------------------------------------------------------------------- Sun Jun 2 13:22:55 UTC 2013 - fisiu@opensuse.org - Update to 9.1: * FileHashes option added. * PolarSSL updated to version 1.2.7. Enabled ciphersuite selection based on protocol version. * Enabled accf_http support for FreeBSD. Thanks to Martin Tournoij. * ImageReferer option removed. * Bugfix: incorrect BanOnFlooding behavior. * Small improvements. ------------------------------------------------------------------- Thu Apr 4 17:44:17 UTC 2013 - fisiu@opensuse.org - Update to 9.0: * Clients handled via thread pool instead of creating threads on the fly. * ThreadPoolSize option added. * Header option added to URL Toolkit. * Improved client SSL certificate handling. Environment variables renamed. * PolarSSL updated to version 1.2.6. * Improved Reverse Proxy caching support for requests with URL parameters. * CacheMinFilesize option removed. * DenyBot option removed. Use UrlToolkit's Header option instead. * OldBrowser option removed from URL Toolkit. Use Header option instead. * Improved UrlToolkit rule testing in wigwam. * Small bugfixes and improvements. ------------------------------------------------------------------- Wed Mar 20 11:29:41 UTC 2013 - fisiu@opensuse.org - Run server as wwwrun user. ------------------------------------------------------------------- Fri Mar 8 15:54:39 UTC 2013 - fisiu@opensuse.org - update to 8.8.1 (changes since 7.7): * Bugfix: Incorrect size of buffer for poll() can lead to a crash when using Tomahawk. * Caching for Reverse Proxy. CacheRProxyExtensions option added. * Basic HTTP authentication now supports the glibc2 version of crypt(). * Hostname in ImageReferer can now contain a wildcard. * DenyBody matching is now case insensitive. * PolarSSL updated to version 1.2.5. * Support for HTTP Strict Transport Security (RFC 6797). Integrated in RequireSSL option. * DHsize option added. * PolarSSL updated to version 1.2.3. * CloudFlare headers placed in environment variables. * Removed php-fcgi. * Bugfix: slow page loading via Reverse Proxy. * PolarSSL updated to version 1.2. Added support for TLS 1.2 and secure renegotiation. * Added support for Server Name Indication. * MinSSLversion option added. * ServerRoot option removed. * Improved MacOS X package building script. * Marked php-fcgi as deprecated. Use php-fpm instead. * Improved Reverse Proxy. * Changed error message style. * Renamed Command Channel to Tomahawk. * Return 403 instead of 401 upon correct password for HTTP authentication but user not in right group. * Bugfix: replaced select() with poll() to prevent crashes in case of large amount of simultaneous connections. Thanks to Peter Bex. * MaxServerLoad option added. * PolarSSL updated to version 1.1.4. * Bugfix: invalid reverse proxy request when URL parameters are present. * Bugfix: memory leak in SSL library. * Improved security for reverse proxy (works with PreventSQLi, etc). * ReverseProxy option added. * PolarSSL updated to version 1.1.3. * WebDAVapp option added. Enables support for WebDAV applications like ownCloud (http://owncloud.org/). * Removed support for the OPTIONS method. * AllowDotFiles option added. * Global forks setting in php-fcgi.conf moved to Server setting. * BanOnInvalidURL option added. * PolarSSL updated to version 1.1.1. * Bugfix: paths missing in default values and examples in manual pages. * Replaced Autoconf with CMake. Many thanks to Sander Niemeijer. * Replaced OpenSSL with PolarSSL. Many thanks to Paul Bakker. * AllowedCiphers and DHparameters options removed. * Added IE7 to UrlToolkit's OldBrowser list, removed IE5. * MaxUrlLength option added, can return 414 Request-URI Too Long. * Changed default value of TriggerOnCGIstatus to 'no'. * Equalized format of logfiles. * Extra checks added to php-fcgi. * Improved SQL injection detection. * Bugfix: memory leak in PreventSQLi routine. * Bugfix: potential server freeze with 100% CPU in CGI output caching. * Bugfix: null byte in HTTP header of cached CGI content. * Control CGI output cache via X-Hiawatha-Cache and X-Hiawatha-Cache-Remove CGI headers. See the CGI OUTPUT CACHE section in the manual page. * BanOnWrongPassword now also triggers on wrong username. * Bugfix: timeout issue with large POST requests on SSL connections. ------------------------------------------------------------------- Mon Oct 10 00:00:00 CET 2011 - detlef@links2linux.de - new upstream version <7.7> * First parameter of Alias can now contain subdirectories. * Improved stability for connections with SSL client authentication. * Bugfix: BanOnFlooding was broken. ------------------------------------------------------------------- Tue Sep 06 00:00:00 CET 2011 - detlef@links2linux.de - new upstream version <7.6> * PreventSQLi option rewritten. ------------------------------------------------------------------- Thu Jun 02 00:00:00 CET 2011 - detlef@links2linux.de - new upstream version <7.5> * OldBrowser option added to URL toolkit. * Improved mimetype configuration. * Do-not-track HTTP header support. * Password file entries can now be created with Wigwam. * Small bugfixes and improvements. * Bugfix: sent one byte too few for Range -XX. * Bugfix: possible crash when using PreventSQLi. ------------------------------------------------------------------- Tue Apr 12 19:00:00 CET 2011 - detlef@links2linux.de - new upstream version <7.4.1> * Bugfix: integer overflow in fetch_request() which could lead to a server crash. ------------------------------------------------------------------- Mon Nov 15 19:00:00 CET 2010 - detlef@links2linux.de - new upstream version <7.4> * Connections per IP added to RequestLimitMask. * NoExtensionAs made a per-host setting. * Small bugfixes and improvements. * Bugfix: usage of HideProxy caused Hiawatha to refuse new connections after ConnectionsTotal connections. * Bugfix: memory leak in XSLT module. ------------------------------------------------------------------- Fri Jun 11 19:00:00 CET 2010 - detlef@links2linux.de - new upstream version <7.3> * RequestLimitMask option added. * URL parameters for ErrorHandler. * Support for Haiku OS. * Small security bugfixes. ------------------------------------------------------------------- Thu Apr 22 04:00:00 CET 2010 - detlef@links2linux.de - new upstream version <7.2> * URL toolkit code restructured. * UseSSL option added to URL toolkit. * Digest HTTP authentication works with htdigest(1) created password files. * Small improvements. ------------------------------------------------------------------- Mon Mar 29 14:00:00 CET 2010 - detlef@links2linux.de - new upstream version <7.1> * Small bugfixes. * Bugfix: deny access and redirect result via toolkit subroutine. * Bugfix: broken flooding protection. ------------------------------------------------------------------- Mon Feb 15 23:25:00 CET 2010 - detlef@links2linux.de - new upstream version <7.0> - added logrotate/init file. ------------------------------------------------------------------- Mon Mar 9 16:50:22 CET 2009 - mrueckert@suse.de - update to 6.11 ------------------------------------------------------------------- Thu May 29 18:49:29 CEST 2008 - mrueckert@suse.de - update to 6.7 - added permissions file. ------------------------------------------------------------------- Tue Nov 13 06:03:10 CET 2007 - mrueckert@suse.de - update to version 6.1 * Format of ConnectTo changed. Old format will be valid for a few more releases. * Changed some CGI environment variables after URL rewriting. * Some URL rewrite checks included in Wigwam. * TriggerOnCGIstatus option added. * RequireResolveIP option removed. * Bugfix: POST data larger then 64kB via FastCGI. ------------------------------------------------------------------- Sat Oct 27 15:58:22 CEST 2007 - mrueckert@suse.de - update to version 6.0 ------------------------------------------------------------------- Fri Sep 28 05:39:52 CEST 2007 - mrueckert@suse.de - update to version 5.13 ------------------------------------------------------------------- Mon Sep 3 06:35:45 CEST 2007 - mrueckert@suse.de - update to version 5.12 ------------------------------------------------------------------- Wed Aug 8 05:38:49 CEST 2007 - mrueckert@suse.de - update to version 5.11 ------------------------------------------------------------------- Fri Jul 27 07:50:21 CEST 2007 - mrueckert@suse.de - update to version 5.10 ------------------------------------------------------------------- Sat May 12 22:13:14 CEST 2007 - mrueckert@suse.de - update to version 5.8