[el5_latest] httpd-devel-2.2.3-65.0.1.el5_8.3.i386

The httpd-devel package contains the APXS binary and other files
that you need to build Dynamic Shared Objects (DSOs) for the
Apache HTTP Server.

If you are installing the Apache HTTP server and you want to be
able to compile or develop additional modules for Apache, you need
to install this package.

Changelog (Show File list) (Show related packages)

• Tue Nov 13 2012 Natalya Naumova <natalya.naumova@oracle.com> - 2.2.3-65.0.1.el5_8.3

  - Fix mod_ssl always performing full renegotiation (orabug 12423387)
  - replace index.html with Oracle's index page oracle_index.html
  - update vstring and distro in specfile

• Wed Nov 07 2012 Joe Orton <jorton@redhat.com> - 2.2.3-65.3

  - mod_cache: fix header merging for 304 case (#873730)

• Wed Nov 07 2012 Joe Orton <jorton@redhat.com> - 2.2.3-65.2

  - mod_mem_cache: fix connection abort handling (#873677)

• Sat May 26 2012 Joe Orton <jorton@redhat.com> - 2.2.3-65

  - mod_cache: fix handling of 304 responses (#825210)

• Thu Feb 09 2012 Joe Orton <jorton@redhat.com> - 2.2.3-63.1

  - add security fixes for CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787596)	
  - remove patch for CVE-2011-3638, obviated by fix for CVE-2011-3639

• Thu Jan 05 2012 Joe Orton <jorton@redhat.com> - 2.2.3-63

  - revert addition of LDAP nested group support (#546443)

• Thu Dec 22 2011 Joe Orton <jorton@redhat.com> - 2.2.3-62

  - mod_ldap: add support for nested groups (#546443)
  - mod_ssl: fix segfault with bad SSLCryptoDevice argument (#767990)

• Thu Dec 08 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.3-61

  - rotatelogs: include new manpage (#677279,#677288)

• Fri Oct 28 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.3-60

  - rotatelogs: create files even if they are empty (#677279)
  - rotatelogs: option to rotate files into a custom location (#677288)
  - mod_proxy: allow change BalancerMember state in web interface (#709869)

• Thu Oct 27 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.3-59

  - mod_proxy: add connectiontimeout option (#719907)
  - mod_alias: support Redirect to local path (#714725)

• Wed Oct 26 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.3-58

  - add apr callback to handle OOM (#700322)

• Wed Oct 26 2011 Joe Orton <jorton@redhat.com> - 2.2.3-57

  - updated patch for CVE-2011-3192 (#733061)
  - add security fix for CVE-2011-3368 (#743904)

• Wed Oct 26 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.3-56

  - restart service in posttrans (#719941)

• Fri Sep 09 2011 Joe Orton <jorton@redhat.com> - 2.2.3-55

  - add security fix for CVE-2011-3192 (#733061, #736593)

• Fri Jun 17 2011 Joe Orton <jorton@redhat.com> - 2.2.3-53

  - mod_cache: add "hard" argument to CacheMaxExpire (#379811)

• Thu May 12 2011 Joe Orton <jorton@redhat.com> - 2.2.3-52

  - mod_include: fix parsing across bucket boundaries (#698402)

• Fri Apr 15 2011 Joe Orton <jorton@redhat.com> - 2.2.3-50

  - fix patch for #658766

• Thu Apr 07 2011 Joe Orton <jorton@redhat.com> - 2.2.3-49

  - mod_proxy: add support for 'bybusyness' balancer (#555870)
  - mod_authnz_ldap: enable handling of referrals (#604727)
  - add mod_reqtimeout (#612198)
  - mod_ssl: fix use of overlapping memcpy (#636427)
  - mod_ssl: fix startup with duplicate SSL vhost configurations (#649648)
  - mod_proxy: fix proxy via chained SSL intermediary (#658766)
  - mod_proxy: fix header mapping for balancer:// URLS (#678057)
  - mod_filter: fix matching against response headers (#679994)
  - mod_ldap: fix caching in some configs (#264681)
  - mod_headers: correctly handle multiple matched headers (#673276)

• Tue Apr 05 2011 Joe Orton <jorton@redhat.com> - 2.2.3-48

  - mod_ssl: add fix for handling incomplete lines w/revproxy (#691497)

• Thu Feb 24 2011 Joe Orton <jorton@redhat.com> - 2.2.3-47

  - add proxy fixes for PR 37770, PR 45792 (#632407, #552303)
  - add fix for PR 36780 (#580008)

• Fri Feb 11 2011 Joe Orton <jorton@redhat.com> - 2.2.3-46

  - prefork: ensure early child exit during graceful restart (#674102)

• Tue Dec 07 2010 Joe Orton <jorton@redhat.com> - 2.2.3-45

  - ab: fail gracefully for OOM allocating stats structures (#645845)
  - init script: use $STOP_DELAY as delay before SIGKILL of parent (#644223)
  - mod_dav: don't delete the existing resource if a PUT fails (#572910)
  - core: don't replace Date header when acting as reverse proxy (#565865)
  - mod_dbd: fix pool usage (#633955)

• Fri Aug 20 2010 Joe Orton <jorton@redhat.com> - 2.2.3-44

  - mod_ssl: improved fix for SSLRequire's OID() function (#614423)
  - add security fixes for CVE-2010-1452, CVE-2010-2791 (#623211)
  - mod_deflate: rebase to 2.2.15 (#612211)
  - stop multiple invocations of filter init functions (#570628)

• Fri Mar 05 2010 Joe Orton <jorton@redhat.com> - 2.2.3-43

  - add security fixes for CVE-2010-0408, CVE-2010-0434 (#570441)

• Wed Feb 24 2010 Joe Orton <jorton@redhat.com> - 2.2.3-42

  - require and BR a version of OpenSSL with the secure reneg API (#566659)

• Wed Feb 24 2010 Joe Orton <jorton@redhat.com> - 2.2.3-41

  - mod_ssl: add SSLInsecureRenegotiation (#566659)

• Tue Feb 02 2010 Joe Orton <jorton@redhat.com> - 2.2.3-40

  - mod_ssl: further fix for OID() handling (#552942)

• Fri Jan 29 2010 Joe Orton <jorton@redhat.com> - 2.2.3-39

  - prevent use of rsync during "make install" (#557049)

• Fri Jan 29 2010 Joe Orton <jorton@redhat.com> - 2.2.3-38

  - mod_ssl: fix additional case for OID() handling (#552942)
  - mod_authnz_ldap: fix handling of empty filter in group defn (#252038)

• Wed Jan 20 2010 Joe Orton <jorton@redhat.com> - 2.2.3-37

  - mod_ssl: use ASN1_STRING_print() in SSLRequire's OID() (#552942)

• Mon Dec 21 2009 Joe Orton <jorton@redhat.com> - 2.2.3-36

  - mod_ssl: add further mitigation for CVE-2009-3555 (#534042)
  - add mod_substitute (#539256)

• Sat Dec 19 2009 Joe Orton <jorton@redhat.com> - 2.2.3-35.el5

  - mod_authnz_ldap: dynamic group fixes (#252038)

• Fri Dec 18 2009 Joe Orton <jorton@redhat.com> - 2.2.3-34.el5

  - mod_authnz_ldap: add support for dynamic group lookup (#252038)

• Thu Dec 17 2009 Joe Orton <jorton@redhat.com> - 2.2.3-33.el5

  - add security fixes for CVE-2009-3555, CVE-2009-3094,
    CVE-2009-3095 (#534042)

• Thu Dec 03 2009 Joe Orton <jorton@redhat.com> - 2.2.3-32.el5

  - fix hard-coded default pidfile to match default config (#505002)
  - mod_ssl: fix potential hang in renegotiation (#510515)
  - drop legacy X-Pad header from short responses (#526110)
  - mod_proxy_ajp: fix handling of large uploads (#528640)
  - mod_authnz_ldap: add AuthLDAPRemoteUserAttribute directive (#520838)
  - mod_rewrite: add DiscardPathInfo flag (#517500)
  - mod_authnz_ldap: don't fail authz if no ldap-* configured (#448350)
  - disable keepalive for Expect: 100-continue and error response (#533407)

• Wed Jul 15 2009 Joe Orton <jorton@redhat.com> 2.2.3-31.el5

  - mod_rewrite: correct backport of URI escaping fix (#480604)

• Sat Jul 11 2009 Joe Orton <jorton@redhat.com> 2.2.3-30.el5

  - add security fixes for CVE-2009-1890, CVE-2009-1891 (#509783)

• Tue Jun 23 2009 Joe Orton <jorton@redhat.com> 2.2.3-29.el5

  - add image/png to conf/magic (#240844)

• Wed Jun 17 2009 Joe Orton <jorton@redhat.com> 2.2.3-28.el5

  - fix backwards compat for CVE-2009-1195 fix (#502998)

• Thu May 21 2009 Joe Orton <jorton@redhat.com> 2.2.3-27.el5

  - mod_cgi, mod_cgid: fix logging on input read error (#498170)
  - mod_rewrite: don't serialize logfile access (#493023)
  - mod_ext_filter: fix spurious error log output (#479463)

• Sat May 16 2009 Joe Orton <jorton@redhat.com> 2.2.3-26.el5

  - add security fixes for CVE-2008-1678, CVE-2009-1195 (#499285)

• Sat Apr 18 2009 Joe Orton <jorton@redhat.com> 2.2.3-25.el5

  - mod_rewrite: fix URI escaping with [P] in directory context (#480604)
  - mod_cgi: fix headers/status in error responses (#480932)
  - mod_speling: fix handling of directory names (#485524)
  - init script: use ${pidfile} in more places (#491135)
  - mod_log_config: support remote/local with 'p' format (#493070)
  - remove Obsolete for mod_jk (#493592)
  - mod_ssl: fix SSL per-dir-reneg buffering with internal redirects (#488886)
  - fix spurious error messages on graceful restart (#233955)

• Thu Mar 19 2009 Joe Orton <jorton@redhat.com> 2.2.3-24.el5

  - mod_ssl: add SSLRenegBufferSize directive (#479806)

• Sat Feb 07 2009 Joe Orton <jorton@redhat.com> 2.2.3-23.el5

  - mod_proxy: set c->remote_host for backend SSL connection (#479410)

• Thu Nov 13 2008 Joe Orton <jorton@redhat.com> 2.2.3-22.el5

  - add security fixes for CVE-2008-2939 (#468841)
  - note that the mod_proxy 2.2.9 rebase fixed CVE-2008-2634

• Wed Oct 22 2008 Joe Orton <jorton@redhat.com> 2.2.3-21.el5

  - avoid strict-aliasing warnings (#462877)

• Wed Oct 22 2008 Joe Orton <jorton@redhat.com> 2.2.3-20.el5

  - mod_proxy: scoreboard access fix (#252024)

• Fri Sep 19 2008 Joe Orton <jorton@redhat.com> 2.2.3-19.el5

  - mod_proxy: various backport fixes (#252024)

• Fri Sep 19 2008 Joe Orton <jorton@redhat.com> 2.2.3-17.el5

  - fix mod_proxy symbol use

• Tue Sep 16 2008 Joe Orton <jorton@redhat.com> 2.2.3-16.el5

  - mod_proxy*, mod_cache*: rebase to 2.2.9 (#252024, #249534,
    - backport changes to make chunk filter non-blocking (#454098)

• Sat Sep 13 2008 Joe Orton <jorton@redhat.com> 2.2.3-15.el5

  - mod_ldap: fix memory lifetime issues (#440259)
  - mod_ssl: configure OpenSSL dynamic lock callbacks (#462044)
  - escape the Request-Method in canned error responses (#445888)
  - build the event MPM and fix a deadlock therein (#444643)
  - mod_headers: support "RequestHeader edit" (#428253)
  - use "OPTIONS *" rather than "GET /" in dummy connection (#367981)

• Fri Aug 15 2008 Joe Orton <jorton@redhat.com> 2.2.3-14.el5

  - mod_proxy: add ProxyPassMatch support (#449159)

• Tue Jul 22 2008 Joe Orton <jorton@redhat.com> 2.2.3-13.el5

  - mod_proxy_balancer: allow alternative string to match for
    stickysession parameter (#439218)
  - fix dist tag in Release (#440615)

• Sat Jan 12 2008 Joe Orton <jorton@redhat.com> 2.2.3-12.el5_1.3

  - further update to backport for CVE-2007-6421 (#427240)

• Sat Jan 12 2008 Joe Orton <jorton@redhat.com> 2.2.3-12.el5_1.2

  - updated backport for CVE-2007-6421 (#427240)

• Tue Jan 08 2008 Joe Orton <jorton@redhat.com> 2.2.3-11.el5_1.1

  - add security fixes for CVE-2007-6388, CVE-2007-6421
    and CVE-2007-6422 (#427240)
  - add security fix for CVE-2007-4465, CVE-2007-5000 (#421631)
  - add security fix for mod_proxy_ftp UTF-7 XSS (#427745)

• Tue Aug 07 2007 Joe Orton <jorton@redhat.com> 2.2.3-11.el5

  - mark httpd.conf config(noreplace) (#247881)

• Sat Aug 04 2007 Joe Orton <jorton@redhat.com> 2.2.3-10.el5

  - add security fix for CVE-2007-3847 (#250761)

• Thu Aug 02 2007 Joe Orton <jorton@redhat.com> 2.2.3-9.el5

  - load mod_version by default (#247881)

• Wed Jun 27 2007 Joe Orton <jorton@redhat.com> 2.2.3-8.el5

  - add 'ServerTokens Full-Release' config option (#240857)
  - use init script in logrotate postrotate (#241680)
  - fix mod_proxy option inheritance (#245719)
  - fix ProxyErrorOverride to only affect 4xx, 5xx responses (#240024)
  - bump logresolve line buffer length to 10K (#245763)
  - add security fixes for CVE-2007-1863, CVE-2007-3304,
    and CVE-2006-5752 (#244666)

• Thu Nov 30 2006 Joe Orton <jorton@redhat.com> 2.2.3-6.el5

  - fix path to instdso.sh in special.mk (#217677)
  - fix detection of links in "apachectl fullstatus"

• Wed Sep 20 2006 Joe Orton <jorton@redhat.com> 2.2.3-5.el5

  - rebuild

• Sat Aug 12 2006 Joe Orton <jorton@redhat.com> 2.2.3-3.el5

  - use RHEL branding

• Fri Aug 04 2006 Joe Orton <jorton@redhat.com> 2.2.3-3

  - init: use killproc() delay to avoid race killing parent

• Sat Jul 29 2006 Joe Orton <jorton@redhat.com> 2.2.3-2

  - update to 2.2.3
  - trim %changelog to >=2.0.52

• Fri Jul 21 2006 Joe Orton <jorton@redhat.com> 2.2.2-8

  - fix segfault on dummy connection failure at graceful restart (#199429)

• Thu Jul 20 2006 Joe Orton <jorton@redhat.com> 2.2.2-7

  - fix "apxs -g"-generated Makefile
  - fix buildconf with autoconf 2.60

• Thu Jul 13 2006 Jesse Keating <jkeating@redhat.com> - 2.2.2-5.1

  - rebuild

• Thu Jun 08 2006 Joe Orton <jorton@redhat.com> 2.2.2-5

  - require pkgconfig for -devel (#194152)
  - fixes for installed support makefiles (special.mk et al)
  - BR autoconf

• Sat Jun 03 2006 Joe Orton <jorton@redhat.com> 2.2.2-4

  - make -devel package multilib-safe (#192686)

• Fri May 12 2006 Joe Orton <jorton@redhat.com> 2.2.2-3

  - build DSOs using -z relro linker flag

• Thu May 04 2006 Joe Orton <jorton@redhat.com> 2.2.2-2

  - update to 2.2.2

• Fri Apr 07 2006 Joe Orton <jorton@redhat.com> 2.2.0-6

  - rebuild to pick up apr-util LDAP interface fix (#188073)

• Sat Feb 11 2006 Jesse Keating <jkeating@redhat.com> - (none):2.2.0-5.1.2

  - bump again for double-long bug on ppc(64)

• Wed Feb 08 2006 Jesse Keating <jkeating@redhat.com> - (none):2.2.0-5.1.1

  - rebuilt for new gcc4.1 snapshot and glibc changes

• Tue Feb 07 2006 Joe Orton <jorton@redhat.com> 2.2.0-5.1

  - mod_auth_basic/mod_authn_file: if no provider is configured,
    and AuthUserFile is not configured, decline to handle authn
    silently rather than failing noisily.

• Sat Feb 04 2006 Joe Orton <jorton@redhat.com> 2.2.0-5

  - mod_ssl: add security fix for CVE-2005-3357 (#177914)
  - mod_imagemap: add security fix for CVE-2005-3352 (#177913)
  - add fix for AP_INIT_* designated initializers with C++ compilers
  - httpd.conf: enable HTMLTable in default IndexOptions
  - httpd.conf: add more "redirect-carefully" matches for DAV clients

• Fri Jan 06 2006 Joe Orton <jorton@redhat.com> 2.2.0-4

  - mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)

• Sat Dec 10 2005 Jesse Keating <jkeating@redhat.com>

  - rebuilt

• Thu Dec 08 2005 Joe Orton <jorton@redhat.com> 2.2.0-3

  - strip manual to just English content

• Tue Dec 06 2005 Joe Orton <jorton@redhat.com> 2.2.0-2

  - don't strip C-L from HEAD responses (Greg Ames, #110552)
  - load mod_proxy_balancer by default
  - add proxy_ajp.conf to load/configure mod_proxy_ajp
  - Obsolete mod_jk
  - update docs URLs in httpd.conf/ssl.conf

• Sat Dec 03 2005 Joe Orton <jorton@redhat.com> 2.2.0-1

  - update to 2.2.0

• Thu Dec 01 2005 Joe Orton <jorton@redhat.com> 2.1.10-2

  - enable mod_authn_alias, mod_authn_anon
  - update default httpd.conf

• Sat Nov 26 2005 Joe Orton <jorton@redhat.com> 2.1.10-1

  - update to 2.1.10
  - require apr >= 1.2.0, apr-util >= 1.2.0

• Thu Nov 10 2005 Tomas Mraz <tmraz@redhat.com> 2.0.54-16

  - rebuilt against new openssl

• Fri Nov 04 2005 Joe Orton <jorton@redhat.com> 2.0.54-15

  - log notice giving SELinux context at startup if enabled
  - drop SSLv2 and restrict default cipher suite in default
   SSL configuration

• Fri Oct 21 2005 Joe Orton <jorton@redhat.com> 2.0.54-14

  - mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)
  - add security fix for byterange filter DoS (CVE-2005-2728)
  - add security fix for C-L vs T-E handling (CVE-2005-2088)
  - mod_ssl: add security fix for CRL overflow (CVE-2005-1268)
  - mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
  - add fix for dummy connection handling (#167425)
  - mod_auth_digest: fix hostinfo comparison in CONNECT requests
  - mod_include: fix variable corruption in nested includes (upstream #12655)
  - mod_ssl: add fix for handling non-blocking reads
  - mod_ssl: fix to enable output buffering (upstream #35279)
  - mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)

• Sun Aug 14 2005 Joe Orton <jorton@redhat.com> 2.0.54-13

  - don't load by default: mod_cern_meta, mod_asis
  - do load by default: mod_ext_filter (#165893)

• Fri Jul 29 2005 Joe Orton <jorton@redhat.com> 2.0.54-12

  - drop broken epoch deps

• Fri Jul 01 2005 Joe Orton <jorton@redhat.com> 2.0.54-11

  - mod_dav_fs: fix uninitialized variable (#162144)
  - add epoch to dependencies as appropriate
  - mod_ssl: drop dependencies on dev, make
  - mod_ssl: mark post script dependencies as such

• Tue May 24 2005 Joe Orton <jorton@redhat.com> 2.0.54-10

  - remove broken symlink (Robert Scheck, #158404)

• Thu May 19 2005 Joe Orton <jorton@redhat.com> 2.0.54-9

  - add piped logger fixes (w/Jeff Trawick)

• Tue May 10 2005 Joe Orton <jorton@redhat.com> 2.0.54-8

  - drop old "powered by Red Hat" logos

• Thu May 05 2005 Joe Orton <jorton@redhat.com> 2.0.54-7

  - mod_userdir: fix memory allocation issue (upstream #34588)
  - mod_ldap: fix memory corruption issue (Brad Nicholes, upstream #34618)

• Wed Apr 27 2005 Joe Orton <jorton@redhat.com> 2.0.54-6

  - fix key/cert locations in post script

• Tue Apr 26 2005 Joe Orton <jorton@redhat.com> 2.0.54-5

  - create default dummy cert in /etc/pki/tls
  - use a pseudo-random serial number on the dummy cert
  - change default ssl.conf to point at /etc/pki/tls
  - merge back -suexec subpackage; SELinux policy can now be
    used to persistently disable suexec (#155716)
  - drop /etc/httpd/conf/ssl.* directories and Makefiles
  - unconditionally enable PIE support
  - mod_ssl: fix for picking up -shutdown options (upstream #34452)

• Tue Apr 19 2005 Joe Orton <jorton@redhat.com> 2.0.54-4

  - replace PreReq with Requires(pre)

• Tue Apr 19 2005 Joe Orton <jorton@redhat.com> 2.0.54-3

  - update to 2.0.54

• Wed Mar 30 2005 Joe Orton <jorton@redhat.com> 2.0.53-6

  - update default httpd.conf:
   * clarify the comments on AddDefaultCharset usage (#135821)
   * remove all the AddCharset default extensions
   * don't load mod_imap by default
   * synch with upstream 2.0.53 httpd-std.conf
  - mod_ssl: set user from SSLUserName in access hook (upstream #31418)
  - htdigest: fix permissions of created files (upstream #33765)
  - remove htsslpass

• Thu Mar 03 2005 Joe Orton <jorton@redhat.com> 2.0.53-5

  - apachectl: restore use of $OPTIONS again

• Thu Feb 10 2005 Joe Orton <jorton@redhat.com> 2.0.53-4

  - update to 2.0.53
  - move prefork/worker modules comparison to %check

• Tue Feb 08 2005 Joe Orton <jorton@redhat.com> 2.0.52-7

  - fix cosmetic issues in "service httpd reload"
  - move User/Group higher in httpd.conf (#146793)
  - load mod_logio by default in httpd.conf
  - apachectl: update for correct libselinux tools locations

• Wed Nov 17 2004 Joe Orton <jorton@redhat.com> 2.0.52-6

  - add security fix for CVE CAN-2004-0942 (memory consumption DoS)
  - SELinux: run httpd -t under runcon in configtest (Steven Smalley)
  - fix SSLSessionCache comment for distcache in ssl.conf
  - restart using SIGHUP not SIGUSR1 after logrotate
  - add ap_save_brigade fix (upstream #31247)
  - mod_ssl: fix possible segfault in auth hook (upstream #31848)
  - add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677)
  - apachectl: restore use of $OPTIONS
  - apachectl, httpd.init: refuse to restart if $HTTPD -t fails
  - apachectl: run $HTTPD -t in user SELinux context for configtest
  - update for pcre-5.0 header locations

• Sun Nov 14 2004 Jeff Johnson <jbj@redhat.com> 2.0.52-5

  - rebuild against db-4.3.21 aware apr-util.

• Fri Nov 12 2004 Jeff Johnson <jbj@jbj.org> 2.0.52-4

  - rebuild against db-4.3-21.

• Wed Sep 29 2004 Joe Orton <jorton@redhat.com> 2.0.52-3

  - add dummy connection address fixes from HEAD
  - mod_ssl: add security fix for CAN-2004-0885

• Wed Sep 29 2004 Joe Orton <jorton@redhat.com> 2.0.52-2

  - update to 2.0.52