-
Tue Aug 15 2017 EL Errata <el-errata_ww@oracle.com> - 2.2.15-60.0.1.5
- replace index.html with Oracle's index page oracle_index.html
- update vstring in specfile
-
Wed Jul 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-60.5
- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw()
authentication bypass
- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection
in mod_auth_digest
-
Fri Jul 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-60.4
- Related: #1427675 - CVE-2016-8743 httpd: Apache HTTP Request Parsing
Whitespace Defects
-
Thu Jun 29 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-60.3
- Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
-
Tue Jun 20 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-60.2
- Resolves: #1463354 - segfault in ap_proxy_set_scoreboard_lb
-
Tue Jun 13 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-60.1
- Resolves: #1427675 - CVE-2016-8743 httpd: Apache HTTP Request Parsing
Whitespace Defects
-
Fri Dec 09 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-59
- Resolves: #1401694 - rotatelogs: creation of zombie processes when -p is used
-
Mon Nov 07 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-58
- Resolves: #1349546 - comments no longer allowed at the end of Allow
from statements and maybe other statements from mod_authz*
-
Mon Nov 07 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-57
- Resolves: #1356938 - mod_ssl install fails with a long hostname
-
Thu Nov 03 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-56
- Resolves: #1310582 - when ProxyErrorOverride is On, modcluster return
503 status code on subsequent requests
-
Thu Sep 08 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.2.15-55
- Resolves: #1372315 - ProxyRemote with HTTPS backend sends requests
with absoluteURI instead of abs_path
-
Tue Jul 12 2016 Joe Orton <jorton@redhat.com> - 2.2.15-54
- add security fix for CVE-2016-5387
-
Thu Feb 04 2016 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-53
- core: fix possible long graceful restart caused by race condition between
httpd children processes (#1301758)
-
Thu Jan 21 2016 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-52
- core: fix crash when handling interim response from backend (#1298866)
-
Thu Jan 14 2016 Joe Orton <jorton@redhat.com> - 2.2.15-51
- fix mod_rewrite external mapping program spawning (#1035230)
-
Wed Dec 16 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-50
- mod_ssl: fix hardware crypto support with custom DH parms (#1291658)
-
Tue Dec 15 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-49
- core: do not break API in AllowEncodedSlashes fix (#1002658)
-
Mon Nov 02 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-48
- core: backport NoDecode option of AllowEncodedSlashes (#1002658)
- mod_authz_host: disallow the '#' character in allow, deny (#1179911)
- mod_ssl: fix memory leak on httpd reloads (#1236515)
- mod_proxy: fix regression caused inherited workers to use a different
scoreboard slot then the original one (#1252574)
- mod_rewrite: allow running external mapping program as non-root (#1035230)
- mod_reqtimeout: fix a timed out connection going into the keep-alive state
after a timeout when discarding a request body (#1213967)
- core: fix possible crash in SIGINT handling (#1233109)
- mod_ssl: extend SSLSessionCacheTimeout to sessions resumed by TLS (#1190509)
- initscript: do not print error when stopping stopped httpd (#1189941)
- mod_ssl: fail for colons in credentials with FakeBasicAuth (#1027442)
- mod_proxy: add "proxy-flushall" env variable which reduces the impact
of caching 16K of the request body. (#952395)
- mod_ssl: Do not send SSL warning when SNI hostname is not found as per
RFC 6066 (#1289096)
-
Tue Aug 18 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-47
- fix regressions caused by fix for CVE-2015-3183
-
Mon Aug 10 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-46
- core: fix chunk header parsing defect (CVE-2015-3183)
-
Tue Mar 03 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-45
- mod_proxy_balancer: add support for "drain mode" (N) (#767130)
-
Fri Jan 23 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-44
- set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES (#1086771)
-
Fri Jan 23 2015 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-43
- revert DirectoryMatch patch from 2.2.15-40 (#1016963)
-
Fri Dec 19 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-42
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
-
Wed Dec 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-41
- fix compilation with older OpenSSL caused by misspelling in patch (#1162268)
-
Tue Dec 02 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-40
- mod_proxy: do not mix workers shared memory during graceful restart (#1149906)
- mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache
are used and SSL session is resumed (#1149703)
- mod_ssl: log revoked certificates at the INFO level (#1161328)
- mod_ssl: use -extensions v3_req for certificate generation (#906476)
- core: check the config file before restarting the server (#1146194)
- core: do not match files when using DirectoryMatch (#1016963)
- core: improve error message for inaccessible DocumentRoot (#987590)
- rotatelogs: improve support for localtime (#922844)
- mod_deflate: fix decompression of files larger than 4GB (#1057695)
- ab: fix integer overflow when printing stats with lot of requests (#1092419)
- ab: try all addresses instead of failing on first one when not available (#1125269)
- ab: fix read failure when targeting SSL server (#1045477)
- apachectl: support HTTPD_LANG variable from /etc/sysconfig/httpd (#963146)
- do not display "bomb" icon for files ending with "core" (#1069625)
-
Tue Aug 05 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-39
- mod_proxy: close client connection if the backend closes connection (#1111410)
-
Thu Jul 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-38
- mod_cgid: add security fix for CVE-2014-0231
- mod_deflate: add security fix for CVE-2014-0118
- mod_status: add security fix for CVE-2014-0226
-
Fri Jun 27 2014 Joe Orton <jorton@redhat.com> - 2.2.15-37
- mod_ssl: fix SSLCipherSuite (#1035818)
-
Mon Jun 23 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-36
- mod_ssl: Add a wildcard common name match (#1035666)
- mod_cache: avoid thundering herd (#1094990)
- mod_cgi: return error code 408 on timeout (#979129)
-
Mon Jun 23 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-35
- mod_proxy_http: cleanup bucket brigade even on error (#991556)
- add missing Reason-Phrase in HTTP response headers (#1032733)
- mod_ldap: fix crash in uldap_cache_getattrvals (#1048757)
-
Fri Jun 20 2014 Joe Orton <jorton@redhat.com> - 2.2.15-34
- mod_ssl: prevent use of AECDH (#1035818)
-
Fri Jun 20 2014 Joe Orton <jorton@redhat.com> - 2.2.15-33
- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1103115)
-
Thu Jun 19 2014 Joe Orton <jorton@redhat.com> - 2.2.15-32
- mod_ssl: adjust DH temp key selection, prefer larger and up to 8192-bit. (#1071883)
-
Tue Jun 10 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-31
- mod_proxy: fix bybusyness algorithm to balance the load after failed worker
has recovered (#972949)
- mod_proxy: ignore EINTR when polling in proxy_connect (#976644)
- mod_proxy_http: log "reading response" error to proper log file (#1012766)
- mod_ssl: add ECDH support (#1035818)
- mod_ssl: improve DH temp key handling (#1071883)
- mod_ssl: enable support at run-time for TLSv1.x with newer OpenSSL (#1034984)
- mod_ssl: fix crash when loaded for first time during the reload (#876626)
- mod_ssl: make lazy CRL caching configurable (#1037832)
- apachectl status: return exit code 3 when httpd is not running (#1077336)
-
Thu Mar 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-30
- mod_dav: add security fix for CVE-2013-6438 (#1078175)
- mod_log_config: add security fix for CVE-2014-0098 (#1078175)
-
Fri Aug 02 2013 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-29
- mod_dav: add security fix for CVE-2013-1896 (#991369)
-
Mon Apr 29 2013 Joe Orton <jorton@redhat.com> - 2.2.15-28
- mod_rewrite: add security fix for CVE-2013-1862 (#953729)
-
Thu Mar 07 2013 <jorton@redhat.com> - 2.2.15-27
- add security fixes for CVE-2012-3499, CVE-2012-4558 (#915883, #915884)
-
Wed Dec 05 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-26
- htcacheclean: exit with code 4 also for "restart" action (#805810)
-
Mon Dec 03 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-25
- htcacheclean: exit with code 4 if nonprivileged user runs initscript (#805810)
- rotatelogs: omit the second arg when invoking a post-rotate program (#876923)
-
Thu Nov 08 2012 Joe Orton <jorton@redhat.com> - 2.2.15-24
- mod_ssl: improved patch for mod_nss fallback (w/mharmsen, #805720)
-
Wed Nov 07 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-23
- mod_log_config: fix cookie parsing substring mismatch (#867268)
-
Mon Oct 22 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-22
- mod_cache: fix header merging for 304 case, thanks to Roy Badami (#868283)
- mod_cache: fix handling of 304 responses (#868253)
-
Thu Oct 18 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-21
- mod_proxy_ajp: ignore flushing if headers have not been sent (#853160)
- mod_proxy_ajp: do not mark worker in error state when one request
timeouts (#864317)
- mod_ssl: do not run post script if all files are already created (#752618)
-
Mon Oct 15 2012 Joe Orton <jorton@redhat.com> - 2.2.15-20
- add htcacheclean init script (Jan Kaluza, #805810)
-
Mon Sep 17 2012 Joe Orton <jorton@redhat.com> - 2.2.15-19
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
is not configured. (#805720)
-
Wed Sep 05 2012 Joe Orton <jorton@redhat.com> - 2.2.15-18
- add security fix for CVE-2012-2687 (#850794)
-
Mon Sep 03 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.15-17
- mod_proxy: allow change BalancerMember state in web interface (#748400)
- mod_proxy: Tone down "worker [URL] used by another worker" warning (#787247)
- mod_proxy: add support for "failonstatus" option (#824571)
- mod_proxy: avoid DNS lookup on hostname from request URI if
ProxyRemote* is configured (#837086)
- rotatelogs: create files even if they are empty (#757739)
- rotatelogs: option to rotate files into a custom location (#757735)
- rotatelogs: add support for -L option (#838493)
- fix handling of long chunk-line (#842376)
- add server aliases to "httpd -S" output (#833092)
- omit %posttrans daemon restart if
/etc/sysconfig/httpd-disable-posttrans exists (#833064)
- mod_ldap: treat LDAP_UNAVAILABLE as a transient error (#829689)
- ab: fix double free when SSL request fails in verbose mode (#837613)
- mod_cache: do not cache partial results (#822587)
- mod_ldap: add LDAPReferrals directive alias (#796958)
- mod_ssl: add _userID DN variable suffix for NID_userId (#842375)
- mod_ssl: fix test for missing decrypted private keys, and ensure that
the keypair matches (#848954)
- mod_authnz_ldap: set AUTHORIZE_* variables in LDAP authorization (#828896)
- relax checks for status-line validity (#853348)
-
Mon Feb 06 2012 Joe Orton <jorton@redhat.com> - 2.2.15-16
- add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031,
CVE-2011-3607 (#787599)
- obviates fix for CVE-2011-3638, patch removed
-
Thu Oct 06 2011 Joe Orton <jorton@redhat.com> - 2.2.15-15
- mod_proxy_ftp: fix handling of EPSV w/IPv6 localhost (#737960)
- core: add security fix for CVE-2011-3368 (#743659)
- mod_proxy_ajp: add security fix for CVE-2011-3348 (#738961)
- mod_cache: forward-port CacheMaxExpire "hard" option (#740242)
-
Wed Sep 28 2011 Joe Orton <jorton@redhat.com> - 2.2.15-14
- update to byterange patch (#736592)
-
Thu Sep 08 2011 Joe Orton <jorton@redhat.com> - 2.2.15-13
- add security fix for CVE-2011-3192 (#733063, #736592)
-
Mon Aug 08 2011 Joe Orton <jorton@redhat.com> - 2.2.15-12
- mod_ssl: ignore SNI hints unless required by config (#714704)
- mod_ssl: fix segfault with bad SSLCryptoDevice argument (#729585)
-
Tue Jul 26 2011 Joe Orton <jorton@redhat.com> - 2.2.15-11
- rebase mod_reqtimeout to 2.2.17 (#676634)
- mod_proxy_ajp: honour ProxyErrorOverride (#694939)
- mod_ssl: add fix for handling incomplete lines w/revproxy (#700074)
- mod_filter: fix matching against non-std response headers (#700075)
- core: abort() on malloc() failure (#700393)
- mod_ssl: fix startup crash w/client cert shared across vhosts (#720980)
-
Tue Jun 07 2011 Joe Orton <jorton@redhat.com> - 2.2.15-10
- mod_filter: fix test against non-standard response headers (#700075)
-
Fri Apr 08 2011 Joe Orton <jorton@redhat.com> - 2.2.15-9
- mod_ssl: complete fix for overlapping memcpy (#652335)
-
Mon Mar 21 2011 Joe Orton <jorton@redhat.com> - 2.2.15-8
- mod_ssl: fix compat with FIPS-enabled OpenSSL (#684144)
-
Thu Feb 24 2011 Joe Orton <jorton@redhat.com> - 2.2.15-7
- mod_ldap: fix caching with per-vhost directive use (#676635)
- mod_ssl: fix startup with duplicate SSL vhost configurations (#676831)
- prefork: ensure early child exit during graceful restart (#679476)
-
Mon Jan 31 2011 Joe Orton <jorton@redhat.com> - 2.2.15-6
- ab: fail gracefully for OOM allocating stats structures (#645846)
- init script: use $STOP_DELAY as delay before SIGKILL of parent (#657480)
- stop multiple invocations of filter init functions (#631849)
- mod_ssl: avoid overlapping memcpy (#652335)
- mark httpd.conf as noreplace
-
Fri Aug 13 2010 Joe Orton <jorton@redhat.com> - 2.2.15-5
- add security fix for CVE-2010-1452 (#618193)
-
Wed Jun 23 2010 Joe Orton <jorton@redhat.com> - 2.2.15-4
- use init script to rotate logs (#606955)
- disable keepalive for 100-continue and error response (#606964)
-
Tue May 25 2010 Joe Orton <jorton@redhat.com> - 2.2.15-3
- add "Satisfy All" for .htaccess in httpd.conf (#594981)
- adjust user/group creation in %pre (#594395)
- mod_ssl: tweak OID() evaluation of unknown exts (#594980)
-
Thu May 06 2010 Joe Orton <jorton@redhat.com> - 2.2.15-2
- init script fixes for LSB compliance (#546252)
* exit code 2 for an unknown script argument
* exit code 6 for a reload if config-test fails
* exit code 7 for a reload on a stopped service
* fixed help output to cover all options
- mod_dav: handle PUT failure more cleanly (#572911)
-
Thu Mar 11 2010 Joe Orton <jorton@redhat.com> - 2.2.15-1
- update to 2.2.15 (#570465, #570442)
- fix version string (#572140)
- mod_ssl: use ASN1_STRING_print() in SSLRequire's OID() (#552942)
- prevent use of rsync during "make install" (#557049)
- load mod_version by default in httpd.conf
-
Tue Feb 09 2010 Joe Orton <jorton@redhat.com> - 2.2.14-5
- mod_ssl: fix CVE-2009-3555 backport (#563119)
- mod_authnz_ldap: fix for dynamic group support
- mod_ssl: add SSLInsecureRenegotiation directive (#561435)
-
Thu Jan 14 2010 Joe Orton <jorton@redhat.com> - 2.2.14-4
- mod_ssl: add further mitigation for CVE-2009-3555
- drop proxy_ajp.conf
- update httpd.conf: decrease Timeout to 1m, update LoadModule
directives, bump worker to 4 proc/300clients
- fix hard-coded default pidfile to match default config (#547629)
- drop legacy X-Pad header from short responses (#526110)
- disable keepalive for Expect: 100-continue and error response (#533407)
- mod_ext_filter: fix spurious error log output (#479463)
- mod_rewrite: don't serialize logfile access (#493023)
- fix spurious error messages on graceful restart (#233955)
- mod_ssl: fix potential hang in renegotiation (#510515)
- mod_proxy_connect: support use SSL client connection (#523594)
-
Wed Dec 09 2009 Joe Orton <jorton@redhat.com> - 2.2.14-3
- add 'ServerTokens Full-Release' config option (#477006)
-
Tue Dec 08 2009 Joe Orton <jorton@redhat.com> - 2.2.14-2
- drop distcache support
-
Thu Dec 03 2009 Joe Orton <jorton@redhat.com> - 2.2.14-1
- update to 2.2.14
- relax permissions on /var/run/httpd (#495780)
- Requires(pre): httpd in mod_ssl subpackage (#543275)
- add partial security fix for CVE-2009-3555 (#533125)
-
Tue Sep 08 2009 Joe Orton <jorton@redhat.com> 2.2.13-2
- restart service in posttrans (#491567)
-
Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.2.13-2
- rebuilt with new openssl
-
Tue Aug 18 2009 Joe Orton <jorton@redhat.com> 2.2.13-1
- update to 2.2.13
-
Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.11-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
-
Tue Jun 16 2009 Joe Orton <jorton@redhat.com> 2.2.11-9
- build -manual as noarch
-
Tue Mar 17 2009 Joe Orton <jorton@redhat.com> 2.2.11-8
- fix pidfile in httpd.logrotate (thanks to Rainer Traut)
- don't build mod_mem_cache or mod_file_cache
-
Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.11-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
-
Thu Jan 22 2009 Joe Orton <jorton@redhat.com> 2.2.11-6
- Require: apr-util-ldap (#471898)
- init script changes: pass pidfile to status(), use status() in
condrestart (#480602), support try-restart as alias for
condrestart
- change /etc/httpd/run symlink to have destination /var/run/httpd,
and restore "run/httpd.conf" as default PidFile (#478688)
-
Fri Jan 16 2009 Tomas Mraz <tmraz@redhat.com> 2.2.11-5
- rebuild with new openssl
-
Sat Dec 27 2008 Robert Scheck <robert@fedoraproject.org> 2.2.11-4
- Made default configuration using /var/run/httpd for pid file
-
Thu Dec 18 2008 Joe Orton <jorton@redhat.com> 2.2.11-3
- update to 2.2.11
- package new /var/run/httpd directory, and move default pidfile
location inside there
-
Tue Oct 21 2008 Joe Orton <jorton@redhat.com> 2.2.10-2
- update to 2.2.10
-
Tue Jul 15 2008 Joe Orton <jorton@redhat.com> 2.2.9-5
- move AddTypes for SSL cert/CRL types from ssl.conf to httpd.conf (#449979)
-
Mon Jul 14 2008 Joe Orton <jorton@redhat.com> 2.2.9-4
- use Charset=UTF-8 in default httpd.conf (#455123)
- only enable suexec when appropriate (Jim Radford, #453697)
-
Thu Jul 10 2008 Tom "spot" Callaway <tcallawa@redhat.com> 2.2.9-3
- rebuild against new db4 4.7
-
Tue Jul 08 2008 Joe Orton <jorton@redhat.com> 2.2.9-2
- update to 2.2.9
- build event MPM too
-
Wed Jun 04 2008 Joe Orton <jorton@redhat.com> 2.2.8-4
- correct UserDir directive in default config (#449815)
-
Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 2.2.8-3
- Autorebuild for GCC 4.3
-
Tue Jan 22 2008 Joe Orton <jorton@redhat.com> 2.2.8-2
- update to 2.2.8
- drop mod_imagemap
-
Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 2.2.6-4
- Rebuild for openssl bump
-
Mon Sep 17 2007 Joe Orton <jorton@redhat.com> 2.2.6-3
- add fix for SSL library string regression (PR 43334)
- use powered-by logo from system-logos (#250676)
- preserve timestamps for installed config files
-
Fri Sep 07 2007 Joe Orton <jorton@redhat.com> 2.2.6-2
- update to 2.2.6 (#250757, #282761)
-
Sun Sep 02 2007 Joe Orton <jorton@redhat.com> 2.2.4-10
- rebuild for fixed APR
-
Wed Aug 22 2007 Joe Orton <jorton@redhat.com> 2.2.4-9
- rebuild for expat soname bump
-
Tue Aug 21 2007 Joe Orton <jorton@redhat.com> 2.2.4-8
- fix License
- require /etc/mime.types (#249223)
-
Thu Jul 26 2007 Joe Orton <jorton@redhat.com> 2.2.4-7
- drop -tools dependency on httpd (thanks to Matthias Saou)
-
Wed Jul 25 2007 Joe Orton <jorton@redhat.com> 2.2.4-6
- split out utilities into -tools subpackage, based on patch
by Jason Tibbs (#238257)
-
Tue Jul 24 2007 Joe Orton <jorton@redhat.com> 2.2.4-5
- spec file cleanups: provide httpd-suexec, mod_dav;
don't obsolete mod_jk; drop trailing dots from Summaries
- init script
* add LSB info header, support force-reload (#246944)
* update description
* drop 1.3 config check
* pass $pidfile to daemon and pidfile everywhere
-
Wed May 09 2007 Joe Orton <jorton@redhat.com> 2.2.4-4
- update welcome page branding
-
Tue Apr 03 2007 Joe Orton <jorton@redhat.com> 2.2.4-3
- drop old triggers, old Requires, xmlto BR
- use Requires(...) correctly
- use standard BuildRoot
- don't mark init script as config file
- trim CHANGES further
-
Mon Mar 12 2007 Joe Orton <jorton@redhat.com> 2.2.4-2
- update to 2.2.4
- drop the migration guide (#223605)
-
Thu Dec 07 2006 Joe Orton <jorton@redhat.com> 2.2.3-8
- fix path to instdso.sh in special.mk (#217677)
- fix detection of links in "apachectl fullstatus"
-
Tue Dec 05 2006 Joe Orton <jorton@redhat.com> 2.2.3-7
- rebuild for libpq soname bump
-
Sat Nov 11 2006 Joe Orton <jorton@redhat.com> 2.2.3-6
- rebuild for BDB soname bump
-
Mon Sep 11 2006 Joe Orton <jorton@redhat.com> 2.2.3-5
- updated "powered by Fedora" logo (#205573, Diana Fong)
- tweak welcome page wording slightly (#205880)
-
Fri Aug 18 2006 Jesse Keating <jkeating@redhat.com> - 2.2.3-4
- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc*
(#203001)
-
Thu Aug 03 2006 Joe Orton <jorton@redhat.com> 2.2.3-3
- init: use killproc() delay to avoid race killing parent
-
Fri Jul 28 2006 Joe Orton <jorton@redhat.com> 2.2.3-2
- update to 2.2.3
- trim %changelog to >=2.0.52
-
Thu Jul 20 2006 Joe Orton <jorton@redhat.com> 2.2.2-8
- fix segfault on dummy connection failure at graceful restart (#199429)
-
Wed Jul 19 2006 Joe Orton <jorton@redhat.com> 2.2.2-7
- fix "apxs -g"-generated Makefile
- fix buildconf with autoconf 2.60
-
Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.2.2-5.1
- rebuild
-
Wed Jun 07 2006 Joe Orton <jorton@redhat.com> 2.2.2-5
- require pkgconfig for -devel (#194152)
- fixes for installed support makefiles (special.mk et al)
- BR autoconf
-
Fri Jun 02 2006 Joe Orton <jorton@redhat.com> 2.2.2-4
- make -devel package multilib-safe (#192686)
-
Thu May 11 2006 Joe Orton <jorton@redhat.com> 2.2.2-3
- build DSOs using -z relro linker flag
-
Wed May 03 2006 Joe Orton <jorton@redhat.com> 2.2.2-2
- update to 2.2.2
-
Thu Apr 06 2006 Joe Orton <jorton@redhat.com> 2.2.0-6
- rebuild to pick up apr-util LDAP interface fix (#188073)
-
Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - (none):2.2.0-5.1.2
- bump again for double-long bug on ppc(64)
-
Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - (none):2.2.0-5.1.1
- rebuilt for new gcc4.1 snapshot and glibc changes
-
Mon Feb 06 2006 Joe Orton <jorton@redhat.com> 2.2.0-5.1
- mod_auth_basic/mod_authn_file: if no provider is configured,
and AuthUserFile is not configured, decline to handle authn
silently rather than failing noisily.
-
Fri Feb 03 2006 Joe Orton <jorton@redhat.com> 2.2.0-5
- mod_ssl: add security fix for CVE-2005-3357 (#177914)
- mod_imagemap: add security fix for CVE-2005-3352 (#177913)
- add fix for AP_INIT_* designated initializers with C++ compilers
- httpd.conf: enable HTMLTable in default IndexOptions
- httpd.conf: add more "redirect-carefully" matches for DAV clients
-
Thu Jan 05 2006 Joe Orton <jorton@redhat.com> 2.2.0-4
- mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)
-
Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
-
Wed Dec 07 2005 Joe Orton <jorton@redhat.com> 2.2.0-3
- strip manual to just English content
-
Mon Dec 05 2005 Joe Orton <jorton@redhat.com> 2.2.0-2
- don't strip C-L from HEAD responses (Greg Ames, #110552)
- load mod_proxy_balancer by default
- add proxy_ajp.conf to load/configure mod_proxy_ajp
- Obsolete mod_jk
- update docs URLs in httpd.conf/ssl.conf
-
Fri Dec 02 2005 Joe Orton <jorton@redhat.com> 2.2.0-1
- update to 2.2.0
-
Wed Nov 30 2005 Joe Orton <jorton@redhat.com> 2.1.10-2
- enable mod_authn_alias, mod_authn_anon
- update default httpd.conf
-
Fri Nov 25 2005 Joe Orton <jorton@redhat.com> 2.1.10-1
- update to 2.1.10
- require apr >= 1.2.0, apr-util >= 1.2.0
-
Wed Nov 09 2005 Tomas Mraz <tmraz@redhat.com> 2.0.54-16
- rebuilt against new openssl
-
Thu Nov 03 2005 Joe Orton <jorton@redhat.com> 2.0.54-15
- log notice giving SELinux context at startup if enabled
- drop SSLv2 and restrict default cipher suite in default
SSL configuration
-
Thu Oct 20 2005 Joe Orton <jorton@redhat.com> 2.0.54-14
- mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)
- add security fix for byterange filter DoS (CVE-2005-2728)
- add security fix for C-L vs T-E handling (CVE-2005-2088)
- mod_ssl: add security fix for CRL overflow (CVE-2005-1268)
- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
- add fix for dummy connection handling (#167425)
- mod_auth_digest: fix hostinfo comparison in CONNECT requests
- mod_include: fix variable corruption in nested includes (upstream #12655)
- mod_ssl: add fix for handling non-blocking reads
- mod_ssl: fix to enable output buffering (upstream #35279)
- mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)
-
Sat Aug 13 2005 Joe Orton <jorton@redhat.com> 2.0.54-13
- don't load by default: mod_cern_meta, mod_asis
- do load by default: mod_ext_filter (#165893)
-
Thu Jul 28 2005 Joe Orton <jorton@redhat.com> 2.0.54-12
- drop broken epoch deps
-
Thu Jun 30 2005 Joe Orton <jorton@redhat.com> 2.0.54-11
- mod_dav_fs: fix uninitialized variable (#162144)
- add epoch to dependencies as appropriate
- mod_ssl: drop dependencies on dev, make
- mod_ssl: mark post script dependencies as such
-
Mon May 23 2005 Joe Orton <jorton@redhat.com> 2.0.54-10
- remove broken symlink (Robert Scheck, #158404)
-
Wed May 18 2005 Joe Orton <jorton@redhat.com> 2.0.54-9
- add piped logger fixes (w/Jeff Trawick)
-
Mon May 09 2005 Joe Orton <jorton@redhat.com> 2.0.54-8
- drop old "powered by Red Hat" logos
-
Wed May 04 2005 Joe Orton <jorton@redhat.com> 2.0.54-7
- mod_userdir: fix memory allocation issue (upstream #34588)
- mod_ldap: fix memory corruption issue (Brad Nicholes, upstream #34618)
-
Tue Apr 26 2005 Joe Orton <jorton@redhat.com> 2.0.54-6
- fix key/cert locations in post script
-
Mon Apr 25 2005 Joe Orton <jorton@redhat.com> 2.0.54-5
- create default dummy cert in /etc/pki/tls
- use a pseudo-random serial number on the dummy cert
- change default ssl.conf to point at /etc/pki/tls
- merge back -suexec subpackage; SELinux policy can now be
used to persistently disable suexec (#155716)
- drop /etc/httpd/conf/ssl.* directories and Makefiles
- unconditionally enable PIE support
- mod_ssl: fix for picking up -shutdown options (upstream #34452)
-
Mon Apr 18 2005 Joe Orton <jorton@redhat.com> 2.0.54-4
- replace PreReq with Requires(pre)
-
Mon Apr 18 2005 Joe Orton <jorton@redhat.com> 2.0.54-3
- update to 2.0.54
-
Tue Mar 29 2005 Joe Orton <jorton@redhat.com> 2.0.53-6
- update default httpd.conf:
* clarify the comments on AddDefaultCharset usage (#135821)
* remove all the AddCharset default extensions
* don't load mod_imap by default
* synch with upstream 2.0.53 httpd-std.conf
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
- htdigest: fix permissions of created files (upstream #33765)
- remove htsslpass
-
Wed Mar 02 2005 Joe Orton <jorton@redhat.com> 2.0.53-5
- apachectl: restore use of $OPTIONS again
-
Wed Feb 09 2005 Joe Orton <jorton@redhat.com> 2.0.53-4
- update to 2.0.53
- move prefork/worker modules comparison to %check
-
Mon Feb 07 2005 Joe Orton <jorton@redhat.com> 2.0.52-7
- fix cosmetic issues in "service httpd reload"
- move User/Group higher in httpd.conf (#146793)
- load mod_logio by default in httpd.conf
- apachectl: update for correct libselinux tools locations
-
Tue Nov 16 2004 Joe Orton <jorton@redhat.com> 2.0.52-6
- add security fix for CVE CAN-2004-0942 (memory consumption DoS)
- SELinux: run httpd -t under runcon in configtest (Steven Smalley)
- fix SSLSessionCache comment for distcache in ssl.conf
- restart using SIGHUP not SIGUSR1 after logrotate
- add ap_save_brigade fix (upstream #31247)
- mod_ssl: fix possible segfault in auth hook (upstream #31848)
- add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677)
- apachectl: restore use of $OPTIONS
- apachectl, httpd.init: refuse to restart if $HTTPD -t fails
- apachectl: run $HTTPD -t in user SELinux context for configtest
- update for pcre-5.0 header locations
-
Sat Nov 13 2004 Jeff Johnson <jbj@redhat.com> 2.0.52-5
- rebuild against db-4.3.21 aware apr-util.
-
Thu Nov 11 2004 Jeff Johnson <jbj@jbj.org> 2.0.52-4
- rebuild against db-4.3-21.
-
Tue Sep 28 2004 Joe Orton <jorton@redhat.com> 2.0.52-3
- add dummy connection address fixes from HEAD
- mod_ssl: add security fix for CAN-2004-0885
-
Tue Sep 28 2004 Joe Orton <jorton@redhat.com> 2.0.52-2
- update to 2.0.52