Hello community,
here is the log from the commit of package apache2
checked in at Wed Dec 20 18:01:14 CET 2006.
--------
--- apache2/apache2.changes 2006-09-26 11:28:32.000000000 +0200
+++ /mounts/work_src_done/STABLE/apache2/apache2.changes 2006-12-20 16:01:04.000000000 +0100
@@ -1,0 +2,9 @@
+Wed Dec 20 15:58:35 CET 2006 - poeml@suse.de
+
+- set a proper HOME (/var/lib/apache2), otherwise the server might
+ end up HOME=/root and some script might try to use that [#132769]
+- add two notes to the QUICKSTART readmes
+- don't install /etc/apache2/extra configuration since this is only
+ serving as an example and installed with the documentation anyway
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apache2.spec ++++++
--- /var/tmp/diff_new_pack.Ted7X4/_old 2006-12-20 17:56:37.000000000 +0100
+++ /var/tmp/diff_new_pack.Ted7X4/_new 2006-12-20 17:56:37.000000000 +0100
@@ -50,11 +50,11 @@
# "Server:" header
%define VENDOR SUSE
%define platform_string Linux/%VENDOR
-License: Apache
+License: The Apache Software License
Group: Productivity/Networking/Web/Servers
%define realver 2.2.3
Version: 2.2.3
-Release: 6
+Release: 23
#Source0: http://www.apache.org/dist/httpd-%{version}.tar.bz2
Source0: http://httpd.apache.org/dev/dist/httpd-%{realver}.tar.bz2
Source10: SUSE-NOTICE
@@ -684,6 +684,7 @@
rm -f $RPM_BUILD_ROOT/%{_libdir}/%{pname}-*/*.exp # needed only on AIX
rm -f $RPM_BUILD_ROOT/%{_libdir}/%{pname}/*.exp # needed only on AIX
rm -f $RPM_BUILD_ROOT/%{_sbindir}/checkgid # needed only for user installations from tarball
+rm -r $RPM_BUILD_ROOT/%{sysconfdir}/extra # it is already in the documentation directory
#
@@ -801,7 +802,6 @@
%endif
%config /etc/init.d/%{pname}
#
-%config %{sysconfdir}/extra
%{_sbindir}/rc%{pname}
%{_sbindir}/ab%{vers}
%{_sbindir}/apache%{vers}ctl
@@ -1005,6 +1005,12 @@
fi
%changelog -n apache2
+* Wed Dec 20 2006 - poeml@suse.de
+- set a proper HOME (/var/lib/apache2), otherwise the server might
+ end up HOME=/root and some script might try to use that [#132769]
+- add two notes to the QUICKSTART readmes
+- don't install /etc/apache2/extra configuration since this is only
+ serving as an example and installed with the documentation anyway
* Tue Sep 26 2006 - poeml@suse.de
- add rpm macro for suexec_safepath
- use _bindir/_sbindir in a few places [#202355]
@@ -1358,7 +1364,7 @@
"malicious" CRL. PR 35081. [#95709]
* Mon Jun 20 2005 - poeml@suse.de
- add httpd-2.0.47-pie.patch from from 2.1.3-dev to compile with
--fpie and link with -pie
+ -fpie and link with -pie
* Wed May 18 2005 - poeml@suse.de
- update to 2.0.54. Relevant changes:
| mod_cache:
@@ -1539,9 +1545,9 @@
* Fri Oct 15 2004 - poeml@suse.de
- fix SSLCipherSuite bypass CAN-2004-0885 (cve.mitre.org) [#47117]
- update the TLS upgrade patch [#47207]
-- mod_ssl returned invalid method on TLS upgraded connections
-- additional checks for httpd_method and default_port hooks
-- fixed typo in upgrade header
+ - mod_ssl returned invalid method on TLS upgraded connections
+ - additional checks for httpd_method and default_port hooks
+ - fixed typo in upgrade header
- add patches from Ruediger Pluem for the experimental modules
mod_disk_cache, mod_cache
PR 21492: mod_disk_cache: Do not store aborted content.
@@ -1865,8 +1871,8 @@
enabled by building via rpmbuild --define 'build_with_LFS 1'
* Thu Mar 18 2004 - poeml@suse.de
- update to proposed 2.0.49 tarball
-- mod_cgid: Fix storage corruption caused by use of incorrect pool.
-- docs update
+ - mod_cgid: Fix storage corruption caused by use of incorrect pool.
+ - docs update
- remove APACHE_DOCUMENT_ROOT from sysconfig.apache2 [#32635]
- fix a comment in default-server.conf
- remove obsolete ssl_scache_cleanup support script and ftok helper
@@ -2103,27 +2109,27 @@
mod_rewrite which occurred if one configured a regular
expression with more than 9 captures.
mod_rewrite:
-- Don't die silently when failing to open RewriteLogs. PR 23416
-- Fix support of the [P] option to send rewritten request using
+ - Don't die silently when failing to open RewriteLogs. PR 23416
+ - Fix support of the [P] option to send rewritten request using
"proxy:". The code was adding multiple "proxy:" fields in the
rewritten URI. PR: 13946.
-- Ignore RewriteRules in .htaccess files if the directory
+ - Ignore RewriteRules in .htaccess files if the directory
containing the .htaccess file is requested without a trailing
slash. PR 20195.
mod_include:
-- Fix a trio of bugs that would cause various unusual sequences
+ - Fix a trio of bugs that would cause various unusual sequences
of parsed bytes to omit portions of the output stream. PR 21095
-- fix segfault which occured if the filename was not set, for
+ - fix segfault which occured if the filename was not set, for
example, when processing some error conditions.
mod_cgid: fix a hash table corruption problem which could
result in the wrong script being cleaned up at the end of a
request.
mod_ssl: Fix segfaults after renegotiation failure. PR 21370
-- Fix a problem setting variables that represent the client
+ - Fix a problem setting variables that represent the client
certificate chain. PR 21371
-- Fix FakeBasicAuth for subrequest. Log an error when an
+ - Fix FakeBasicAuth for subrequest. Log an error when an
identity spoof is encountered.
-- Assure that we block properly when reading input bodies with
+ - Assure that we block properly when reading input bodies with
SSL. PR 19242.
mod_autoindex: If a directory contains a file listed in the
DirectoryIndex directive, the folder icon is no longer replaced
@@ -2131,16 +2137,16 @@
mod_usertrack: do not get false positive matches on the
user-tracking cookie's name. PR 16661.
mod_cache:
-- Fix the cache code so that responses can be cached if they
+ - Fix the cache code so that responses can be cached if they
have an Expires header but no Etag or Last-Modified headers.
PR 23130. cache_util: Fix ap_check_cache_freshness to check
max_age, smax_age, and expires as directed in RFC 2616.
mod_deflate:
-- fix to not call deflate() without checking first whether it
+ - fix to not call deflate() without checking first whether it
has something to deflate. (Currently this causes deflate to
generate a fatal error according to the zlib spec.) PR 22259.
-- Don't attempt to hold all of the response until we're done.
-- Fix a bug, where mod_deflate sometimes unconditionally
+ - Don't attempt to hold all of the response until we're done.
+ - Fix a bug, where mod_deflate sometimes unconditionally
compressed the content if the Accept-Encoding header
contained only other tokens than "gzip" (such as "deflate").
PR 21523.
@@ -2153,32 +2159,32 @@
mod_ext_filter: Set additional environment variables for use by
the external filter. PR 20944.
core:
-- allow <Foo>..</Foo> containers (no arguments in the opening
+ - allow <Foo>..</Foo> containers (no arguments in the opening
tag), as in 1.3. Needed by mod_perl <Perl> sections
-- Fix a misleading message from the some of the threaded MPMs
+ - Fix a misleading message from the some of the threaded MPMs
when MaxClients has to be lowered due to the setting of
ServerLimit.
-- Avoid an infinite recursion, which occured if the name of an
+ - Avoid an infinite recursion, which occured if the name of an
included config file or directory contained a wildcard
character. PR 22194.
-- MPMs: The bucket brigades subsystem now honors the MaxMemFree
+ - MPMs: The bucket brigades subsystem now honors the MaxMemFree
setting.
-- Lower the severity of the "listener thread didn't exit"
+ - Lower the severity of the "listener thread didn't exit"
message to debug, as it is of interest only to developers.
miscellaneous:
-- Update the header token parsing code to allow LWS between the
+ - Update the header token parsing code to allow LWS between the
token word and the ':' seperator. [PR 16520]
-- Remember an authenticated user during internal redirects if
+ - Remember an authenticated user during internal redirects if
the redirection target is not access protected and pass it to
scripts using the REDIRECT_REMOTE_USER environment variable.
PR 10678, 11602.
-- Update mime.types to include latest IANA and W3C types.
-- Modify ap_get_client_block() to note if it has seen EOS.
+ - Update mime.types to include latest IANA and W3C types.
+ - Modify ap_get_client_block() to note if it has seen EOS.
ab:
-- Overlong credentials given via command line no longer clobber
+ - Overlong credentials given via command line no longer clobber
the buffer.
-- Work over non-loopback on Unix again. PR 21495.
-- Fix NULL-pointer issue in ab when parsing an incomplete or
+ - Work over non-loopback on Unix again. PR 21495.
+ - Fix NULL-pointer issue in ab when parsing an incomplete or
non-HTTP response. PR 21085.
- add another example to apache2-listen.conf
- update apache2-mod_mime-defaults.conf according to 2.0.48 changes
@@ -2238,17 +2244,17 @@
DocumentRoot in default-server.conf
* Fri Aug 15 2003 - poeml@suse.de
- revamped configuration
-- add some CustomLog formats
-- AddDefaultCharset UTF-8 [#22427]
-- add activation metadata to sysconfig template [#28834]
-- default APACHE_MODULES: add mod_ssl, remove mod_status
-- new sysconfig variables: APACHE_USE_CANONICAL_NAME,
+ - add some CustomLog formats
+ - AddDefaultCharset UTF-8 [#22427]
+ - add activation metadata to sysconfig template [#28834]
+ - default APACHE_MODULES: add mod_ssl, remove mod_status
+ - new sysconfig variables: APACHE_USE_CANONICAL_NAME,
APACHE_DOCUMENT_ROOT
-- get rid of the "suse_" prefix in generated config snippets, and
+ - get rid of the "suse_" prefix in generated config snippets, and
place them below /etc/apache2/sysconfig.d/. On update, convert
the Include statements in httpd.conf for the new locations
-- add /etc/apache2/vhosts.d and virtual host templates
-- the configuration for the manual is now seperate and installed
+ - add /etc/apache2/vhosts.d and virtual host templates
+ - the configuration for the manual is now seperate and installed
together with apache2-doc (conf.d/apache2-manual.conf)
- add distilled wisdom in form of README.QUICKSTART
- change group of wwwrun user: nogroup -> www [#21782]
@@ -2278,7 +2284,7 @@
- build with -D_FILE_OFFSET_BITS=64 when presumably the kernel
supports sendfile64 [#22191, #22018]. Define APR_HAS_LARGE_FILES
(which is unconditionally off, otherwise). Keep
--D_LARGEFILE_SOURCE since some modules might need it.
+ -D_LARGEFILE_SOURCE since some modules might need it.
- make sure the package can be built as ordinary user
- special case mod_auth_mysql since its module_id is reversed
- don't increase DYNAMIC_MODULE_LIMIT (64 should be copious)
@@ -2286,7 +2292,7 @@
keep the stripped information somewhere
- reformat the header of the spec file
- allow to pass a number-of-jobs parameter into spec file via rpm
---define 'jobs N'
+ --define 'jobs N'
* Thu Jul 10 2003 - poeml@suse.de
- update to 2.0.47. relevant / user visible changes:
Security [CAN-2003-0192]: Fixed a bug whereby certain sequences
@@ -2331,32 +2337,32 @@
vulnerability affecting basic authentication
Security: forward port of buffer overflow fixes for htdigest.
mod_ssl:
-- SSL session caching(shmht) : Fix a SEGV problem with SHMHT
+ - SSL session caching(shmht) : Fix a SEGV problem with SHMHT
session caching.
mod_deflate:
-- Add another check for already compressed content
-- Check also err_headers_out for an already set
+ - Add another check for already compressed content
+ - Check also err_headers_out for an already set
Content-Encoding: gzip header. This prevents gzip compressed
content from a CGI script from being compressed once more.
mod_mime_magic:
-- If mod_mime_magic does not know the content-type, do not
+ - If mod_mime_magic does not know the content-type, do not
attempt to guess.
mod_rewrite:
-- Fix handling of absolute URIs.
+ - Fix handling of absolute URIs.
mod_log_config:
-- Add the ability to log the id of the thread processing the
+ - Add the ability to log the id of the thread processing the
request via new %%P formats.
mod_auth_ldap:
-- Use generic whitespace character class when parsing "require"
+ - Use generic whitespace character class when parsing "require"
directives, instead of literal spaces only.
mod_proxy:
-- Fixed a segfault when multiple ProxyBlock directives were used.
-- Added AllowEncodedSlashes directive to permit control of
+ - Fixed a segfault when multiple ProxyBlock directives were used.
+ - Added AllowEncodedSlashes directive to permit control of
whether the server will accept encoded slashes ('%%2f') in the
URI path. Default condition is off (the historical behaviour).
-- If Apache is started as root and you code CoreDumpDirectory,
+ - If Apache is started as root and you code CoreDumpDirectory,
coredumps are enabled via the prctl() syscall.
-- htpasswd: Check the processed file on validity; add a delete flag.
+ - htpasswd: Check the processed file on validity; add a delete flag.
- httpd-2.0.45-libtool-1.5.dif is obsolete
- mark suse_include.conf as %%ghost
- note the rebirth of the httpd and apachectl man pages (thanks to
@@ -2382,21 +2388,21 @@
vulnerability identified by David Endler
participants (1)
-
root@suse.de