Accepting request 643962 from Apache

OBS-URL: https://build.opensuse.org/request/show/643962
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=150

apache2.changes

@@ -1,3 +1,53 @@
+-------------------------------------------------------------------
+Thu Oct 18 20:41:02 UTC 2018 - Manu Maier <mmanu84@outlook.de>
+
+- updated to 2.4.37
+  * mod_ssl: Fix HTTP/2 failures when using OpenSSL 1.1.1. [Rainer Jung]
+  * mod_ssl: Fix crash during SSL renegotiation with OptRenegotiate set,
+    when client certificates are available from the original handshake
+    but were originally not verified and should get verified now.
+    This is a regression in 2.4.36 (unreleased). [Ruediger Pluem]
+  * mod_ssl: Correctly merge configurations that have client certificates set
+    by SSLProxyMachineCertificate{File|Path}. [Ruediger Pluem]
+- updated to 2.4.36
+  * mod_brotli, mod_deflate: Restore the separate handling of 304 Not Modified
+    responses. Regression introduced in 2.4.35.
+  * mod_proxy_scgi, mod_proxy_uwsgi: improve error handling when sending the
+    body of the response. [Jim Jagielski]
+  * mod_http2: adding defensive code for stream EOS handling, in case the request handler
+    missed to signal it the normal way (eos buckets). Addresses github issues 
+    https://github.com/icing/mod_h2/issues/164, https://github.com/icing/mod_h2/issues/167
+    and https://github.com/icing/mod_h2/issues/170. [Stefan Eissing] 
+  * ab: Add client certificate support. [Graham Leggett]
+  * ab: Disable printing temp key for OpenSSL before
+    version 1.0.2. SSL_get_server_tmp_key is not available
+    there. [Rainer Jung]
+  * mod_ssl: Fix a regression that the configuration settings for verify mode
+    and verify depth were taken from the frontend connection in case of
+    connections by the proxy to the backend. PR 62769. [Ruediger Pluem]
+  * MPMs: Initialize all runtime/asynchronous objects on a dedicated pool and
+    before signals handling to avoid lifetime issues on restart or shutdown.
+    PR 62658. [Yann Ylavic]
+  * mod_ssl: Add support for OpenSSL 1.1.1 and TLSv1.3.  TLSv1.3 has
+    behavioural changes compared to v1.2 and earlier; client and
+    configuration changes should be expected.  SSLCipherSuite is
+    enhanced for TLSv1.3 ciphers, but applies at vhost level only.
+    [Stefan Eissing, Yann Ylavic, Ruediger Pluem, Joe Orton]
+  * mod_auth_basic: Be less tolerant when parsing the credencial. Only spaces
+    should be accepted after the authorization scheme. \t are also tolerated.
+    [Christophe Jaillet]
+  * mod_proxy_hcheck: Fix issues with interval determination. PR 62318
+    [Jim Jagielski]
+  * mod_proxy_hcheck: Fix issues with TCP health checks. PR 61499
+    [Dominik Stillhard <dominik.stillhard united-security-providers.ch>]
+  * mod_proxy_hcheck: take balancer's SSLProxy* directives into account.
+    [Jim Jagielski]
+  * mod_status, mod_echo: Fix the display of client addresses.
+    They were truncated to 31 characters which is not enough for IPv6 addresses.
+    This is done by deprecating the use of the 'client' field and using
+    the new 'client64' field in worker_score.
+    PR 54848 [Bernhard Schmidt <berni birkenwald de>, Jim Jagielski]
+
 -------------------------------------------------------------------
 Mon Oct  1 13:38:05 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
 

apache2.spec

@@ -65,7 +65,7 @@
 %define build_http2 0
 %endif
 Name:           apache2
-Version:        2.4.35
+Version:        2.4.37
 Release:        0
 Summary:        The Apache Web Server Version 2.4
 License:        Apache-2.0

httpd-2.4.35.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2607c6fdd4d12ac3f583127629291e9432b247b782396a563bec5678aae69b56
-size 7044336

httpd-2.4.35.tar.bz2.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2
-
-iQEcBAABCAAGBQJboEzWAAoJEJleNSIa2E3/LmMIAKCFO1yVrGxJdGrgVXRBvPxw
-GI80mRN4xGdfMieptWffxI8dkEPUtnPOSpbR8OvLGc7AfR1X6kA29PuwKQSrnT44
-QCo1Nxtl8o88FdbyicJtTcZJ61bVMvEJRHWjMgOpXcxtyzHtIbutcJGr0bGDa7+H
-3j76hE4mxDbGqMOVBQ5/cBme8vSaruMhLrYc+DLK0aipnQ58+ydHO5NZM4j/mXvU
-W6Xl+Af3gmxdW9eh6a8d/UouwQKAymZzI3snGtBvMgU9x4EIaoDxbE4PUwoOuizg
-NWGPK2lIsGSikXustFxe0knFXcLJY1YYdGQVfRwdmy6+ryynn52MCMg9+XiqrSQ=
-=/iT3
------END PGP SIGNATURE-----

httpd-2.4.37.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3498dc5c6772fac2eb7307dc7963122ffe243b5e806e0be4fb51974ff759d726
+size 7031632

httpd-2.4.37.tar.bz2.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQEcBAABCAAGBQJbyJnxAAoJEJleNSIa2E3/gXYH/jwUT8Tdc6oFwIWe0r9oK97T
+KF+kbU6LoqezVJ8Fk5a0/JVPqgqQkaoipBAe7udtYXRyWr4+8ouSv6JEWH2K9Htr
+BoeDCTALBqO5TmtBqUtpSqy9jRVNRCDfrGS2Th6hEMZXtOMsumBaZrG0xn03jEdc
+ULXwIOPzNpp40E4GhALFDHR+qRLCa/+FDRjgggDSlhRwVC9Emz0wsD0SF0RmpHlM
+l9BoeKLu1ohvgeJrcLQKCsNCTEdEIJcXp8ZnfWiuHs1PY9TEO7z2YQPw2FjAsyic
+BSBC8HkTY8fHCblg5VP7UCfN9w0EDJIyQ7pE2sEWAhxHNsRKeXn0Tjgt8aAYz2g=
+=uhMF
+-----END PGP SIGNATURE-----