rpm/apache2
SHA256
1
0
Fork 0
forked from pool/apache2
Code Pull Requests Activity
242 Commits 2 Branches 0 Tags
Commit Graph

242 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Cristian Rodríguez
b3413e39e4 Accepting request 281475 from home:elvigia:branches:Apache 
- remove obsolete patches 
* httpd-2.4.10-check_null_pointer_dereference.patch
* httpd-event-deadlock.patch
* httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch
* httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_Require_line.patch

- Apache 2.4.11 
  *) SECURITY: CVE-2014-3583 (cve.mitre.org)
     mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with 
     response headers' size above 8K.  [Yann Ylavic, Jeff Trawick]
  *) SECURITY: CVE-2014-3581 (cve.mitre.org)
     mod_cache: Avoid a crash when Content-Type has an empty value.
     PR 56924.  [Mark Montague <mark catseye.org>, Jan Kaluza]
  *) SECURITY: CVE-2014-8109 (cve.mitre.org)
     mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
     used in multiple Require directives with different arguments.
     PR57204 [Edward Lu <Chaosed0 gmail.com>]
  *) SECURITY: CVE-2013-5704 (cve.mitre.org)
     core: HTTP trailers could be used to replace HTTP headers
     late during request processing, potentially undoing or
     otherwise confusing modules that examined or modified
     request headers earlier.  Adds "MergeTrailers" directive to restore
     legacy behavior.  [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
  *) mod_ssl: New directive SSLSessionTickets (On|Off).
     The directive controls the use of TLS session tickets (RFC 5077),
     default value is "On" (unchanged behavior).
     Session ticket creation uses a random key created during web
     server startup and recreated during restarts. No other key
     recreation mechanism is available currently. Therefore using session
     tickets without restarting the web server with an appropriate frequency

OBS-URL: https://build.opensuse.org/request/show/281475
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=429
 2015-01-16 15:52:19 +00:00
Dominique Leuenberger
97b8f1d9cb Accepting request 280888 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/280888
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=96
 2015-01-15 15:00:42 +00:00
Roman Drahtmueller
b9fbfaa975 Accepting request 280882 from home:bruno_friedmann:branches:Apache 
- Redone lost patch to fix boo#859439 
  + service reload can cause log data to be lost with logrotate
  under some circumstances: remove "-t" from service reload.
  [bnc#859439]

OBS-URL: https://build.opensuse.org/request/show/280882
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=428
 2015-01-12 11:47:35 +00:00
Dominique Leuenberger
370b6ebcb9 Accepting request 280345 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/280345
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=95
 2015-01-10 22:06:46 +00:00
Roman Drahtmueller
3cd0bfc911 Accepting request 280312 from home:AndreasSchwab:f 
- Fix URL syntax in various files

OBS-URL: https://build.opensuse.org/request/show/280312
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=427
 2015-01-08 14:49:10 +00:00
Dominique Leuenberger
0b5c546eb5 Accepting request 266862 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/266862
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=94
 2015-01-03 21:02:13 +00:00
Kristyna Streitova
fefabf0a4d Accepting request 266793 from home:pgajdos 
- fix IfModule directive around SSLSessionCache [bnc#842377c#11]

OBS-URL: https://build.opensuse.org/request/show/266793
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=426
 2014-12-30 13:15:12 +00:00
Dominique Leuenberger
9067f4340b Accepting request 266431 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/266431
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=93
 2014-12-29 23:49:20 +00:00
Tomáš Chvátal
b23df1a23f Accepting request 265897 from home:kstreitova:branches:Apache 
- Repair patch names in the changelog in order to be submitted to the
  Factory without error from the check script.

OBS-URL: https://build.opensuse.org/request/show/265897
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=425
 2014-12-26 11:13:18 +00:00
Cristian Rodríguez
ba24c8b5d8 Accepting request 265358 from home:kstreitova:branches:Apache 
- added httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_\
  requests.patch to fix flaw in the way mod_headers handled chunked
  requests. Adds "MergeTrailers" directive to restore legacy
  behavior [bnc#871310], [CVE-2013-5704].

- added httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_\
  Require_line.patch that fixes handling of the Require line when
  a LuaAuthzProvider is  used in multiple Require directives with
  different arguments [bnc#909715], [CVE-2014-8109].

OBS-URL: https://build.opensuse.org/request/show/265358
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=424
 2014-12-19 01:04:03 +00:00
Dominique Leuenberger
94d74db3a3 Accepting request 264360 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/264360
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=92
 2014-12-09 08:17:05 +00:00
Cristian Rodríguez
07869f95a0 Accepting request 264210 from home:pgajdos 
- fixed start at boot for ssl and encrypted key [bnc#792309]

OBS-URL: https://build.opensuse.org/request/show/264210
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=423
 2014-12-08 05:06:40 +00:00
Dominique Leuenberger
442d036206 Accepting request 263952 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/263952
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=91
 2014-12-05 20:07:34 +00:00
Kristyna Streitova
bb240f4d27 Accepting request 263394 from home:Ledest:bashisms 
fix shebang in start_apache2 script that contains bash-specific constructions

OBS-URL: https://build.opensuse.org/request/show/263394
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=422
 2014-12-04 09:37:13 +00:00
Stephan Kulow
503ddfe648 Accepting request 263228 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/263228
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=90
 2014-11-29 07:39:28 +00:00
Roman Drahtmueller
f64d31d835 Accepting request 263227 from home:pgajdos 
- small improvement of ssl instructions [bnc#891813]

OBS-URL: https://build.opensuse.org/request/show/263227
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=421
 2014-11-27 13:45:11 +00:00
Dominique Leuenberger
dc6389acb9 Accepting request 260912 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/260912
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=89
 2014-11-13 08:21:36 +00:00
Kristyna Streitova
bf5cc252d9 Accepting request 260627 from home:kstreitova:branches:Apache 
- httpd-2.1.9-apachectl.dif renamed to httpd-2.4.10-apachectl.patch 
  and updated (fixed bashism).

OBS-URL: https://build.opensuse.org/request/show/260627
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=420
 2014-11-11 17:06:29 +00:00
Kristyna Streitova
40b2a9f983 Accepting request 260414 from home:Ledest:misc 
fix bashisms in post scripts

OBS-URL: https://build.opensuse.org/request/show/260414
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=419
 2014-11-10 10:08:27 +00:00
Roman Drahtmueller
951efc68a1 Accepting request 260263 from home:kstreitova:branches:Apache 
- added httpd-2.4.10-check_null_pointer_dereference.patch to avoid
  a crash when Content-Type has an empty value [bnc#899836], 
  CVE-2014-3581

OBS-URL: https://build.opensuse.org/request/show/260263
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=418
 2014-11-07 16:56:25 +00:00
Kristyna Streitova
a751749ac2 Accepting request 260088 from home:Ledest:misc 
fix bashism in apache2ctl script: replace 'source' with '.'

OBS-URL: https://build.opensuse.org/request/show/260088
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=417
 2014-11-07 15:23:57 +00:00
Stephan Kulow
b0fd6f1b6b Accepting request 259182 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/259182
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=88
 2014-11-05 15:26:43 +00:00
Cristian Rodríguez
5494e05306 Accepting request 259172 from home:elvigia:branches:Apache 
- httpd-event-deadlock.patch:  Fix worker-listener 
  deadlock in graceful restart.

OBS-URL: https://build.opensuse.org/request/show/259172
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=416
 2014-10-31 17:05:48 +00:00
Tomáš Chvátal
9c7ab77596 Accepting request 259117 from home:pgajdos:apache2 
OBS-URL: https://build.opensuse.org/request/show/259117
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=415
 2014-10-31 09:50:04 +00:00
Tomáš Chvátal
e906ab12cb Accepting request 258991 from home:pgajdos:apache2 
OBS-URL: https://build.opensuse.org/request/show/258991
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=414
 2014-10-30 14:33:56 +00:00
Stephan Kulow
09ef69e56d Accepting request 256900 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/256900
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=87
 2014-10-25 06:32:21 +00:00
Kristyna Streitova
89a0424a96 Accepting request 256892 from home:pgajdos 
- drop (turned off) itk mpm spec file code as mpm-itk is now 
  provided as a separate module, not via patch 
  (see http://mpm-itk.sesse.net/ and [bnc#851229])

OBS-URL: https://build.opensuse.org/request/show/256892
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=413
 2014-10-16 13:07:28 +00:00
Stephan Kulow
c4f6c506a1 Accepting request 255864 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/255864
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=86
 2014-10-15 19:58:41 +00:00
Kristyna Streitova
5700ed3d4b Accepting request 255745 from home:pgajdos 
- enable mod_imagemap [bnc#866366]

OBS-URL: https://build.opensuse.org/request/show/255745
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=412
 2014-10-13 16:20:07 +00:00
Stephan Kulow
0ebd11ecb4 Accepting request 254981 from Apache 
1

OBS-URL: https://build.opensuse.org/request/show/254981
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=85
 2014-10-11 20:41:45 +00:00
Kristyna Streitova
691a4e4389 Accepting request 254957 from home:pgajdos 
- fixed link to Apache quickstart [bnc#624681], [bnc#789806]

OBS-URL: https://build.opensuse.org/request/show/254957
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=411
 2014-10-10 13:06:23 +00:00
Stephan Kulow
d7b1f84695 Accepting request 254328 from Apache 
- the following unused patches were removed from the package:
  * apache2-mod_ssl_npn.patch
  * httpd-2.0.49-log_server_status.dif 

- 700 permissions for /usr/sbin/apache2-systemd-ask-pass and
  /usr/sbin/start_apache2 [bnc#851627]

- allow only TCP ports in Yast2 firewall files

- more 2.2 -> 2.4 [bnc#862058]

- ServerSignature=Off and ServerTokens=Prod by request from 
  security team [bnc#716495]

- fix documentation links 2.2 -> 2.4 [bnc#888163] (internal)

- Update package Summary and Description. 
- version 2.4.10
* SECURITY: CVE-2014-0117 (cve.mitre.org)
* SECURITY: CVE-2014-3523 (cve.mitre.org)
* SECURITY: CVE-2014-0226 (cve.mitre.org)
* SECURITY: CVE-2014-0118 (cve.mitre.org)
* SECURITY: CVE-2014-0231 (cve.mitre.org)
* Multiple bugfixes to mod_ssl, mod_cache, mod_deflate, mod_lua
* mod_proxy_fcgi supports unix sockets.

- provide httpd.service as alias for apache2.service for
  compatibility reasons (bnc#888093)

- move most ssl options to ssl-global.conf. There is usually no need

OBS-URL: https://build.opensuse.org/request/show/254328
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=84
 2014-10-09 10:52:02 +00:00
Kristyna Streitova
9fe47c8d91 - the following unused patches were removed from the package: 
* apache2-mod_ssl_npn.patch
  * httpd-2.0.49-log_server_status.dif

OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=410
 2014-10-06 12:46:43 +00:00
Kristyna Streitova
9c9e69c324 Accepting request 253625 from home:pgajdos 
- 700 permissions for /usr/sbin/apache2-systemd-ask-pass and
  /usr/sbin/start_apache2 [bnc#851627]

OBS-URL: https://build.opensuse.org/request/show/253625
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=409
 2014-10-06 12:08:39 +00:00
Kristyna Streitova
94c97faa9a - allow only TCP ports in Yast2 firewall files 
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=408
 2014-09-29 08:30:32 +00:00
Kristyna Streitova
163b7694ca Accepting request 252743 from home:lnussel:branches:Apache 
- move most ssl options to ssl-global.conf. There is usually no need
  for every vhost to re-define the ciphers for example (bnc#865582).
  Drop some commented entries that only lead to confusion.

OBS-URL: https://build.opensuse.org/request/show/252743
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=407
 2014-09-29 08:10:08 +00:00
Kristyna Streitova
4b31aea044 Accepting request 252506 from home:pgajdos 
- more 2.2 -> 2.4 [bnc#862058]

OBS-URL: https://build.opensuse.org/request/show/252506
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=406
 2014-09-26 15:16:44 +00:00
Kristyna Streitova
e897f2962b Accepting request 252298 from home:pgajdos 
- ServerSignature=Off and ServerTokens=Prod by request from 
  security team [bnc#716495]

- fix documentation links 2.2 -> 2.4 [bnc#888163] (internal)

OBS-URL: https://build.opensuse.org/request/show/252298
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=405
 2014-09-25 15:29:49 +00:00
Cristian Rodríguez
b0906927d0 Accepting request 241778 from home:elvigia:branches:Apache 
- Update package Summary and Description. 
- version 2.4.10
* SECURITY: CVE-2014-0117 (cve.mitre.org)
* SECURITY: CVE-2014-3523 (cve.mitre.org)
* SECURITY: CVE-2014-0226 (cve.mitre.org)
* SECURITY: CVE-2014-0118 (cve.mitre.org)
* SECURITY: CVE-2014-0231 (cve.mitre.org)
* Multiple bugfixes to mod_ssl, mod_cache, mod_deflate, mod_lua
* mod_proxy_fcgi supports unix sockets.

OBS-URL: https://build.opensuse.org/request/show/241778
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=404
 2014-07-23 20:22:18 +00:00
Roman Drahtmueller
d7aec51e00 Accepting request 241685 from home:mcalmer:branches:Apache 
- provide httpd.service as alias for apache2.service for
  compatibility reasons (bnc#888093)

OBS-URL: https://build.opensuse.org/request/show/241685
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=403
 2014-07-21 10:12:28 +00:00
Stephan Kulow
636f6b91e8 Accepting request 227797 from Apache 
- version 2.4.9 
* SECURITY: CVE-2014-0098
* SECURITY: CVE-2013-6438
* multiple bugfixes and improvements to mod_ssl, mod_lua,
  mod_session and core, see CHANGES for details. (forwarded request 227796 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/227797
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=82
 2014-03-31 18:43:06 +00:00
Cristian Rodríguez
19a944dee7 Accepting request 227796 from home:elvigia:branches:Apache 
- version 2.4.9 
* SECURITY: CVE-2014-0098
* SECURITY: CVE-2013-6438
* multiple bugfixes and improvements to mod_ssl, mod_lua,
  mod_session and core, see CHANGES for details.

OBS-URL: https://build.opensuse.org/request/show/227796
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=402
 2014-03-27 16:21:35 +00:00
Stephan Kulow
46cb55e7e7 Accepting request 223761 from Apache 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/223761
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=81
 2014-02-26 22:20:22 +00:00
Roman Drahtmueller
c5bb63f9e2 - /etc/sysconfig/apache2: add socache_shmcb to the list of modules 
that are enabled.
  /etc/apache2/ssl-global.conf: make SSLSessionCache shmcb...
  conditional on IfModule socache_shmcb.
  The same applies to SSLSessionCache dmb:* via module socache_dbm
  in commented section of same file. [bnc#864185]
- /etc/sysconfig/apache2: remove reference to non-existing script
  /usr/share/doc/packages/apache2/certificate.sh, which was only a
  wrapper to mkcert.sh anyways. [bnc#864185]

OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=401
 2014-02-17 17:32:05 +00:00
Stephan Kulow
82775e4df7 Accepting request 221932 from Apache 
Correct apache2.changes, mention the drop of httpd-event-ssl.patch (forwarded request 214772 from aeneas_jaissle)

OBS-URL: https://build.opensuse.org/request/show/221932
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=80
 2014-02-13 05:53:02 +00:00
Peter Poeml
c00cf22114 Accepting request 214772 from home:aeneas_jaissle:branches:Apache 
Correct apache2.changes, mention the drop of httpd-event-ssl.patch

OBS-URL: https://build.opensuse.org/request/show/214772
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=400
 2014-02-11 23:36:16 +00:00
Cristian Rodríguez
74d7ddb780 Accepting request 208347 from home:elvigia:branches:Apache 
- update to apache 2.4.7, important changes:
* This release requires both apr and apr-util 1.5.x series
  and therefore will no longer build in older released products
* mod_ssl: Improve handling of ephemeral DH and ECDH keys
 (obsoletes httpd-mod_ssl_ephemeralkeyhandling.patch)
*  event MPM: Fix possible crashes
*  mod_deflate: Improve error detection
* core: Add open_htaccess hook  in conjunction with dirwalk_stat.
* mod_rewrite: Make rewrite websocket-aware to allow proxying.
* mod_ssl: drop support for export-grade ciphers with ephemeral RSA
  keys, and unconditionally disable aNULL, eNULL and EXP ciphers
 (not overridable via SSLCipherSuite)
* see CHANGES for more details

OBS-URL: https://build.opensuse.org/request/show/208347
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=399
 2013-11-25 22:26:02 +00:00
Stephan Kulow
728994a45b Accepting request 207096 from Apache 
- httpd-mod_ssl_ephemeralkeyhandling.patch obsoletes
 mod_ssl-2.4.x-ekh.diff this new patch is the final
  form of the rework, merged for 2.4.7. (forwarded request 207095 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/207096
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=79
 2013-11-17 14:58:00 +00:00
Cristian Rodríguez
8ac24cac75 Accepting request 207095 from home:elvigia:branches:Apache 
- httpd-mod_ssl_ephemeralkeyhandling.patch obsoletes
 mod_ssl-2.4.x-ekh.diff this new patch is the final
  form of the rework, merged for 2.4.7.

OBS-URL: https://build.opensuse.org/request/show/207095
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=398
 2013-11-16 01:22:18 +00:00
Stephan Kulow
14dc2e30ef Accepting request 206490 from Apache 
Removed obsolete directive DefaultType bnc#848146
Changed access control to use new Require type directives (forwarded request 205788 from fdekruijf)

OBS-URL: https://build.opensuse.org/request/show/206490
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=78
 2013-11-12 08:49:40 +00:00