2014-11-03 00:00:00 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Nov 2 22:37:08 UTC 2014 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.8:
|
|
|
|
* Added support for websockets. WebSocket option added.
|
|
|
|
* SSL key and certificate checks added to wigwam.
|
|
|
|
* Small bugfixes and improvements.
|
|
|
|
|
2014-09-10 18:39:29 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Sep 10 16:04:57 UTC 2014 - jengelh@inai.de
|
|
|
|
|
|
|
|
- Avoid generating libpolarssl.so.7, which led to "have choice
|
|
|
|
for libpolarssl.so.7: libpolarssl7 hiawatha" and make other
|
|
|
|
polarssl-using applications not run in practice because the
|
|
|
|
library is in a non-standard directory, yet discovered by rpm
|
|
|
|
as a provider.
|
|
|
|
|
2014-09-08 10:39:41 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Sep 7 23:29:36 UTC 2014 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.7:
|
|
|
|
* UseToolkit now possible in .hiawatha file at root of website.
|
2014-11-03 00:00:00 +01:00
|
|
|
* Method option added to URL Toolkit.
|
|
|
|
* SetResourceLimit option added.
|
|
|
|
* ThreadKillRate option added.
|
|
|
|
* Improved SQL injection detection.
|
|
|
|
* Default value for DHsize set to 2048.
|
|
|
|
* PolarSSL updated to version 1.3.8.
|
|
|
|
* Memory allocation debugger module added.
|
|
|
|
* Small bugfixes and improvements.
|
|
|
|
* Bugfix: incorrect file hash printing by wigwam with directory as symlink.
|
2014-09-08 10:39:41 +02:00
|
|
|
|
2014-06-08 23:47:34 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Jun 8 21:10:58 UTC 2014 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.6:
|
|
|
|
* Logfile rotation for access logfiles.
|
|
|
|
* HTTP Strict Transport Security header made optional for RequireSSL.
|
|
|
|
* Support for chunked transfer encoded requests (not for PUT).
|
|
|
|
* Support for improved server statistics in Hiawatha Monitor.
|
|
|
|
* The Hiawatha Monitor is now supported without the need for XSLT.
|
|
|
|
* PolarSSL updated to version 1.3.7.
|
|
|
|
* A few bugfixes as reported by Coverity.
|
|
|
|
* Bugfix: SQL injection detection was broken since 8.6.
|
|
|
|
* Bugfix: XSS detection didn't work for reverse proxy.
|
|
|
|
* Small bugfixes.
|
|
|
|
|
2014-05-18 16:43:41 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun May 18 14:34:03 UTC 2014 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.5:
|
|
|
|
* Added support for CGI statistics in Hiawatha Monitor.
|
|
|
|
* MonitorRequests and MonitorStatsInterval option removed.
|
|
|
|
* Added support for Origin HTTP header to prevent CSRF.
|
|
|
|
* EnforceFirstHostname option added.
|
|
|
|
* ScriptAlias option added.
|
|
|
|
* PolarSSL updated to version 1.3.6.
|
|
|
|
* Dropped support for PolarSSL 1.2.
|
|
|
|
|
2014-03-25 01:35:59 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 24 23:25:24 UTC 2014 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.4:
|
|
|
|
* Keep-Alive connections for reverse proxy made optional.
|
|
|
|
* ErrorXSLTfile option added.
|
|
|
|
* IgnoreDotHiawatha option added.
|
|
|
|
* RandomHeader option added.
|
|
|
|
* Dropped support for RC4.
|
|
|
|
* PolarSSL updated to version 1.3.4.
|
|
|
|
* Added support for Hyper Text Coffee Pot Control Protocol (RFC2324).
|
|
|
|
* Added SSL_CIPHER to CGI environment.
|
|
|
|
* Added Public/Private to UrlToolkit expire option.
|
|
|
|
* Small improvements.
|
|
|
|
|
2014-02-17 18:24:37 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 17 16:40:08 UTC 2014 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Add firewall rules for http and https.
|
|
|
|
|
2014-01-08 11:07:11 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Dec 12 22:04:38 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.3.1:
|
|
|
|
* Several bugfixes in reverse proxy.
|
|
|
|
|
2013-11-21 22:55:52 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Nov 21 21:16:09 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.3:
|
|
|
|
* PolarSSL updated to version 1.3.2.
|
|
|
|
* Added support for Elliptic Curve Cryptography.
|
|
|
|
* TunnelSSH option added.
|
|
|
|
* AnonymizeIP option added.
|
|
|
|
* Keep-alive connections for reverse proxy.
|
|
|
|
* Small improvements.
|
|
|
|
|
2013-08-15 15:33:54 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Aug 13 22:56:19 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Don't use cutom pid file in systemd service.
|
|
|
|
- Fix logrotate config.
|
|
|
|
- Spec cleanup.
|
|
|
|
|
2013-08-04 22:52:24 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Aug 1 19:39:47 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update source URL.
|
|
|
|
|
2013-06-24 11:06:03 +02:00
|
|
|
-------------------------------------------------------------------
|
2013-07-18 16:46:47 +02:00
|
|
|
Mon Jun 24 13:11:42 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Drop hiawatha.permissions file and related option. Use 0755 and
|
|
|
|
%verify(not mode) for %{_sbindir}cgi-wrapper.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2013-06-24 11:06:03 +02:00
|
|
|
Sun Jun 23 16:58:59 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.2:
|
|
|
|
* Added support for compiling Hiawatha against the system's
|
|
|
|
default version (>=1.2.0) of the PolarSSL library.
|
|
|
|
* PolarSSL updated to version 1.2.8.
|
|
|
|
* Small bugfixes (memory leaks in error situations).
|
|
|
|
* Bugfix: virtual hostname selection for IPv6 with non-standard
|
|
|
|
port.
|
|
|
|
|
2013-06-03 13:36:07 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Jun 2 13:22:55 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.1:
|
|
|
|
* FileHashes option added.
|
|
|
|
* PolarSSL updated to version 1.2.7. Enabled ciphersuite
|
|
|
|
selection based on protocol version.
|
|
|
|
* Enabled accf_http support for FreeBSD. Thanks to Martin
|
|
|
|
Tournoij.
|
|
|
|
* ImageReferer option removed.
|
|
|
|
* Bugfix: incorrect BanOnFlooding behavior.
|
|
|
|
* Small improvements.
|
|
|
|
|
2013-04-16 11:38:38 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Apr 4 17:44:17 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Update to 9.0:
|
|
|
|
* Clients handled via thread pool instead of creating threads on
|
|
|
|
the fly.
|
|
|
|
* ThreadPoolSize option added.
|
|
|
|
* Header option added to URL Toolkit.
|
|
|
|
* Improved client SSL certificate handling. Environment variables
|
|
|
|
renamed.
|
|
|
|
* PolarSSL updated to version 1.2.6.
|
|
|
|
* Improved Reverse Proxy caching support for requests with URL
|
|
|
|
parameters.
|
|
|
|
* CacheMinFilesize option removed.
|
|
|
|
* DenyBot option removed. Use UrlToolkit's Header option instead.
|
|
|
|
* OldBrowser option removed from URL Toolkit. Use Header option
|
|
|
|
instead.
|
|
|
|
* Improved UrlToolkit rule testing in wigwam.
|
|
|
|
* Small bugfixes and improvements.
|
|
|
|
|
2013-03-21 14:14:27 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 20 11:29:41 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- Run server as wwwrun user.
|
|
|
|
|
2013-03-19 18:42:20 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Mar 8 15:54:39 UTC 2013 - fisiu@opensuse.org
|
|
|
|
|
|
|
|
- update to 8.8.1 (changes since 7.7):
|
|
|
|
* Bugfix: Incorrect size of buffer for poll() can lead to a crash when using
|
|
|
|
Tomahawk.
|
|
|
|
* Caching for Reverse Proxy. CacheRProxyExtensions option added.
|
|
|
|
* Basic HTTP authentication now supports the glibc2 version of crypt().
|
|
|
|
* Hostname in ImageReferer can now contain a wildcard.
|
|
|
|
* DenyBody matching is now case insensitive.
|
|
|
|
* PolarSSL updated to version 1.2.5.
|
|
|
|
* Support for HTTP Strict Transport Security (RFC 6797). Integrated in
|
|
|
|
RequireSSL option.
|
|
|
|
* DHsize option added.
|
|
|
|
* PolarSSL updated to version 1.2.3.
|
|
|
|
* CloudFlare headers placed in environment variables.
|
|
|
|
* Removed php-fcgi.
|
|
|
|
* Bugfix: slow page loading via Reverse Proxy.
|
|
|
|
* PolarSSL updated to version 1.2. Added support for TLS 1.2 and secure
|
|
|
|
renegotiation.
|
|
|
|
* Added support for Server Name Indication.
|
|
|
|
* MinSSLversion option added.
|
|
|
|
* ServerRoot option removed.
|
|
|
|
* Improved MacOS X package building script.
|
|
|
|
* Marked php-fcgi as deprecated. Use php-fpm instead.
|
|
|
|
* Improved Reverse Proxy.
|
|
|
|
* Changed error message style.
|
|
|
|
* Renamed Command Channel to Tomahawk.
|
|
|
|
* Return 403 instead of 401 upon correct password for HTTP authentication but
|
|
|
|
user not in right group.
|
|
|
|
* Bugfix: replaced select() with poll() to prevent crashes in case of large
|
|
|
|
amount of simultaneous connections. Thanks to Peter Bex.
|
|
|
|
* MaxServerLoad option added.
|
|
|
|
* PolarSSL updated to version 1.1.4.
|
|
|
|
* Bugfix: invalid reverse proxy request when URL parameters are present.
|
|
|
|
* Bugfix: memory leak in SSL library.
|
|
|
|
* Improved security for reverse proxy (works with PreventSQLi, etc).
|
|
|
|
* ReverseProxy option added.
|
|
|
|
* PolarSSL updated to version 1.1.3.
|
|
|
|
* WebDAVapp option added. Enables support for WebDAV applications like
|
|
|
|
ownCloud (http://owncloud.org/).
|
|
|
|
* Removed support for the OPTIONS method.
|
|
|
|
* AllowDotFiles option added.
|
|
|
|
* Global forks setting in php-fcgi.conf moved to Server setting.
|
|
|
|
* BanOnInvalidURL option added.
|
|
|
|
* PolarSSL updated to version 1.1.1.
|
|
|
|
* Bugfix: paths missing in default values and examples in manual pages.
|
|
|
|
* Replaced Autoconf with CMake. Many thanks to Sander Niemeijer.
|
|
|
|
* Replaced OpenSSL with PolarSSL. Many thanks to Paul Bakker.
|
|
|
|
* AllowedCiphers and DHparameters options removed.
|
|
|
|
* Added IE7 to UrlToolkit's OldBrowser list, removed IE5.
|
|
|
|
* MaxUrlLength option added, can return 414 Request-URI Too Long.
|
|
|
|
* Changed default value of TriggerOnCGIstatus to 'no'.
|
|
|
|
* Equalized format of logfiles.
|
|
|
|
* Extra checks added to php-fcgi.
|
|
|
|
* Improved SQL injection detection.
|
|
|
|
* Bugfix: memory leak in PreventSQLi routine.
|
|
|
|
* Bugfix: potential server freeze with 100% CPU in CGI output caching.
|
|
|
|
* Bugfix: null byte in HTTP header of cached CGI content.
|
|
|
|
* Control CGI output cache via X-Hiawatha-Cache and X-Hiawatha-Cache-Remove
|
|
|
|
CGI headers. See the CGI OUTPUT CACHE section in the manual page.
|
|
|
|
* BanOnWrongPassword now also triggers on wrong username.
|
|
|
|
* Bugfix: timeout issue with large POST requests on SSL connections.
|
|
|
|
|
2011-10-10 13:26:44 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Oct 10 00:00:00 CET 2011 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.7>
|
|
|
|
|
|
|
|
* First parameter of Alias can now contain subdirectories.
|
|
|
|
* Improved stability for connections with SSL client authentication.
|
|
|
|
* Bugfix: BanOnFlooding was broken.
|
|
|
|
|
2011-09-06 18:45:37 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 06 00:00:00 CET 2011 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.6>
|
|
|
|
|
|
|
|
* PreventSQLi option rewritten.
|
|
|
|
|
2011-06-02 08:34:09 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 02 00:00:00 CET 2011 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.5>
|
|
|
|
|
|
|
|
* OldBrowser option added to URL toolkit.
|
|
|
|
* Improved mimetype configuration.
|
|
|
|
* Do-not-track HTTP header support.
|
|
|
|
* Password file entries can now be created with Wigwam.
|
|
|
|
* Small bugfixes and improvements.
|
|
|
|
* Bugfix: sent one byte too few for Range -XX.
|
|
|
|
* Bugfix: possible crash when using PreventSQLi.
|
|
|
|
|
2010-11-15 20:52:10 +01:00
|
|
|
-------------------------------------------------------------------
|
2011-04-12 19:07:58 +02:00
|
|
|
Tue Apr 12 19:00:00 CET 2011 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.4.1>
|
|
|
|
* Bugfix: integer overflow in fetch_request() which could
|
|
|
|
lead to a server crash.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2010-11-15 20:52:10 +01:00
|
|
|
Mon Nov 15 19:00:00 CET 2010 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.4>
|
|
|
|
* Connections per IP added to RequestLimitMask.
|
|
|
|
* NoExtensionAs made a per-host setting.
|
|
|
|
* Small bugfixes and improvements.
|
|
|
|
* Bugfix: usage of HideProxy caused Hiawatha to refuse new connections
|
|
|
|
after ConnectionsTotal connections.
|
|
|
|
* Bugfix: memory leak in XSLT module.
|
|
|
|
|
2010-06-11 19:53:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jun 11 19:00:00 CET 2010 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.3>
|
|
|
|
* RequestLimitMask option added.
|
|
|
|
* URL parameters for ErrorHandler.
|
|
|
|
* Support for Haiku OS.
|
|
|
|
* Small security bugfixes.
|
|
|
|
|
2010-03-29 14:29:40 +02:00
|
|
|
-------------------------------------------------------------------
|
2010-04-22 03:58:08 +02:00
|
|
|
Thu Apr 22 04:00:00 CET 2010 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.2>
|
|
|
|
* URL toolkit code restructured.
|
|
|
|
* UseSSL option added to URL toolkit.
|
|
|
|
* Digest HTTP authentication works with htdigest(1) created password files.
|
|
|
|
* Small improvements.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2010-03-29 14:29:40 +02:00
|
|
|
Mon Mar 29 14:00:00 CET 2010 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.1>
|
|
|
|
* Small bugfixes.
|
|
|
|
* Bugfix: deny access and redirect result via toolkit subroutine.
|
|
|
|
* Bugfix: broken flooding protection.
|
|
|
|
|
2010-02-22 15:16:27 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 15 23:25:00 CET 2010 - detlef@links2linux.de
|
|
|
|
|
|
|
|
- new upstream version <7.0>
|
|
|
|
- added logrotate/init file.
|
|
|
|
|
2009-03-09 16:58:35 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 9 16:50:22 CET 2009 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 6.11
|
|
|
|
|
2008-05-29 18:49:58 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu May 29 18:49:29 CEST 2008 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 6.7
|
|
|
|
- added permissions file.
|
|
|
|
|
2007-11-13 06:03:57 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 13 06:03:10 CET 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 6.1
|
|
|
|
* Format of ConnectTo changed. Old format will be valid for a few
|
|
|
|
more releases.
|
|
|
|
* Changed some CGI environment variables after URL rewriting.
|
|
|
|
* Some URL rewrite checks included in Wigwam.
|
|
|
|
* TriggerOnCGIstatus option added.
|
|
|
|
* RequireResolveIP option removed.
|
|
|
|
* Bugfix: POST data larger then 64kB via FastCGI.
|
|
|
|
|
2007-10-27 16:03:50 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 27 15:58:22 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 6.0
|
|
|
|
|
2007-09-28 05:40:43 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Sep 28 05:39:52 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 5.13
|
|
|
|
|
2007-09-03 06:36:02 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 3 06:35:45 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 5.12
|
|
|
|
|
2007-08-08 05:41:21 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 8 05:38:49 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 5.11
|
|
|
|
|
2007-07-27 07:50:35 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jul 27 07:50:21 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 5.10
|
|
|
|
|
2007-05-12 22:21:50 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat May 12 22:13:14 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 5.8
|
|
|
|
|