This commit is contained in:
OBS User unknown
committed by
Git OBS Bridge
Git OBS Bridge
parent
3a862fa338
commit
8b3d8a5889
@@ -1,3 +1,63 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 29 18:38:17 CET 2008 - poeml@suse.de
|
||||
|
||||
- update year of copyright in rc.apache2
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 29 00:13:58 CET 2008 - poeml@suse.de
|
||||
|
||||
- update to 2.2.10:
|
||||
SECURITY: CVE-2008-2939 (cve.mitre.org)
|
||||
mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
|
||||
the FTP URL. Discovered by Marc Bevand of Rapid7.
|
||||
core:
|
||||
- Support chroot on Unix-family platforms. PR 43596
|
||||
mod_authn_alias:
|
||||
- Detect during startup when AuthDigestProvider is configured to
|
||||
use an incompatible provider via AuthnProviderAlias. PR 45196
|
||||
mod_cgid:
|
||||
- Pass along empty command line arguments from an ISINDEX query
|
||||
that has consecutive '+' characters in the QUERY_STRING,
|
||||
matching the behavior of mod_cgi.
|
||||
mod_charset_lite:
|
||||
- Avoid dropping error responses by handling meta buckets
|
||||
correctly. PR 45687
|
||||
mod_dav_fs:
|
||||
- Retrieve minimal system information about directory entries
|
||||
when walking a DAV fs, resolving a performance degradation on
|
||||
Windows. PR 45464.
|
||||
mod_headers:
|
||||
- Prevent Header edit from processing only the first header of
|
||||
possibly multiple headers with the same name and deleting the
|
||||
remaining ones. PR 45333.
|
||||
mod_proxy:
|
||||
- Allow for smax to be 0 for balancer members so that all idle
|
||||
connections are able to be dropped should they exceed ttl. PR 43371
|
||||
- Add 'scolonpathdelim' parameter to allow for ';' to also be
|
||||
used as a session path separator/delim PR 45158.
|
||||
- Add connectiontimeout parameter for proxy workers in order to
|
||||
be able to set the timeout for connecting to the backend separately.
|
||||
PR 45445.
|
||||
mod_proxy_http:
|
||||
- Don't trigger a retry by the client if a failure to
|
||||
read the response line was the result of a timeout.
|
||||
- Introduce environment variable proxy-initial-not-pooled to
|
||||
avoid reusing pooled connections if the client connection is an initial
|
||||
connection. PR 37770.
|
||||
- Do not forward requests with 'Expect: 100-continue' to
|
||||
known HTTP/1.0 servers. Return 'Expectation failed' (417) instead.
|
||||
mod_proxy_balancer:
|
||||
- Move nonce field in the balancer manager page inside
|
||||
the html form where it belongs. PR 45578.
|
||||
- Add 'bybusyness' load balance method.
|
||||
mod_rewrite:
|
||||
- Allow Cookie option to set secure and HttpOnly flags. PR 44799
|
||||
- Preserve the query string when [proxy,noescape]. PR 45247.
|
||||
mod_ssl:
|
||||
- implement dynamic mutex callbacks for the benefit of OpenSSL.
|
||||
- Rewrite shmcb to avoid memory alignment issues. PR 42101.
|
||||
- drop obsolete patch httpd-2.2.x-CVE-2008-2939.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 24 13:23:41 CEST 2008 - skh@suse.de
|
||||
|
||||
|
||||
Reference in New Issue
Block a user