rpm/apache2
SHA256
1
0
Fork 0
forked from pool/apache2
Code Pull Requests Activity
apache2/httpd-2.2.17.tar.bz2
Peter Poeml d1581dfc38 Starting httpd for testing doesn't work in my local build environment (can't 
create listen port). But I hope it'll be fine in the "real" build service build
environment, as it used to be.


- update to 2.2.17:
  SECURITY: CVE-2010-1623 (cve.mitre.org)
     Fix a denial of service attack against apr_brigade_split_line().
     [Actual fix is in the libapr 1.3 line, which we don't use // poeml]
  SECURITY: CVE-2009-3560, CVE-2009-3720 (cve.mitre.org)
     Fix two buffer over-read flaws in the bundled copy of expat which could
     cause applications to crash while parsing specially-crafted XML documents.
     [We build with system expat library // poeml]
  prefork MPM: Run cleanups for final request when process exits gracefully
     to work around a flaw in apr-util.  PR 43857
  core: 
   - check symlink ownership if both FollowSymlinks and
     SymlinksIfOwnerMatch are set
   - fix origin checking in SymlinksIfOwnerMatch PR 36783
   - (re)-introduce -T commandline option to suppress documentroot
     check at startup.  PR 41887 
  vhost: 
   - A purely-numeric Host: header should not be treated as a port.  PR 44979 
  rotatelogs: 
   - Fix possible buffer overflow if admin configures a
     mongo log file path.
  Proxy balancer: support setting error status according to HTTP response
     code from a backend.  PR 48939.
  mod_authnz_ldap: 
   - If AuthLDAPCharsetConfig is set, also convert the
     password to UTF-8. PR 45318.
  mod_dir, mod_negotiation: 
   - Pass the output filter information to newly created sub requests; as these
     are later on used as true requests with an internal redirect. This allows
     for mod_cache et.al. to trap the results of the redirect.  PR 17629, 43939
  mod_headers: 
   - Enable multi-match-and-replace edit option PR 46594
  mod_log_config: 
   - Make ${cookie}C correctly match whole cookie names
     instead of substrings. PR 28037.
  mod_reqtimeout: 
   - Do not wrongly enforce timeouts for mod_proxy's backend
     connections and other protocol handlers (like mod_ftp). Enforce the
     timeout for AP_MODE_GETLINE. If there is a timeout, shorten the lingering
     close time from 30 to 2 seconds.
  mod_ssl: 
   - Do not do overlapping memcpy. PR 45444

OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=326
2010-10-21 14:13:55 +00:00

4 lines
132 B
Plaintext
Raw Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:868af11e3ed8fa9aade15241ea4f51971b3ef71104292ca2625ef2065e61fb04
size 4951247
View Git Blame Copy Permalink