- Sat Apr 19 2008 Michael Shigorin <mike@altlinux.org> 1.3.41rusPL30.23-alt4
- revisit #11053, complete the fix (thanks lakostis@ again)
- Sat Apr 19 2008 Michael Shigorin <mike@altlinux.org> 1.3.41rusPL30.23-alt3
- added monit support
- removed unpackaged sample configuration snippets
- cleaned up pod files packaged into both apache-mod_perl and mod_perl-doc
(left them in mod_perl-doc package only) - Mon Mar 31 2008 Michael Shigorin <mike@altlinux.org> 1.3.41rusPL30.23-alt2
- rediffed/applied 1.3.23 patch by Alex Pinzhenin
to limit
mod_rewrite looping potential by putting a cap on internal redirect
count (50 by default) and RewriteRule-per-query count (300 by default);
http://www.opennet.ru/base/patch/mod_rewrite_loop.txt.html
http://www.lexa.ru/apache-talk/msg06354.html - Sat Jan 19 2008 Michael Shigorin <mike@altlinux.org> 1.3.41rusPL30.23-alt1
- 1.3.41 contains security fix for:
+ CVE-2007-6388: mod_status: ensure refresh parameter is numeric to prevent
a possible XSS attack caused by redirecting to other URLs)
- 1.3.40 (unreleased) contains security fixes for:
+ CVE-2007-5000: mod_imap: fix cross-site scripting issue
+ CVE-2007-3847: mod_proxy Windows/NetWare-specific DoS
+ CVE-2007-3304: more efficient patch, also fixes bogus "Bad pid" errors
- http://www.apache.org/dist/httpd/CHANGES_1.3.41 for details
- updated EAPI to hand-made 2.8.30a with build fix kindly sent in
by Dan Muey(rolled into EAPI tarball by me;
releasing as 2.8.30a-1.3.41 along with mod_ssl) - Wed Oct 3 2007 Michael Shigorin <mike@altlinux.org> 1.3.39rusPL30.23-alt2
- modify packaged httpd.conf to disable directory autoindexing by default
(/home/*/public_html stay indexed though); you might want to reconsider
that in case the configuration wasn't touched at all (thus will be replaced
during package upgrade) but directory indexes are needed (fixes #12898,
thanks Timur Batyrshinfor proposal/discussion/patch) - Thu Sep 13 2007 Michael Shigorin <mike@altlinux.org> 1.3.39rusPL30.23-alt1
- 1.3.39 merges security fixes for:
+ CVE-2006-5752: possible XSS attack against mod_status
(exploitation requires public server-status page and ExtendedStatus enabled
and a browser which performs charset "detection")
+ CVE-2007-3304: ensure that the parent process cannot be forced to kill
non-child processes by checking scoreboard PID data with parent process
privately stored PID data [this one was fixed by a patch before]
- upstream mime.types updated to current IANA registry and common unregistered
types that the owners refuse to register (see apache-mime.types.default)
- icons/README.html instead of icons/small/README.txt
- there was no Apache 1.3.38
- updated EAPI to 2.8.30 - Thu Aug 30 2007 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.23-alt6
- changed conftest() usage in initscript so that running processes
which are still using valid configuration wouldn't be terminated
if current configuration test fails; thanks nginx.init by mithraen@
for bringing this to my attention - Tue Jul 31 2007 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.23-alt5
- merged security fix from RHEL2.1 (RH#245116):
+ CVE-2007-3304 (DoS by referencing an arbitrary process ID in scoreboard
which then gets SIGUSR1 from master process; requires scripting ability) - Tue Jun 26 2007 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.23-alt4
- verified and disambiguated mime types; thanks Denis Smirnov (mithraen@)
for a linter pass (fixes: #12141, #11461) - Fri Apr 6 2007 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.23-alt3
- rebuilt against recent libmm
- Thu Mar 29 2007 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.23-alt2
- added minimal patch for mod_perl aimed at fixing CVE-2007-1349:
DoS possibility with specially crafted requests in "PerlRun.pm"
that uses the "path_info" variable without properly escaping it;
thanks Randal L. Schwartz (merlyn stonehenge com) for a patch
(seems to be also in mod_perl SVN)
- NB: mod_perl 1.30 is released but differs quite significantly,
no time to fix/build/test properly - Mon Mar 12 2007 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.23-alt1
- updated RA to PL30.23
- wrapped LogFormat in default httpd{,-perl}.conf with IfModule
(#11053; lakostis@ proposed to borrow from apache2 package) - Fri Dec 22 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt9
- disable httpd, httpd-perl services startup by default:
that might lead to undesired consequences in case of
"accidentally" installed packages and/or forgetting
about them while configuring services; see also [ru]:
http://lists.altlinux.org/pipermail/devel/2006-December/039909.html - Thu Nov 23 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt8
- bring SysV vhosts configuration support to mod_perl part of apache
(thanks Alexey I. Froloff (raorn@) for nice #10308):
+ httpd-perl.conf: Include conf/vhosts/Vhosts-perl.conf
+ add vhosts/Vhosts-perl.conf and vhosts-perl.d/
- got back some changes from alt6 (reverted wholesale in alt7):
+ removed remnants of libdb1
+ fixed gdbm support for mod_rewrite
+ move server child hard limit constant to a macro
(still 1024 by default, just as in patch9 still left
in src.rpm just in case too but not applied anymore)
(the bug was #5748, for reference)
- added TUNING.ALT file with tips on performance tuning
(regarding #5748 again)
- minor spec cleanup (more intrusive one pending) - Sat Oct 21 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt7
- roll back alt6* changes since they are too intrusive by now,
those who need log files or static content larger than 2Gb
are advised to rotate logs, use nginx for downloads, or look
at https://bugzilla.altlinux.org/show_bug.cgi?id=9382 for
working, but resulting in binary incompatible apache, spec
- added hint on mod_rewrite/mod_security order to default httpd.conf - Tue Oct 17 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt6.1
- few more feeble tweaks at LFS (these will likely fail -- upstream
seems to have had hostile enough stand to "that 1.3 being preferred
to 2.0" to break former ways of enabling LFS on it, telling people
should wait until 2.2; see also apache bugs #17453, #36417) - Sun Oct 15 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt6
- scalability improvements:
+ support large logfiles (>2Gb) by default (#9382);
thanks eostapets@ for alarm and raorn@ for sample spec
+ hopefully fixed gdbm support for mod_rewrite (by raorn@
in the same stripped-down/fixed-up spec)
+ move server child hard limit constant to a macro
(still 1024 by default, just as in patch9 still left
just in case too)
- s/libdb1-devel/libdb4-devel/ (might break 2.2 build?)
- folks, I need proposals on #2907... - Sat Oct 14 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt5
- added application/x-java-jnlp-file, application/x-xpinstall
to mime.types (courtesy of zerg@, see bug #10088)
- added commented-out example of editor backup file protection
to default httpd.conf, httpd-perl.conf (#8489) - Sat Sep 30 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt4.1
- oops, ServerSignature was really belonging to later
section (and "off" was overridden with "on" there");
thanks to Pavel Usischevfor #10055 - Tue Sep 26 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt4
- implement bugchancement #10038 (ServerSignature Off;
ServerTokens ProductOnly in default configuration)
thanks thresh@ and hiddenman@ for reminder - Fri Sep 1 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt3
- fix #9928 (default mod_realip.conf); thanks vvk@
- Wed Aug 16 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt2
- NameVirtualHost-related fix for default sample configuration
(what a shame on me!, and thanks Pavel Usischev for #8385) - Sat Aug 5 2006 Michael Shigorin <mike@altlinux.org> 1.3.37rusPL30.22-alt1
- 1.3.37
+ security fix for CVE-2006-3747:
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling. For some RewriteRules this could lead to a pointer being
written out of bounds. Reported by Mark Dowd of McAfee. - Mon Jun 19 2006 Michael Shigorin <mike@altlinux.org> 1.3.36rusPL30.22-alt1
- 1.3.36
+ security fixes merged upstream (patch96 removed)
+ 1.3.35 was lucky enough to get missed (regression reported,
and fixes were irrelevant to this package ayways) - Tue Mar 21 2006 Dmitry V. Levin <ldv@altlinux.org> 1.3.34rusPL30.22-alt4
- Applied additional fixes required for ld --as-needed.
- Added build time check for unresolved symbols in DSOs.
- Replaced macros for standard unix commands with commands themselves. - Mon Mar 20 2006 Michael Shigorin <mike@altlinux.org> 1.3.34rusPL30.22-alt3
- applied joint fixes by Denis Smirnov (mithraen@) and Dmitry Levin (ldv@):
+ Fixed building with -Wl,--as-needed.
+ Quoted macros in changelog.
- thanks! - Wed Jan 25 2006 Michael Shigorin <mike@altlinux.org> 1.3.34rusPL30.22-alt2
- security fix for CVE-2005-3352:
+ cross-site scripting (XSS) vulnerability in the mod_imap module of Apache
httpd before 1.3.35-dev allows remote attackers to inject arbitrary web
script or HTML via the Referer when using image maps.
+ patch taken from Debian - Thu Oct 27 2005 Michael Shigorin <mike@altlinux.org> 1.3.34rusPL30.22-alt1
- 1.3.34
- official security fixes:
+ CVE-2005-2088: If a request contains both Transfer-Encoding and
Content-Length headers, remove the Content-Length, mitigating some HTTP
Request Splitting/Spoofing attacks.
+ Added TraceEnable [on|off|extended] per-server directive to alter the
behavior of the TRACE method.
+ please note that CAN-2005-2088 fix (patch95) was already included
in 1.3.33rusPL30.20-alt4
- added default localhost configuration for mod_realip;
thanks Denis Smirnov (mithraen@)
- updated EAPI to 2.8.25
- updated RA to PL30.22 - Wed Oct 19 2005 Alexey Gladkov <legion@altlinux.ru> 1.3.33rusPL30.20-alt6
- NMU: rpm macros fix.
- Mon Oct 3 2005 Michael Shigorin <mike@altlinux.org> 1.3.33rusPL30.20-alt5
- Mon Oct 03 2005 Artem K. Jouravsky
1.3.33rusPL30.20-alt5
+ added mod_accel to current builds; off by default (#8029)
+ removed SMP incompatible build - Thu Sep 8 2005 Michael Shigorin <mike@altlinux.org> 1.3.33rusPL30.20-alt4
- added SVN patch for CAN-2005-2088 security vulnerability:
when acting as an HTTP proxy, Apache 1.3 allows remote attackers to poison
the web cache, bypass web application firewall protection, and conduct XSS
attacks via an HTTP request with both a "Transfer-Encoding: chunked" header
and a Content-Length header, which causes Apache to incorrectly handle and
forward the body of the request in a way that causes the receiving server
to process it as a separate HTTP request, aka "HTTP Request Smuggling."
+ thanks for SVN pointer to Ubuntu
- fixed small port-related problem in sample Vhosts.conf
(thanks Alexey Borovskoy (alb@) for notify/fix; also in alt3.M24.1) - Fri Sep 2 2005 Michael Shigorin <mike@altlinux.org> 1.3.33rusPL30.20-alt3
- whoops, README.ALT wasn't getting packaged (updated too)
- altlinux-release build dependency appears illegal
(long unneeded though)
- Wed Aug 24 2005 Michael Shigorin
+ exchanged httpd and httpd-perl startup/shutdown order;
see README.ALT for further details on mod_perl setup (#4994, #6437)
thanks combr@, tma@, solo@, Ivan Adzhubey for discussion and fixes
(you *will* need to chkconfig them on for this to apply)
+ rolled back #2928 workarounds (should be unneeded)
+ hard kill remaining processes after normal stop() part
+ fixed #6351 (delaycompress in logrotate; may influence #3153)
thanks dfo@, sorry ldv@
+ fixed a transition bug in /etc/init.d/httpd::conftest()
+ UseCanonicalName Off in httpd{,-perl}.conf (#7704)
+ updated and extended README.ALT
- Thu Feb 17 2005
+ added missing NameVirtualHost directive to default Vhosts.conf
- Sat Feb 12 2005
+ Vhosts.conf thinko fix suggested by Alexey Morozov (morozov@)
(Aug 24: could have lost that.... can't remember details now)
- Sat Jan 29 2005
+ macros extended (see README.ALT); also #1735, #5634, #5989
+ re-fixed #4235 (weird hostname hack)
+ implemented separate TMPDIR (addon modules should follow) (#5989)
+ disabled mod_charset for mod_perl (hm... #2941-related)
+ commented out "AddDefaultCharset iso8859-1" by default (#5754)
+ added %apache_vhostdir and %apache_vhconfdir (#5634)
+ upped HARD_SERVER_LIMIT from 256 to 1024 (#5748; needs additional
/etc/security/limits.conf tweaking to actually happen)
+ changed %suexec_docroot from /home to /var/www (#2461)
+ changed suexec binary permissions (see #5309)
from 4711 root:root
to 4710 root:apache
+ changed TMPDIR in initscripts to use more specific location than /tmp
so that you can restrict apache access to that by ACL and further
configure php and other software running as apache (#5989)
+ added patch to consult POSIX ACLs on CGI execution decision
(#4987; disabled by default, build --with acl_support to enable) - Mon Dec 20 2004 Denis Smirnov <mithraen@altlinux.ru> 1.3.33rusPL30.20-alt2
- mod_realip added
- Tue Nov 2 2004 Michael Shigorin <mike@altlinux.ru> 1.3.33rusPL30.20-alt1
- 1.3.33 (minor security fixes)
- security fixes officially released (patch93 removed)
- reverse proxy functionality restored (broken in 1.3.32 -- #5435);
thanks to Leonid Shalupovfor alerting
- added htpasswd patch by Larry Cashdollar
(unchecked buffer operations; not much of an issue though) - Wed Oct 27 2004 Michael Shigorin <mike@altlinux.ru> 1.3.32rusPL30.20-alt2.1
- fixed build w/o mod_deflate in addition to -alt2 security fixes
(thanks to Alexey Beleckiy) - Sat Oct 23 2004 Michael Shigorin <mike@altlinux.ru> 1.3.32rusPL30.20-alt2
- updated security fixes (CAN-2004-0940):
mod_include.c patch from CVS (1.3.33-dev)
thanks to Vladimir Lettiev (crux@) for reminding
- see also changelog entry for alt1 (CAN-2004-0492) - Fri Oct 22 2004 Michael Shigorin <mike@altlinux.ru> 1.3.32rusPL30.20-alt1
- 1.3.32 (security fixes)
- CAN-2004-0492 (cve.mitre.org):
Reject responses from a remote server if sent an invalid (negative)
Content-Length.
- added fix off/for http://www.securitylab.ru/48807.html;
thanks to Vladimir Lettiev (crux@) for alerting and verifying
- removed log directory cleanup after package deinstallation
(seems like a bad practice) - Mon Aug 16 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt10
- fixed #5002 (wrong perms on apache-common binaries excl. sample cgi-bin/*),
thanks Vladimir Lettiev (crux@) for notifying! - Fri Aug 6 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt9
- re-fixed #4235. distributed sourcedir can be evil...
- fixed #1735 (Include conf/addon-modules.d/*.conf), thanks to
Igor Muratov (migor@) for buggin' me on this long-standing topic - Thu Jul 22 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt8
- fixed #4859 (webmaster group could be absent at apache-common installation)
thanks to Alexander Kuprin (ru_classic mail ru)
- tightened permissions on /etc/httpd/conf and /var/www/icons/ as per
Dmitry Levin's request (#2920) -- please use "webmaster" group for
content/configuration access and "apache" group for log access - Wed Jul 7 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt7
- fixed #4719 (build condition for M22);
thanks to Pavel Usishev - Tue Jun 29 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt6
- fixed remnants of older internal subpackage versioning
which barred mod_perl-doc installation; thanks to Dmitry Levin (ldv@) - Mon Jun 28 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt5
- finally fixed #3153 (log rotation), thanks to Dmitry Levin (ldv@)
- partially reverted group change introduced in 1.3.28rusPL30.18-alt2:
/var/log/httpd permissions changed (#2920)
from 750,root,webmaster
to 750,root,apache
- reworked initscript style detection routine along ldv's advice
as relying on "Master" in /etc/altlinux-release for old-style seems
to be getting to the point of being wrong ;-)
- added mod_deflate to current builds; off by default (#2905)
- fixed altlinux.html
- /var/www/html/*.gif and /var/www/cgi-bin/* are now
%config(noreplace); added /var/www/html/README.txt (#3715) - Thu Jun 17 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt4
- fixed default httpd{-perl,}.conf regarding Ukrainian charsets and content
preferences; see http://lists.osdn.org.ua/wws/arc/linux/2004-06/msg00103.html,
thanks to Bohdan Vlasyuk - Thu Jun 10 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.20-alt3
- fixed mod_proxy security issue; thanks to Dmitry Levin (ldv@) for
alert/patch. Details at http://www.guninski.com/modproxy1.html
- fixed "forced localhost" problem (#4235) -- forward-ported the missing part
from previous initscripts (irrelevant for M22 build)
- RA to PL30.20 (small Referer-related httpd.conf-dist fixes only) - Fri May 14 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.19-alt2
- fixed ALM2.2 build (release inconsistency barring installation)
- for secfix list see -alt1 changelog record - Wed May 12 2004 Michael Shigorin <mike@altlinux.ru> 1.3.31rusPL30.19-alt1
- 1.3.31 (security fixes for: CAN-2003-0020, CAN-2003-0987, CAN-2004-0174,
CAN-2003-0993)
- updated mod_ssl/EAPI to 2.8.17 (for 1.3.31)
- updated RA patch to PL30.19 (for 1.3.29)
- updated mod_perl to 1.29 (minor fixes)
- updated patch1
- refreshed build reqs; put perl-DBM to Sisyphus req branch - Wed Mar 31 2004 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt6
- fixed thinko in 1.3.29rusPL30.18-alt3's changelog (s/gorev/horror/)
- Sun Mar 14 2004 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt6
- hopefully fixed #3153, thanks to Dmitry Alexeyev
- Sat Feb 14 2004 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt5
- rebuilt against libdb4.2
- Wed Jan 28 2004 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt4
- brought back new and improved ugly hack (since perl and rpm compare
1.1701 and 1.27 in different the only right ways) - Mon Jan 19 2004 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt3
- clarified service version dependency for Sisyphus build
(#3245; thanks to Andy Gorev (horror@) for investigation)
- added missing /usr/lib/perl5/vendor_perl/i386-linux/cgi_to_mod_perl.pod
to mod_perl-doc
- rebuilt against recent perl (#3507) - Sun Nov 2 2003 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt2
- applied CAN-2003-0020 fix (still not in ASF tree; thanks Dmitry Levin (ldv@)
for implicit notice and PLD CVS for the patch file)
- updated EAPI to 2.8.16
- introduced %apache_conf macro (for /path/to/httpd.conf) - Tue Oct 28 2003 Michael Shigorin <mike@altlinux.ru> 1.3.29rusPL30.18-alt1
- 1.3.29 (major security fixes)
- fixes CAN-2003-0542:
Fix buffer overflows in mod_alias and mod_rewrite which occurred if
one configured a regular expression with more than 9 captures.
- 1.3.28rusPL30.18-alt9 didn't really *apply* no_zombies.patch. Oops.
Still 1.3.29 has similar change there so should be fixed either. - Wed Oct 22 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt9
- FIX:
appled http://apache.org/dist/httpd/patches/apply_to_1.3.28/no_zombies.patch,
thanks to Alexey Tourbin (at@) and Alexey Chekushkin
(should eliminate CGI Zombies with suExec, cgiwrap and others) - Sat Oct 18 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt8
- fixed %_sysconfdir/rpm/macros.d/apache (thanks to Alexey Gladkov (legion@)
for proper file this time) - Mon Oct 13 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt7
- fixed #3153 (thanks to Sergey Pinaev
):
/etc/init.d/httpd::reload() was broken - Tue Oct 7 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt6
- added %_sysconfdir/rpm/macros.d/apache (#2463/enhancement);
needed that for different packages for a long time, thanks for
initial contents to Alexey Gladkov (legion@)
- removed versioning in perl(mod_perl.pm) provision - Sun Sep 28 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt5
- added Provides: perl(mod_perl.pm) to apache-mod_perl
(should probably seperate extra modules to devel
and run proper find-requires?) - Thu Sep 25 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt4
- updated buildrequires (fix hasher build)
- Thu Sep 11 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt3
- fixed old-style initscripts for both httpd and httpd-perl (#2950)
(NB: no changes in Sisyphus initscripts)
- s,/usr/local/apache,/etc/httpd,g in manpages (TODO)
- changed startup/shutdown order from "85 15" to "81 14" in
httpd-perl initscripts so that it starts close after httpd (80)
and stops just before it (15). This fixes spurious message due
to #2928 fix (the problem didn't manifest but was here). - Wed Sep 3 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt2
- please see changelog for 1.3.28rusPL30.18-alt1
as more important changes are there
- commented out AddModule mod_charset.c in default config (#2941)
(in fact, "CharsetDisable On" already keeps it off, but server
tag would still mention RA and confuse some curious users)
- moved (thanks to pilot@ for notice):
* /etc/rc.d/init.d/httpd and /usr/sbin/apachectl
from apache-common to apache
* /usr/sbin/apachectl-perl
from apache-common to apache-mod_perl
- /var/log/httpd permissions changed (#2920)
from 3770,root,apache
to 750,root,webmaster
- /var/cache/httpd permissions changed (#2921)
from 750,apache_user,webmaster
to 2770,root,apache
- apache.logrotate cleanup/fix:
* changed "service httpd reload" to use condreload
* changed create mode from 0664 root.apache to 0644 root.apache
- httpd.init.Sisyphus now checks for some situations involving httpd-perl
when silent breakage could occur and issues warnings (#2928)
- spec cleanup:
* switched Url from http://apache.lexa.ru to http://httpd.apache.org:
focus isn't on RA anymore (left in index.shtml.ru* though)
* s|%_var/cache|%_cachedir|g and similar macro updates
(ALM2.2 compatible)
* removed osolete comment-outs:
+ 1.3.23's mod_proxy dance
+ specific treatment of mod_include (generic by now)
+ Obsoletes: secureweb-devel from devel subpackage - Sun Aug 31 2003 Michael Shigorin <mike@altlinux.ru> 1.3.28rusPL30.18-alt1
- 1.3.28 / RA 30.18
- Major Bugfixes (TM)
- WARNING: VU#379828 (addressed) is suspected to be exploitable
- updated EAPI to 2.8.15
- fixed mod_long_name problem in apxs (by Denis Ovsienko;
updated to 1.3.28 and merged into Patch1)
- added %add_findprov_lib_path
- APACHE_HEADER_INSTALL=1 now (#917, #2373)
- workaround for careless: %config(noreplace) /var/www/html/*html*
(#1067, #2510; see also bug comments for proper solution)
- fixed includedir substitution for apxs-perl (#1254)
- *major* revamp of mime.types file (#1331, #2468, #2848)
(also moved 'application/x-tar' entry there from httpd.conf)
- implemented autodetected / manual distro setting to package initscripts
for both ALM2.2 (maintenance builds) and Sisyphus (implementation based
somewhat on aureal-std-up.spec by Alexey Morozov)
- /etc/httpd/conf/httpd.conf::DirectoryIndex += index.rbx
- spec cleanup:
* updated BuildRequires
* fixed Source1 URL typo
* proper %SOURCEs instead of poking around in RPM_SOURCE_DIR (%install) - Tue Nov 26 2002 Dmitry V. Levin <ldv@altlinux.org> 1.3.27rusPL30.16-alt13
- Replaced mdk-mkstemp patch with openbsd-tmp, better optimized one.
- Fri Nov 1 2002 Stanislav Ievlev <inger@altlinux.ru> 1.3.27rusPL30.16-alt12
- rebuild with new perl
- Mon Oct 21 2002 Dmitry V. Levin <ldv@altlinux.org> 1.3.27rusPL30.16-alt11
- /etc/rc.d/init.d/httpd: use full path (/usr/sbin/httpd).
- /var/log/httpd: changed permissions to %attr(3770,root,apache).
- /etc/logrotate.d/apache: added directives:
+ sharedscripts;
+ create 0664 root apache. - Thu Oct 10 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.27rusPL30.16-alt10
- Fixed:
+ access rights for /var/www/icons/small - Tue Oct 8 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.27rusPL30.16-alt9
- Security update 1.3.27
- Updated:
+ mod_proxy has been updated to 1.3.27 as well (passes same test suite as 1.3.23's one)
+ mod_perl to 1.27
+ EAPI to 2.8.10 (fixed to be compatible with 1.3.27) - Fri Aug 9 2002 Stanislav Ievlev <inger@altlinux.ru> 1.3.23rusPL30.11-alt8.1
- fixed permisions in mod_perl subpackage
- Tue Jun 18 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt8
- Fixed:
+ Apache httpd: vulnerability with chunked encoding (next round)
+ Fix RA patch to suit chunked fixes
+ explicit TMPDIR=/tmp - Mon Jun 17 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt7
- Fixed:
+ Apache httpd: vulnerability with chunked encoding - Wed Apr 3 2002 Dmitry V. Levin <ldv@alt-linux.org> 1.3.23rusPL30.11-alt6
- Fixed db4 build support.
- Build with db4.
- Build without bind-devel. - Tue Feb 26 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt5
- Updated:
+ EAPI up to 2.8.7 [fixed potential buffer overflow in mod_ssl] - Fri Feb 22 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt4
- Fixed:
+ Configure option SHARED_CORE rule must be exclusive
for non-mod_perl Apache only (#0000644)
+ Changed (finally) links and logo to ALT Linux - Thu Feb 21 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt3
- Added:
+ SHARED_CORE (libhttpd.so) for Kylix2 Enterprise compatibility
- Reverted:
+ mod_proxy to 1.3.22 state (includes partial EAPI revert)
- spec clean ups - Thu Feb 21 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt2
- Fixed:
+ return codes for 'status' in service scripts - Fri Feb 8 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.23rusPL30.11-alt1
- 1.3.23 / RA 30.11 / EAPI 2.8.6
- APXS moved to apache-common - Thu Jan 24 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.22rusPL30.9-alt4
- Fixed:
+ Non-blocked CharsetDisable directive in httpd.conf (#0000441) - Mon Jan 14 2002 Alexander Bokovoy <ab@altlinux.ru> 1.3.22rusPL30.9-alt3
- Fixed:
+ mod_proxy bug (Andrey Orlov) - Thu Nov 15 2001 Alexander Bokovoy <ab@altlinux.ru> 1.3.22rusPL30.9-alt2
- Fixed:
+ httpd-perl.conf: Multi language documentation
+ httpd-perl.conf: server side parsed html
+ httpd-perl.conf: enabled mod_negotiation in non-proxied mode - Wed Oct 24 2001 Alexander Bokovoy <ab@altlinux.ru> 1.3.22rusPL30.9-alt1
- 1.3.22
- Russian Apache PL30.9
- EAPI 2.8.5
- Fixed start up scripts to use sed/tr (PR #0000093)
- Fixed start up script for mod_perl (PR #0000036)
- Fixed typo in Russian summary for mod_perl (PR #0000057) - Mon Sep 24 2001 Dmitry V. Levin <ldv@altlinux.ru> 1.3.20rusPL30.5-alt2
- Removed duplicated entry of /etc/httpd/conf/addon-modules/proxied_handlers.pl
from apache-common subpackage.
- Built with db3-3.3.11. - Wed Aug 1 2001 Alexander Bokovoy <ab@altlinux.ru> 1.3.20rusPL30.5-alt1
- New RA patch
- New mod_perl - Wed Jul 25 2001 Dmitry V. Levin <ldv@altlinux.ru> 1.3.20rusPL30.4-alt5
- Rebuilt with new perl.
- Mon Jun 25 2001 Dmitry V. Levin <ldv@altlinux.ru> 1.3.20rusPL30.4-alt4
- Rebuilt with perl-5.6.1
- Mon Jun 4 2001 Dmitry V. Levin <ldv@altlinux.ru> 1.3.20rusPL30.4-alt3
- Fixed permissions on /var/www/html.
- Fri Jun 1 2001 Dmitry V. Levin <ldv@altlinux.ru> 1.3.20rusPL30.4-alt2
- Fixed permissions in /var/www.
- Updated init and %post/%preun scripts. - Mon May 21 2001 Alexander Bokovoy <ab@avilink.net> 1.3.20rusPL30.4-alt1
- New Apache version
- Updated:
+ EAPI - 2.8.4
+ CharsetDisable On is set by default
- Fixed:
+ initial fix for permissions in /var/www
+ dependency for apache-suexec fixed - Sun Apr 15 2001 Alexander Bokovoy <ab@avilink.net> 1.3.19rusPL30.4-ipl4mdk
- Introducing EAPI to Apache+mod_perl build
- Fixed:
+ logrotate now uses /sbin/service to access httpd and httpd-perl control scripts - Sun Mar 18 2001 Alexander Bokovoy <ab@avilink.net> 1.3.19rusPL30.4-ipl3mdk
- Disabling expat again
- Sat Mar 17 2001 Alexander Bokovoy <ab@avilink.net> 1.3.19rusPL30.4-ipl2mdk
- Updated:
+ SGI patches took out due unsupported state and many conflicts with 1.3.19
+ httpd.conf (SingleListen unsupported now)
- Fixed:
+ Apache owner/group are apache/apache, not nobody/nobody for httpd.conf/httpd_perl.conf - Mon Mar 12 2001 Alexander Bokovoy <ab@avilink.net> 1.3.19rusPL30.4-ipl1mdk
- Updated:
+ EAPI 2.8.1
+ RA PL30.4
- Fixed:
+ index.php3 added to the set of index files
+ README.EAPI added to apache-common documentation
+ Use system-wide Expat library - Mon Mar 5 2001 Alexander Bokovoy <ab@avilink.net> 1.3.19rusPL30.3-ipl1mdk
- Updated:
+ new Apache version
+ 10xpatch ported to 1.3.19 as well as some other patches which were out of sync with Apache source - Tue Feb 13 2001 Alexander Bokovoy <ab@avilink.net> 1.3.17rusPL30.3-ipl8mdk
- Fixed:
+ logrotate for Apache
+ Documentation for mod_perl
- Updated:
+ mod_perl up to 1.25
- Removed:
+ automatic Apache start - Thu Feb 8 2001 Alexander Bokovoy <ab@avilink.net> 1.3.17rusPL30.3-ipl7mdk
- Updated:
+ Official Russian Apache PL30.3
- Fixed
+ SGI patch
+ buffered logs
+ Fallback to mod_perl 1.24_01
+ Symlinks to manual - Sat Feb 3 2001 Mikhail Zabaluev <zabaluev@parascript.com> 1.3.17rusPL30.0-ipl6mdk
- Updated:
+ EAPI 2.8.0
+ mod_perl 1.25
- Added:
+ fix for insecure tempfile creation in htpasswd and htdigest,
by Vincent Danen, Mandrakesoft - Thu Feb 1 2001 Alexander Bokovoy <ab@avilink.net> 1.3.17rusPL30.0-ipl5mdk
- Typo fix in httpd.conf
- ra_powered.gif - Wed Jan 31 2001 Alexander Bokovoy <ab@avilink.net> 1.3.17rusPL30.0-ipl4mdk
- Port to 1.3.17, most patches refreshed
- new httpd.init, http-perl.init - Wed Dec 6 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.14rusPL30.0-3mdk_mhz
- Added:
+ auto-dependencies (provides) built for perl
- Updated:
+ new, super-robust apxs patch
+ updated init script
+ minor fixes in httpd.conf, protected httpd-perl status from the outside
+ cleaned up spec, ru -> ru_RU.KOI8-R
+ provides pseudo-package 'russian-apache' including patchlevel - Thu Nov 16 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.14rusPL30.0-2mdk_mhz
- ported 10xpatch for 1.3.14
- changed mod_log_config_buffered patch to apply at the prep stage - Thu Oct 26 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.14rusPL30.0-1mdk_mhz
- Thee experimental PL30.0
- Wed Oct 25 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.14rusPL29.9-1mdk_mhz
- Apache 1.3.14, EAPI 2.7.1, mod_rewrite patch
- used the last Russian patch considered to be stable (PL30.0 pending)
- applied 10xpatch for 1.3.12 after JMD has tweaked it down
- changed the document root to /var/www, drifting with the RedHad/Mandrake herd
- overhauled config files
- Added KOffice mimetypes
- separate release number for mod_perl-doc
- index.html.ru.* were added to sources, so I revoked my humble one. - Wed Oct 18 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.7-15mdk_mhz
- the last release before Apache 1.3.14 (waiting for 10xpatch)
- mod_perl 1.24_01
- compiled against perl without largefile support
- mod_perl-doc package
- brought configtest command back to apachectl/init script - Sat Oct 7 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.7-14mdk_mhz
- merged a bunch of JMD's changes at 1.3.12-30mdk
- added an "official" index.html.ru taken from apache 2.0alpha6
and slightly modified
- configure without layout using macros supplied by rpm
- macros everywhere - Thu Aug 3 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.7-13mdk_mhz
- fixed install script problems and paths
- Mon Jul 24 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.7-12mdk_mhz
- new Russian Apache version (further POST fixes) and mm 1.1.3
- Mon Jul 17 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.5-1mdk_mhz
- new version (the patch added in my previous release has been applied)
- Sun Jul 16 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-11mdk_mhz
- applied a patch by Viktor Khimenko fixing a bug in charset_bread
- Wed Jul 12 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-10mdk_mhz
- disabled EXPAT rule for both servers. PHP 4 builds with its bundled Expat,
no questions asked
- EAPI 2.6.5 - Thu Jul 6 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-9mdk_mhz
- disabled EXPAT rule for apache+mod_perl static build to avoid conflicts
with XML::Parser - Mon Jun 26 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-8mdk_mhz
- new EAPI, MM and mod_perl versions
- Frontpage and XSSI dropped
- rebuilt against Perl having largefile support stripped - Thu Apr 27 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-7mdk_mhz
- MM lockfiles sit better in /var/lock
- Wed Apr 26 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-6mdk_mhz
- fixes to build under an ordinary user
- filelist cleanup - Mon Apr 24 2000 Mikhail Zabaluev <mookid@sigent.ru> 1.3.12rusPL29.4-5mdk_mhz
- sync with 1.3.12-10mdk
- mm thrown out to be a separate package - Tue Mar 28 2000 Mikhail Zabaluev <mookid@sigent.ru>
- moved apxs from devel to common -- the tool is too useful
- Fri Mar 24 2000 Mikhail Zabaluev <mookid@sigent.ru>
- mod_perl 1.22. Still leaks memory on restarts being a DSO.
- Tue Mar 21 2000 Mikhail Zabaluev <mookid@sigent.ru>
- Russian Apache 1.3.12 rusPL29.4
- Jean-Michel's add-ons merged back
- SGI patches for 1.3.12 (up to level 1) applied
- index.html.ru translated to Russian :) - Mon Feb 28 2000 Mikhail Zabaluev <mookid@mu.ru>
- cleaned out apxs
- Sun Feb 20 2000 Mikhail Zabaluev <mookid@mu.ru>
- fixed ServerRoot for good
- fixed MM lockfile path
- added -n mod_perl package for punks - Mon Feb 7 2000 Mikhail Zabaluev <mookid@mu.ru>
- updated to Russian Apache 1.3.9 rusPL29.2
- fixed .packlist for mod_perl - Sat Jan 29 2000 Mikhail Zabaluev <mookid@mu.ru>
- ported to Russian Apache PL28.22
- added a version with mod_perl 1.21 linked in
- moved files common for apache and apache-mod_perl to apache-common
- EAPI 2.4.10
- mm and mm-devel are now separate packages too
- most of other add-ons dropped (sorry pals) - Wed Jan 5 2000 Jean-Michel Dault <jmdault@netrevolution.com>
- moved suexec to another package so it doesn't get installed by default
- added index.php3 as valid index. - Mon Jan 3 2000 Jean-Michel Dault <jmdault@netrevolution.com>
- final cleanup for Mandrake 7