9228b9b991
Accepting request 306357 from home:guohouzuo:freeipa
...
CVE-2015-0253
OBS-URL: https://build.opensuse.org/request/show/306357
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=444
2015-05-15 13:11:40 +00:00
92c7650ad2
Accepting request 305442 from home:kstreitova:branches:Apache
...
- simplify apache2.logrotate, use sharedscripts [bnc#713581]
- remove curly brackets around format sequence "%y" in
`stat --format="%{y}" %{SOURCE1}` that caused an incorrect
evaluation. Add escaping to proper spec-cleaner processing in
the future
OBS-URL: https://build.opensuse.org/request/show/305442
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=443
2015-05-05 14:04:17 +00:00
Cristian Rodríguez
3db0597f68
Accepting request 295209 from home:kstreitova:branches:Apache
...
- remove 'exit 0' from the %post section in the specfile that was
placed here incorrectly and caused that the rest of the %post
section couldn't be executed.
OBS-URL: https://build.opensuse.org/request/show/295209
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=442
2015-04-10 01:12:40 +00:00
425a6e38f6
Accepting request 295183 from home:pgajdos
...
- /etc/init.d/apache2 reload -> systemctl reload apache2.service
in apache2.logrotate [bnc#926523]
- authz_default -> authz_core in sysconfig.apache2/APACHE_MODULES
[bnc#922236]
OBS-URL: https://build.opensuse.org/request/show/295183
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=441
2015-04-09 15:49:19 +00:00
Roman Drahtmueller
c014dddee9
Accepting request 290225 from home:dimstar:Factory
...
- Add Requires(post) apache2 to the subpackage -worker, -event and
-prefork: their respective post scriptlets execute
/usr/share/apache2/get_module_list, which is shipped as part of
the main package. This script has the side-effect to call
find_mpm, which in turn creates the corresponding /usr/sbin/httpd2
symlink.
OBS-URL: https://build.opensuse.org/request/show/290225
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=440
2015-03-10 21:08:07 +00:00
Tomáš Chvátal
a933b8a7ee
Accepting request 287858 from home:jsegitz:branches:Apache
...
- Patched get_module_list to ensure proper SELinux context for
sysconfig.d/loadmodule.conf
OBS-URL: https://build.opensuse.org/request/show/287858
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=439
2015-03-02 13:56:03 +00:00
Tomáš Chvátal
2c22b3f021
- Pname -> name variable reduction
...
- Try to fix sle11 build
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=438
2015-02-25 21:11:43 +00:00
Tomáš Chvátal
91ef19418a
- Version bumpt o 2.4.12:
...
*) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for
internationalization. [William Rowe]
*) mpm_winnt: Normalize the error and status messages emitted by service.c,
the service control interface for Windows. [William Rowe]
*) configure: Fix --enable-v4-mapped configuration on *BSD. PR 53824.
[ olli hauer <ohauer gmx.de>, Yann Ylavic ]
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=437
2015-02-25 20:00:01 +00:00
Tomáš Chvátal
9932510b5f
- Exit cleanly on end of the post and cleanup the update detection
...
- Remove Apache.xpm as it ain't used
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=436
2015-02-25 18:03:53 +00:00
Tomáš Chvátal
54c2369d45
- Cleanup init/unit decision making and provide just systemd service
...
on systemd systems
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=435
2015-02-25 15:59:55 +00:00
Tomáš Chvátal
41b7ec37d5
- Deprecate realver define as it is equal to version.
...
- Explicitely state MPM mods to ensure we don't lose some bnc#444878
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=434
2015-02-25 13:54:02 +00:00
Tomáš Chvátal
d3bab91413
- Pass over spec-cleaner, there should be no actual technical
...
change in this just reduction of lines in the spec
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=433
2015-02-25 13:43:34 +00:00
Cristian Rodríguez
eac415e702
Accepting request 287376 from home:kstreitova:branches:Apache
...
- add httpd-2.4.x-mod_lua_websocket_DoS.patch to fix mod_lua bug
where a maliciously crafted websockets PING after a script calls
r:wsupgrade() can cause a child process crash
[CVE-2015-0228], [bnc#918352].
OBS-URL: https://build.opensuse.org/request/show/287376
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=432
2015-02-24 01:47:47 +00:00
c949489274
Accepting request 281990 from home:elvigia:branches:Apache
...
- httpd-2.4.3-mod_systemd.patch find libsystemd-daemon
with pkg-config, this is the only correct way, in current
versions sd_notify is in libsystemd and in old products
in libsystemd-daemon.
OBS-URL: https://build.opensuse.org/request/show/281990
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=431
2015-02-18 10:45:26 +00:00
b12f830b4e
Accepting request 283916 from home:pgajdos
...
- httpd2.pid in rc.apache2 was wrong [bnc#898193]
OBS-URL: https://build.opensuse.org/request/show/283916
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=430
2015-02-03 16:13:11 +00:00
Cristian Rodríguez
ee5a036d68
Accepting request 281475 from home:elvigia:branches:Apache
...
- remove obsolete patches
* httpd-2.4.10-check_null_pointer_dereference.patch
* httpd-event-deadlock.patch
* httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch
* httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_Require_line.patch
- Apache 2.4.11
*) SECURITY: CVE-2014-3583 (cve.mitre.org)
mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with
response headers' size above 8K. [Yann Ylavic, Jeff Trawick]
*) SECURITY: CVE-2014-3581 (cve.mitre.org)
mod_cache: Avoid a crash when Content-Type has an empty value.
PR 56924. [Mark Montague <mark catseye.org>, Jan Kaluza]
*) SECURITY: CVE-2014-8109 (cve.mitre.org)
mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
used in multiple Require directives with different arguments.
PR57204 [Edward Lu <Chaosed0 gmail.com>]
*) SECURITY: CVE-2013-5704 (cve.mitre.org)
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds "MergeTrailers" directive to restore
legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
*) mod_ssl: New directive SSLSessionTickets (On|Off).
The directive controls the use of TLS session tickets (RFC 5077),
default value is "On" (unchanged behavior).
Session ticket creation uses a random key created during web
server startup and recreated during restarts. No other key
recreation mechanism is available currently. Therefore using session
tickets without restarting the web server with an appropriate frequency
OBS-URL: https://build.opensuse.org/request/show/281475
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=429
2015-01-16 15:52:19 +00:00
Roman Drahtmueller
f453b89ef3
Accepting request 280882 from home:bruno_friedmann:branches:Apache
...
- Redone lost patch to fix boo#859439
+ service reload can cause log data to be lost with logrotate
under some circumstances: remove "-t" from service reload.
[bnc#859439]
OBS-URL: https://build.opensuse.org/request/show/280882
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=428
2015-01-12 11:47:35 +00:00
Roman Drahtmueller
0b5fd3d0c4
Accepting request 280312 from home:AndreasSchwab:f
...
- Fix URL syntax in various files
OBS-URL: https://build.opensuse.org/request/show/280312
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=427
2015-01-08 14:49:10 +00:00
fee3c2ef17
Accepting request 266793 from home:pgajdos
...
- fix IfModule directive around SSLSessionCache [bnc#842377c#11]
OBS-URL: https://build.opensuse.org/request/show/266793
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=426
2014-12-30 13:15:12 +00:00
Tomáš Chvátal
80917782fc
Accepting request 265897 from home:kstreitova:branches:Apache
...
- Repair patch names in the changelog in order to be submitted to the
Factory without error from the check script.
OBS-URL: https://build.opensuse.org/request/show/265897
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=425
2014-12-26 11:13:18 +00:00
Cristian Rodríguez
8d8acf9cef
Accepting request 265358 from home:kstreitova:branches:Apache
...
- added httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_\
requests.patch to fix flaw in the way mod_headers handled chunked
requests. Adds "MergeTrailers" directive to restore legacy
behavior [bnc#871310], [CVE-2013-5704].
- added httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_\
Require_line.patch that fixes handling of the Require line when
a LuaAuthzProvider is used in multiple Require directives with
different arguments [bnc#909715], [CVE-2014-8109].
OBS-URL: https://build.opensuse.org/request/show/265358
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=424
2014-12-19 01:04:03 +00:00
Cristian Rodríguez
451ee1cb0f
Accepting request 264210 from home:pgajdos
...
- fixed start at boot for ssl and encrypted key [bnc#792309]
OBS-URL: https://build.opensuse.org/request/show/264210
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=423
2014-12-08 05:06:40 +00:00
281b0acd06
Accepting request 263394 from home:Ledest:bashisms
...
fix shebang in start_apache2 script that contains bash-specific constructions
OBS-URL: https://build.opensuse.org/request/show/263394
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=422
2014-12-04 09:37:13 +00:00
Roman Drahtmueller
476cd37948
Accepting request 263227 from home:pgajdos
...
- small improvement of ssl instructions [bnc#891813]
OBS-URL: https://build.opensuse.org/request/show/263227
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=421
2014-11-27 13:45:11 +00:00
f4af8ab387
Accepting request 260627 from home:kstreitova:branches:Apache
...
- httpd-2.1.9-apachectl.dif renamed to httpd-2.4.10-apachectl.patch
and updated (fixed bashism).
OBS-URL: https://build.opensuse.org/request/show/260627
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=420
2014-11-11 17:06:29 +00:00
0cc1050d3f
Accepting request 260414 from home:Ledest:misc
...
fix bashisms in post scripts
OBS-URL: https://build.opensuse.org/request/show/260414
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=419
2014-11-10 10:08:27 +00:00
Roman Drahtmueller
8c55ac31d7
Accepting request 260263 from home:kstreitova:branches:Apache
...
- added httpd-2.4.10-check_null_pointer_dereference.patch to avoid
a crash when Content-Type has an empty value [bnc#899836],
CVE-2014-3581
OBS-URL: https://build.opensuse.org/request/show/260263
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=418
2014-11-07 16:56:25 +00:00
6bdeca4a9e
Accepting request 260088 from home:Ledest:misc
...
fix bashism in apache2ctl script: replace 'source' with '.'
OBS-URL: https://build.opensuse.org/request/show/260088
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=417
2014-11-07 15:23:57 +00:00
Cristian Rodríguez
2bcad0b820
Accepting request 259172 from home:elvigia:branches:Apache
...
- httpd-event-deadlock.patch: Fix worker-listener
deadlock in graceful restart.
OBS-URL: https://build.opensuse.org/request/show/259172
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=416
2014-10-31 17:05:48 +00:00
5e595a6fab
Accepting request 256892 from home:pgajdos
...
- drop (turned off) itk mpm spec file code as mpm-itk is now
provided as a separate module, not via patch
(see http://mpm-itk.sesse.net/ and [bnc#851229])
OBS-URL: https://build.opensuse.org/request/show/256892
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=413
2014-10-16 13:07:28 +00:00
4a03a55f2d
Accepting request 255745 from home:pgajdos
...
- enable mod_imagemap [bnc#866366]
OBS-URL: https://build.opensuse.org/request/show/255745
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=412
2014-10-13 16:20:07 +00:00
ee3f40cf79
Accepting request 254957 from home:pgajdos
...
- fixed link to Apache quickstart [bnc#624681], [bnc#789806]
OBS-URL: https://build.opensuse.org/request/show/254957
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=411
2014-10-10 13:06:23 +00:00
81452ff3fd
- the following unused patches were removed from the package:
...
* apache2-mod_ssl_npn.patch
* httpd-2.0.49-log_server_status.dif
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=410
2014-10-06 12:46:43 +00:00
168cf9bc63
Accepting request 253625 from home:pgajdos
...
- 700 permissions for /usr/sbin/apache2-systemd-ask-pass and
/usr/sbin/start_apache2 [bnc#851627]
OBS-URL: https://build.opensuse.org/request/show/253625
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=409
2014-10-06 12:08:39 +00:00
2cf9c2eff2
- allow only TCP ports in Yast2 firewall files
...
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=408
2014-09-29 08:30:32 +00:00
c2fa79c4fd
Accepting request 252743 from home:lnussel:branches:Apache
...
- move most ssl options to ssl-global.conf. There is usually no need
for every vhost to re-define the ciphers for example (bnc#865582).
Drop some commented entries that only lead to confusion.
OBS-URL: https://build.opensuse.org/request/show/252743
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=407
2014-09-29 08:10:08 +00:00
c526e06163
Accepting request 252506 from home:pgajdos
...
- more 2.2 -> 2.4 [bnc#862058]
OBS-URL: https://build.opensuse.org/request/show/252506
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=406
2014-09-26 15:16:44 +00:00
a8b0a3c89f
Accepting request 252298 from home:pgajdos
...
- ServerSignature=Off and ServerTokens=Prod by request from
security team [bnc#716495]
- fix documentation links 2.2 -> 2.4 [bnc#888163] (internal)
OBS-URL: https://build.opensuse.org/request/show/252298
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=405
2014-09-25 15:29:49 +00:00
Cristian Rodríguez
b806cd2e68
Accepting request 241778 from home:elvigia:branches:Apache
...
- Update package Summary and Description.
- version 2.4.10
* SECURITY: CVE-2014-0117 (cve.mitre.org)
* SECURITY: CVE-2014-3523 (cve.mitre.org)
* SECURITY: CVE-2014-0226 (cve.mitre.org)
* SECURITY: CVE-2014-0118 (cve.mitre.org)
* SECURITY: CVE-2014-0231 (cve.mitre.org)
* Multiple bugfixes to mod_ssl, mod_cache, mod_deflate, mod_lua
* mod_proxy_fcgi supports unix sockets.
OBS-URL: https://build.opensuse.org/request/show/241778
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=404
2014-07-23 20:22:18 +00:00
Roman Drahtmueller
8e21893c1a
Accepting request 241685 from home:mcalmer:branches:Apache
...
- provide httpd.service as alias for apache2.service for
compatibility reasons (bnc#888093)
OBS-URL: https://build.opensuse.org/request/show/241685
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=403
2014-07-21 10:12:28 +00:00
Cristian Rodríguez
4c55458721
Accepting request 227796 from home:elvigia:branches:Apache
...
- version 2.4.9
* SECURITY: CVE-2014-0098
* SECURITY: CVE-2013-6438
* multiple bugfixes and improvements to mod_ssl, mod_lua,
mod_session and core, see CHANGES for details.
OBS-URL: https://build.opensuse.org/request/show/227796
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=402
2014-03-27 16:21:35 +00:00
Roman Drahtmueller
c2fdaa8a39
- /etc/sysconfig/apache2: add socache_shmcb to the list of modules
...
that are enabled.
/etc/apache2/ssl-global.conf: make SSLSessionCache shmcb...
conditional on IfModule socache_shmcb.
The same applies to SSLSessionCache dmb:* via module socache_dbm
in commented section of same file. [bnc#864185]
- /etc/sysconfig/apache2: remove reference to non-existing script
/usr/share/doc/packages/apache2/certificate.sh, which was only a
wrapper to mkcert.sh anyways. [bnc#864185]
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=401
2014-02-17 17:32:05 +00:00
Peter Poeml
ffe248bdf9
Accepting request 214772 from home:aeneas_jaissle:branches:Apache
...
Correct apache2.changes, mention the drop of httpd-event-ssl.patch
OBS-URL: https://build.opensuse.org/request/show/214772
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=400
2014-02-11 23:36:16 +00:00
Cristian Rodríguez
1b8f4008f3
Accepting request 208347 from home:elvigia:branches:Apache
...
- update to apache 2.4.7, important changes:
* This release requires both apr and apr-util 1.5.x series
and therefore will no longer build in older released products
* mod_ssl: Improve handling of ephemeral DH and ECDH keys
(obsoletes httpd-mod_ssl_ephemeralkeyhandling.patch)
* event MPM: Fix possible crashes
* mod_deflate: Improve error detection
* core: Add open_htaccess hook in conjunction with dirwalk_stat.
* mod_rewrite: Make rewrite websocket-aware to allow proxying.
* mod_ssl: drop support for export-grade ciphers with ephemeral RSA
keys, and unconditionally disable aNULL, eNULL and EXP ciphers
(not overridable via SSLCipherSuite)
* see CHANGES for more details
OBS-URL: https://build.opensuse.org/request/show/208347
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=399
2013-11-25 22:26:02 +00:00
Cristian Rodríguez
834fb2a3b8
Accepting request 207095 from home:elvigia:branches:Apache
...
- httpd-mod_ssl_ephemeralkeyhandling.patch obsoletes
mod_ssl-2.4.x-ekh.diff this new patch is the final
form of the rework, merged for 2.4.7.
OBS-URL: https://build.opensuse.org/request/show/207095
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=398
2013-11-16 01:22:18 +00:00
Tomáš Chvátal
79151a9702
Accepting request 205788 from home:fdekruijf:branches:Apache
...
Removed obsolete directive DefaultType bnc#848146
Changed access control to use new Require type directives
OBS-URL: https://build.opensuse.org/request/show/205788
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=397
2013-11-11 14:10:25 +00:00
Cristian Rodríguez
d90e75dc95
Accepting request 204767 from home:elvigia:branches:Apache
...
- reenable mod_ssl-2.4.x-ekh.diff
OBS-URL: https://build.opensuse.org/request/show/204767
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=396
2013-10-25 00:06:51 +00:00
Cristian Rodríguez
7d2ae7ea83
Accepting request 204342 from home:elvigia:branches:Apache
...
- Correct build in old distros.
- disable (revert) mod_ssl changes in the previous
commit so it does not end in factory or 13.1 yet.
- make mod_systemd static so scenarios described in
[bnc#846897] do not happen again.
OBS-URL: https://build.opensuse.org/request/show/204342
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=395
2013-10-22 15:46:52 +00:00
Cristian Rodríguez
b4cc4b8d2b
Accepting request 204244 from home:elvigia:branches:Apache
...
- mod_ssl: improve ephemeral key handling in particular, support DH params
with more than 1024 bits, and allow custom configuration.
This patch adjust DH parameters according to the relevant RFC
recommendations and permanently disables the usage of "export"
and "NULL" ciphers no matter what the user configuration is
(mod_ssl-2.4.x-ekh.diff, to be in 2.4.7)
OBS-URL: https://build.opensuse.org/request/show/204244
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=394
2013-10-21 23:51:12 +00:00
Cristian Rodríguez
f4359447b8
Accepting request 204242 from home:elvigia:branches:Apache
...
- fix [bnc#846897] problems building kiwi images due to
systemd not being running in chroot. (submit to 13.1 ASAP)
OBS-URL: https://build.opensuse.org/request/show/204242
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=393
2013-10-21 23:38:35 +00:00
