-2- drop distcache support
* Thu Dec 03 2009 Joe Orton - 2.2.14-1- update to 2.2.14- relax permissions on /var/run/httpd (#495780)- Requires(pre): httpd in mod_ssl subpackage (#543275)- add partial security fix for CVE-2009-3555 (#533125)
* Tue Sep 08 2009 Joe Orton 2.2.13-2- restart service in posttrans (#491567)
* Fri Aug 21 2009 Tomas Mraz - 2.2.13-2- rebuilt with new openssl
* Tue Aug 18 2009 Joe Orton 2.2.13-1- update to 2.2.13
* Fri Jul 24 2009 Fedora Release Engineering - 2.2.11-10- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jun 16 2009 Joe Orton 2.2.11-9- build -manual as noarch
* Tue Mar 17 2009 Joe Orton 2.2.11-8- fix pidfile in httpd.logrotate (thanks to Rainer Traut)- don\'t build mod_mem_cache or mod_file_cache
* Tue Feb 24 2009 Fedora Release Engineering - 2.2.11-7- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Thu Jan 22 2009 Joe Orton 2.2.11-6- Require: apr-util-ldap (#471898)- init script changes: pass pidfile to status(), use status() in condrestart (#480602), support try-restart as alias for condrestart- change /etc/httpd/run symlink to have destination /var/run/httpd, and restore \"run/httpd.conf\" as default PidFile (#478688)
* Fri Jan 16 2009 Tomas Mraz 2.2.11-5- rebuild with new openssl
* Sat Dec 27 2008 Robert Scheck 2.2.11-4- Made default configuration using /var/run/httpd for pid file
* Thu Dec 18 2008 Joe Orton 2.2.11-3- update to 2.2.11- package new /var/run/httpd directory, and move default pidfile location inside there
* Tue Oct 21 2008 Joe Orton 2.2.10-2- update to 2.2.10
* Tue Jul 15 2008 Joe Orton 2.2.9-5- move AddTypes for SSL cert/CRL types from ssl.conf to httpd.conf (#449979)
* Mon Jul 14 2008 Joe Orton 2.2.9-4- use Charset=UTF-8 in default httpd.conf (#455123)- only enable suexec when appropriate (Jim Radford, #453697)
* Thu Jul 10 2008 Tom \"spot\" Callaway 2.2.9-3- rebuild against new db4 4.7
* Tue Jul 08 2008 Joe Orton 2.2.9-2- update to 2.2.9- build event MPM too
* Wed Jun 04 2008 Joe Orton 2.2.8-4- correct UserDir directive in default config (#449815)
* Tue Feb 19 2008 Fedora Release Engineering - 2.2.8-3- Autorebuild for GCC 4.3
* Tue Jan 22 2008 Joe Orton 2.2.8-2- update to 2.2.8- drop mod_imagemap
* Wed Dec 05 2007 Release Engineering - 2.2.6-4- Rebuild for openssl bump
* Mon Sep 17 2007 Joe Orton 2.2.6-3- add fix for SSL library string regression (PR 43334)- use powered-by logo from system-logos (#250676)- preserve timestamps for installed config files
* Fri Sep 07 2007 Joe Orton 2.2.6-2- update to 2.2.6 (#250757, #282761)
* Sun Sep 02 2007 Joe Orton 2.2.4-10- rebuild for fixed APR
* Wed Aug 22 2007 Joe Orton 2.2.4-9- rebuild for expat soname bump
* Tue Aug 21 2007 Joe Orton 2.2.4-8- fix License- require /etc/mime.types (#249223)
* Thu Jul 26 2007 Joe Orton 2.2.4-7- drop -tools dependency on httpd (thanks to Matthias Saou)
* Wed Jul 25 2007 Joe Orton 2.2.4-6- split out utilities into -tools subpackage, based on patch by Jason Tibbs (#238257)
* Tue Jul 24 2007 Joe Orton 2.2.4-5- spec file cleanups: provide httpd-suexec, mod_dav; don\'t obsolete mod_jk; drop trailing dots from Summaries- init script
* add LSB info header, support force-reload (#246944)
* update description
* drop 1.3 config check
* pass $pidfile to daemon and pidfile everywhere
* Wed May 09 2007 Joe Orton 2.2.4-4- update welcome page branding
* Tue Apr 03 2007 Joe Orton 2.2.4-3- drop old triggers, old Requires, xmlto BR- use Requires(...) correctly - use standard BuildRoot - don\'t mark init script as config file- trim CHANGES further
* Mon Mar 12 2007 Joe Orton 2.2.4-2- update to 2.2.4- drop the migration guide (#223605)
* Thu Dec 07 2006 Joe Orton 2.2.3-8- fix path to instdso.sh in special.mk (#217677)- fix detection of links in \"apachectl fullstatus\"
* Tue Dec 05 2006 Joe Orton 2.2.3-7- rebuild for libpq soname bump
* Sat Nov 11 2006 Joe Orton 2.2.3-6- rebuild for BDB soname bump
* Mon Sep 11 2006 Joe Orton 2.2.3-5- updated \"powered by Fedora\" logo (#205573, Diana Fong)- tweak welcome page wording slightly (#205880)
* Fri Aug 18 2006 Jesse Keating - 2.2.3-4- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc
* (#203001)
* Thu Aug 03 2006 Joe Orton 2.2.3-3- init: use killproc() delay to avoid race killing parent
* Fri Jul 28 2006 Joe Orton 2.2.3-2- update to 2.2.3- trim %changelog to >=2.0.52
* Thu Jul 20 2006 Joe Orton 2.2.2-8- fix segfault on dummy connection failure at graceful restart (#199429)
* Wed Jul 19 2006 Joe Orton 2.2.2-7- fix \"apxs -g\"-generated Makefile- fix buildconf with autoconf 2.60
* Wed Jul 12 2006 Jesse Keating - 2.2.2-5.1- rebuild
* Wed Jun 07 2006 Joe Orton 2.2.2-5- require pkgconfig for -devel (#194152)- fixes for installed support makefiles (special.mk et al)- BR autoconf
* Fri Jun 02 2006 Joe Orton 2.2.2-4- make -devel package multilib-safe (#192686)
* Thu May 11 2006 Joe Orton 2.2.2-3- build DSOs using -z relro linker flag
* Wed May 03 2006 Joe Orton 2.2.2-2- update to 2.2.2
* Thu Apr 06 2006 Joe Orton 2.2.0-6- rebuild to pick up apr-util LDAP interface fix (#188073)
* Fri Feb 10 2006 Jesse Keating - (none):2.2.0-5.1.2- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating - (none):2.2.0-5.1.1- rebuilt for new gcc4.1 snapshot and glibc changes
* Mon Feb 06 2006 Joe Orton 2.2.0-5.1- mod_auth_basic/mod_authn_file: if no provider is configured, and AuthUserFile is not configured, decline to handle authn silently rather than failing noisily.
* Fri Feb 03 2006 Joe Orton 2.2.0-5- mod_ssl: add security fix for CVE-2005-3357 (#177914)- mod_imagemap: add security fix for CVE-2005-3352 (#177913)- add fix for AP_INIT_
* designated initializers with C++ compilers- httpd.conf: enable HTMLTable in default IndexOptions- httpd.conf: add more \"redirect-carefully\" matches for DAV clients
* Thu Jan 05 2006 Joe Orton 2.2.0-4- mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)
* Fri Dec 09 2005 Jesse Keating - rebuilt
* Wed Dec 07 2005 Joe Orton 2.2.0-3- strip manual to just English content
* Mon Dec 05 2005 Joe Orton 2.2.0-2- don\'t strip C-L from HEAD responses (Greg Ames, #110552)- load mod_proxy_balancer by default- add proxy_ajp.conf to load/configure mod_proxy_ajp- Obsolete mod_jk- update docs URLs in httpd.conf/ssl.conf
* Fri Dec 02 2005 Joe Orton 2.2.0-1- update to 2.2.0
* Wed Nov 30 2005 Joe Orton 2.1.10-2- enable mod_authn_alias, mod_authn_anon- update default httpd.conf
* Fri Nov 25 2005 Joe Orton 2.1.10-1- update to 2.1.10- require apr >= 1.2.0, apr-util >= 1.2.0
* Wed Nov 09 2005 Tomas Mraz 2.0.54-16- rebuilt against new openssl
* Thu Nov 03 2005 Joe Orton 2.0.54-15- log notice giving SELinux context at startup if enabled- drop SSLv2 and restrict default cipher suite in default SSL configuration
* Thu Oct 20 2005 Joe Orton 2.0.54-14- mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)- add security fix for byterange filter DoS (CVE-2005-2728)- add security fix for C-L vs T-E handling (CVE-2005-2088)- mod_ssl: add security fix for CRL overflow (CVE-2005-1268)- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)- add fix for dummy connection handling (#167425)- mod_auth_digest: fix hostinfo comparison in CONNECT requests- mod_include: fix variable corruption in nested includes (upstream #12655)- mod_ssl: add fix for handling non-blocking reads- mod_ssl: fix to enable output buffering (upstream #35279)- mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)
* Sat Aug 13 2005 Joe Orton 2.0.54-13- don\'t load by default: mod_cern_meta, mod_asis- do load by default: mod_ext_filter (#165893)
* Thu Jul 28 2005 Joe Orton 2.0.54-12- drop broken epoch deps
* Thu Jun 30 2005 Joe Orton 2.0.54-11- mod_dav_fs: fix uninitialized variable (#162144)- add epoch to dependencies as appropriate- mod_ssl: drop dependencies on dev, make- mod_ssl: mark post script dependencies as such
* Mon May 23 2005 Joe Orton 2.0.54-10- remove broken symlink (Robert Scheck, #158404)
* Wed May 18 2005 Joe Orton 2.0.54-9- add piped logger fixes (w/Jeff Trawick)
* Mon May 09 2005 Joe Orton 2.0.54-8- drop old \"powered by Red Hat\" logos
* Wed May 04 2005 Joe Orton 2.0.54-7- mod_userdir: fix memory allocation issue (upstream #34588)- mod_ldap: fix memory corruption issue (Brad Nicholes, upstream #34618)
* Tue Apr 26 2005 Joe Orton 2.0.54-6- fix key/cert locations in post script
* Mon Apr 25 2005 Joe Orton 2.0.54-5- create default dummy cert in /etc/pki/tls- use a pseudo-random serial number on the dummy cert- change default ssl.conf to point at /etc/pki/tls- merge back -suexec subpackage; SELinux policy can now be used to persistently disable suexec (#155716)- drop /etc/httpd/conf/ssl.
* directories and Makefiles- unconditionally enable PIE support- mod_ssl: fix for picking up -shutdown options (upstream #34452)
* Mon Apr 18 2005 Joe Orton 2.0.54-4- replace PreReq with Requires(pre)
* Mon Apr 18 2005 Joe Orton 2.0.54-3- update to 2.0.54
* Tue Mar 29 2005 Joe Orton 2.0.53-6- update default httpd.conf:
* clarify the comments on AddDefaultCharset usage (#135821)
* remove all the AddCharset default extensions
* don\'t load mod_imap by default
* synch with upstream 2.0.53 httpd-std.conf- mod_ssl: set user from SSLUserName in access hook (upstream #31418)- htdigest: fix permissions of created files (upstream #33765)- remove htsslpass
* Wed Mar 02 2005 Joe Orton 2.0.53-5- apachectl: restore use of $OPTIONS again
* Wed Feb 09 2005 Joe Orton 2.0.53-4- update to 2.0.53- move prefork/worker modules comparison to %check
* Mon Feb 07 2005 Joe Orton 2.0.52-7- fix cosmetic issues in \"service httpd reload\"- move User/Group higher in httpd.conf (#146793)- load mod_logio by default in httpd.conf- apachectl: update for correct libselinux tools locations
* Tue Nov 16 2004 Joe Orton 2.0.52-6- add security fix for CVE CAN-2004-0942 (memory consumption DoS)- SELinux: run httpd -t under runcon in configtest (Steven Smalley)- fix SSLSessionCache comment for distcache in ssl.conf- restart using SIGHUP not SIGUSR1 after logrotate- add ap_save_brigade fix (upstream #31247)- mod_ssl: fix possible segfault in auth hook (upstream #31848)- add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677)- apachectl: restore use of $OPTIONS- apachectl, httpd.init: refuse to restart if $HTTPD -t fails- apachectl: run $HTTPD -t in user SELinux context for configtest- update for pcre-5.0 header locations
* Sat Nov 13 2004 Jeff Johnson 2.0.52-5- rebuild against db-4.3.21 aware apr-util.
* Thu Nov 11 2004 Jeff Johnson 2.0.52-4- rebuild against db-4.3-21.
* Tue Sep 28 2004 Joe Orton 2.0.52-3- add dummy connection address fixes from HEAD- mod_ssl: add security fix for CAN-2004-0885
* Tue Sep 28 2004 Joe Orton 2.0.52-2- update to 2.0.52
  
ICM