Hello community,
here is the log from the commit of package lighttpd for openSUSE:Factory
checked in at Tue Apr 20 02:27:58 CEST 2010.
--------
--- lighttpd/lighttpd.changes 2008-11-24 17:40:13.000000000 +0100
+++ /mounts/work_src_done/STABLE/lighttpd/lighttpd.changes 2010-04-15 18:11:03.000000000 +0200
@@ -1,0 +2,330 @@
+Thu Apr 15 15:52:49 UTC 2010 - mt@suse.de
+
+- Applied patch fixing start failure with enabled SSL because
+ of not properly checked SSL_CTX_set_options() return value
+ (http://redmine.lighttpd.net/issues/2157).
+
+-------------------------------------------------------------------
+Thu Feb 11 15:49:56 UTC 2010 - mrueckert@suse.de
+
+- update 1.4.26
+ - Fix request parser to handle packets with splitted \r\n\r\n
+ (fixes #2105)
+ - Remove dependency on automake >= 1.11 with m4_ifdef check
+ - mod_accesslog: support %e (fixes #2113, thx presbrey)
+ - Fix mod_cgi cgi.execute-x-only option in global block
+ - mod_fastcgi: x-sendfile2 parse error debugging
+ - Fix mod_proxy dead host detection if connect() fails
+ - Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures,
+ found by Rodrigo, fixes #2158, #2159)
+ - Fix segfault with broken rewrite/redirect patterns (fixes
+ #2140, found by crypt)
+ - Append to previous buffer in con read, fix DoS/OOM
+ vulnerability (fixes #2147, found by liming, CVE-2010-0295)
+ - Fix HUP detection in close-state if event-backend doesn't
+ support FDEVENT_HUP (like select or poll on FreeBSD)
+- dropping fix-slow-request-dos-in-1.4.x.patch:
+ included in release
+
+-------------------------------------------------------------------
+Mon Feb 1 17:54:57 CET 2010 - mrueckert@suse.de
+
+- added fix-slow-request-dos-in-1.4.x.patch:
+ fix a bug that makes lighttpd allocate too much memory
+ for handling a request. (bnc#573948) CVE-2010-0295
+
+-------------------------------------------------------------------
+Sun Nov 22 17:00:29 UTC 2009 - stbuehler@web.de
+
+- update 1.4.25
+ - mod_magnet: fix pairs() for normal tables and strings (fixes
+ #1307)
+ - mod_magnet: add traceback for printing lua errors
+ - mod_rewrite: fix compile error if compiled without pcre
+ - disable warning "CLOSE-read" (fixes #2091)
+ - mod_rrdtool: fix creating file if it doesn't exist (#1788)
+ - reset tlsext_server_name in connection_reset - fixes random
+ hostnames in the $HTTP["host"] conditional
+ - export some SSL_CLIENT_* vars for client cert validation
+ (fixes #1288, thx presbrey)
+ - mod_fastcgi: fix mod_fastcgi packet parsing
+ - mod_fastcgi: Don't reconnect after connect() succeeded
+ (fixes #2096)
+ - Fix configure.ac to allow autoreconf, also enables make V=0
+- dropped lighttpd-1.4.24_mod_magnet_regression.patch:
+ included in update
+- added lighttpd-configure_ac.patch:
+ - remove fancy options which are not supported in older
+ autoconf versions
+- drop '-fi' option from autoreconf, so the libtool script
+ isn't overwritten (as the overwritten one was broken).
+ autoreconf is still needed for mod_geoip
+- drop --with-webdav from ./configure (not an option)
+- remove spawn-fcgi handling as it is removed from the source now
+- remove ChangeLog from %docs (has been removed upstream)
+- man page was moved from section 1 to 8
+
+-------------------------------------------------------------------
+Mon Oct 26 18:40:56 CET 2009 - mrueckert@suse.de
+
+- update 1.4.24
+ - Add T_CONFIG_INT for bigger integers from the config
+ (needed for #1966)
+ - Use unsigned int (and T_CONFIG_INT) for max_request_size
+ - Use unsigned int for secdownload.timeout (fixes #1966)
+ - Keep url/host values from connection to display information
+ while keep-alive in mod_status (fixes #1202)
+ - Add server.breakagelog, a "special" stderr (fixes #1863)
+ - Fix config evaluation for debug.log-timeouts option (#1529)
+ - Add "cgi.execute-x-only" to mod_cgi, requires +x for cgi
+ scripts (fixes #2013)
+ - Fix FD_SETSIZE comparision warnings
+ - Add "lua-5.1" to searched pkg-config names for lua
+ - Fix unused function webdav_lockdiscovery in mod_webdav
+ - cmake: Fix crypt lib check
+ - cmake: Add -export-dynamic to link flags, fixes build on
+ FreeBSD
+ - Set FD_CLOEXEC for bound sockets before pipe-logger forks
+ (fixes #2026)
+ - Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi
+ (fixes #2029)
+ - Show "no uri specified -> 400" error only when
+ "debug.log-request-header-on-error" is enabled (fixes #2030)
+ - Fix hanging connection in mod_scgi (fixes #2024)
+ - Allow digits in hostnames in more places (fixes #1148)
+ - Use connection_reset instead of handle_request_done for cleanup
+ callbacks
+ - Change mod_expire to append Cache-Control instead of
+ overwriting it (fixes #1997)
+ - Allow all comparisons for $SERVER["socket"] - only bind for
+ "=="
+ - Remove strptime failed message (fixes #2031)
+ - Fix issues found with clang analyzer
+ - Try to fix server.tag issue with localized svnversion
+ - Fix handling network-write return values (#2024)
+ - Use disable-time in fastcgi for all disables after errors,
+ default is 1sec (fixes #2040)
+ - Remove adaptive spawning code from fastcgi (was disabled for a
+ long time)
+ - Allow mod_mysql_vhost to use stored procedures (fixes #2011,
+ thx Ben Brown)
+ - Fix ipv6 in mod_proxy (fixes #2043)
+ - Print errors from include_shell to stderr
+ - Set tm.tm_isdst = 0 before mktime() (fixes #2047)
+ - Use linux-epoll by default if available (fixes #2021, thx Olaf
+ van der Spek)
+ - Print an error if you use too many captures in a regex pattern
+ (fixes #2059)
+ - Combine Cache-Control header value in mod_expire to existing
+ HTTP header if header already added by other modules
+ (fixes #2068)
+ - Remember keep-alive-idle in separate variable (fixes #1988)
+ - Fix header inclusion order, always include "config.h" before
+ any system header
+ - mod_webdav: Patch to skip login information for domain part of
+ Destination field (fixes #1793)
+ - mod_webdav: Delete old properties before updating new for MOVE
+ (fixes #1317)
+ - Read hostname from absolute uris in the request line
+ (fixes #1937)
+ - mod_fastcgi: don't disable backend if disable-time is 0
+ (fixes #1825)
+ - mod_compress: match partial+full content-type (fixes #1552)
+ - mod_fastcgi: fix is_local detection, respawn backends if
+ bin-path is set (fixes #897)
+ - Fix linger-on-close behaviour to avoid rare failure conditions
+ (was r2636, fixes #657)
+ - mod_fastcgi: restart local procs immediately after they
+ terminated, fix local procs handling
+ - Fix segfault on invalid config "duplicate else conditions"
+ (fixes #2065)
+ - mod_usertrack: Use T_CONFIG_INT for max-age, solves range
+ problem (#1455)
+ - mod_accesslog: configurable timestamp logging (fixes #1479)
+ - always define _GNU_SOURCE
+ - Add some iterators for mod_magnet (fixes #1307)
+ - Fix close_timeout_ts trigger (should finally fix lingering
+ close)
+ - mod_rewrite: add url.rewrite-[repeat-]if-not-file to rewrite if
+ file doesn't exist or is not a regular file (fixes #985, thx
+ lucas aerbeydt)
+ - Add TLS servername indication (SNI) support (fixes #386, thx
+ Peter Colberg )
+ - Add SSL Client Certificate verification (#1288)
+ - mod_fastcgi: Fix host->active_procs counter, return 503 if
+ connect wasn't successful after 5 tries (fixes #1825)
+ - mod_accesslog: escape special characters (fixes #1551, thx icy)
+ - fix mod_webdav crash from #1793 (fixes #2084, thx hiroya)
+ - Don't print ssl error if client didn't support TLS SNI
+ - Fix linger close timeout handling, drop timeout to 5 seconds
+ (fixes #2086)
+ - Fix broken return values from int to enum in mod_fastcgi
+- added lighttpd-1.4.24_mod_magnet_regression.patch:
+ * mod_magnet: fix pairs() for normal tables and strings
+ (fixes #1307)
+ * mod_magnet: add traceback for printing lua errors
+
+-------------------------------------------------------------------
+Wed Jun 24 18:23:56 CEST 2009 - mrueckert@suse.de
+
+- update to 1.4.23
+ - Added some extra warning options in cmake and fix the resulting
+ warnings (unused/static functions)
+ - New lighttpd man page (moved it to section 8) (fixes #1875)
+ - Create rrd file for empty rrdfile in mod_rrdtool (#1788)
+ - Fix workaround for incorrect path info/scriptname if fastcgi
+ prefix is "/" (fixes #729)
+ - Finally removed spawn-fcgi
+ - Allow xattr to overwrite mime type (fixes #1929)
+ - Remove link from errormsg about fastcgi apps (fixes #1942)
+ - Strip trailing dot from "Host:" header
+ - Remove the optional port info from SERVER_NAME (thx Mr_Bond)
+ - Fix mod_proxy RoundRobin (off by one problem if only one
+ backend is up)
+ - Rename configure.in to configure.ac, with small cleanups (fixes
+ #1932)
+ - Add proper SUID bit detection (fixes #416)
+ - Check for regular file in mod_cgi, so we don't try to start
+ directories
+ - Include mmap.h from chunk.h to fix some problems with #define
+ mmap mmap64 (fixes #1923)
+ - Add support for pipe logging for server.errorlog (fixes #296)
+ - Add revision number to package version for svn/git checkouts
+ - Use server.tag for SERVER_SOFTWARE if configured (fixes #357)
+ - Fix trailing zero char in REQUEST_URI after "strip-request-uri"
+ in mod_fastcgi
+ - mod_magnet: Add env["request.remote-ip"] (fixes #1740)
+ - mod_magnet: Add env["request.path-info"]
++++ 133 more lines (skipped)
++++ between lighttpd/lighttpd.changes
++++ and /mounts/work_src_done/STABLE/lighttpd/lighttpd.changes
calling whatdependson for head-i586
Old:
----
lighttpd-1.4.20.tar.bz2
New:
----
lighttpd-1.4.26.tar.bz2
lighttpd-ssl-retval-fix.patch
lighttpd_1.4.26-1.1~backport1.dsc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lighttpd.spec ++++++
--- /var/tmp/diff_new_pack.ovEA7U/_old 2010-04-20 02:27:34.000000000 +0200
+++ /var/tmp/diff_new_pack.ovEA7U/_new 2010-04-20 02:27:34.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package lighttpd (Version 1.4.20)
+# spec file for package lighttpd (Version 1.4.26)
#
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,15 +19,15 @@
Name: lighttpd
-Version: 1.4.20
-Release: 2
+Version: 1.4.26
+Release: 1
#
%define pkg_name lighttpd
%define pkg_user lighttpd
%define pkg_home /var/lib/%{pkg_name}
#
Group: Productivity/Networking/Web/Servers
-License: BSD 3-Clause
+License: BSD3c
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: FastCGI-devel e2fsprogs-devel fam-devel gdbm-devel libattr-devel libmemcache-devel libxml2-devel mysql-devel openldap2-devel pcre-devel pkgconfig pwdutils zlib-devel
@@ -69,16 +69,17 @@
BuildRequires: php5-fastcgi
%endif
#
-%if 0%{?suse_version} == 930 || 0%{?sles_version} == 9
+%if 0%{?suse_version} < 1000
BuildRequires: libstdc++-devel
%endif
%if 0%{?suse_version} > 1020
BuildRequires: libbz2-devel
%endif
-%if 0%{?suse_version} > 1000
+%if 0%{?suse_version} >= 1010
Recommends: logrotate
%endif
PreReq: %insserv_prereq %fillup_prereq pwdutils
+Requires: spawn-fcgi
#
Url: http://www.lighttpd.net/
Source: http://www.lighttpd.net/download/%{pkg_name}-%{version}.tar.bz2
@@ -90,6 +91,7 @@
Source6: lighttpd-ssl.SuSEfirewall
Source7: lighttpd.logrotate
Patch: lighttpd-1.4.13_geoip.patch
+Patch1: lighttpd-ssl-retval-fix.patch
#
Summary: A Secure, Fast, Compliant, and Very Flexible Web Server
@@ -108,7 +110,7 @@
Jan Kneschke
%package mod_cml
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Group: Productivity/Networking/Web/Servers
Summary: CML (Cache Meta Language) module for Lighttpd
@@ -137,7 +139,7 @@
Jan Kneschke
%package mod_magnet
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Group: Productivity/Networking/Web/Servers
Summary: A module to control the request handling in lighttpd
@@ -154,7 +156,7 @@
Jan Kneschke
%package mod_mysql_vhost
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Group: Productivity/Networking/Web/Servers
Summary: MySQL based virtual hosts (vhosts) module for Lighttpd
@@ -170,7 +172,7 @@
Jan Kneschke
%package mod_trigger_b4_dl
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Group: Productivity/Networking/Web/Servers
Summary: Another anti hot-linking module for Lighttpd
@@ -197,7 +199,7 @@
Jan Kneschke
%package mod_rrdtool
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Requires: rrdtool
Group: Productivity/Networking/Web/Servers
@@ -219,7 +221,7 @@
%if 0%{?with_geoip}
%package mod_geoip
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Group: Productivity/Networking/Web/Servers
Summary: A Secure, Fast, Compliant, and Very Flexible Web Server
@@ -244,7 +246,7 @@
%endif
%package mod_webdav
-License: BSD 3-Clause
+License: BSD3c
Requires: %{name} = %{version}
Group: Productivity/Networking/Web/Servers
Summary: WebDAV module for Lighttpd
@@ -281,10 +283,11 @@
%if 0%{?with_geoip}
%patch
%endif
+%patch1 -p1
%build
%if 0%{?with_geoip}
-autoreconf -fi
+autoreconf
%endif
export CFLAGS="%{optflags} -DLDAP_DEPRECATED -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -std=gnu99"
%if %suse_version > 1000
@@ -303,7 +306,6 @@
--with-lua \
--with-memcache \
--with-bzip2 \
- --with-webdav \
%if 0%{?with_enh_webdav}
--with-webdav-props \
--with-webdav-locks \
@@ -443,9 +445,9 @@
%{_libdir}/%{pkg_name}/mod_status.so
%{_libdir}/%{pkg_name}/mod_userdir.so
%{_libdir}/%{pkg_name}/mod_usertrack.so
-%{_mandir}/man1/*.1*
+%{_mandir}/man8/*.8*
%config(noreplace) %{_sysconfdir}/init.d/%{pkg_name}
-%doc AUTHORS ChangeLog NEWS README
+%doc AUTHORS NEWS README
%doc doc/*.dot
%doc doc/spawn-php.sh
%doc doc/accesslog.txt
@@ -512,6 +514,7 @@
%config(noreplace) %attr(640,root,%{pkg_user}) %{_sysconfdir}/%{pkg_name}/conf.d/trigger_b4_dl.conf
%{_libdir}/%{pkg_name}/mod_trigger_b4_dl.so
%doc doc/trigger_b4_dl.txt
+
%if 0%{?with_geoip}
%files mod_geoip
++++++ lighttpd-1.4.20.tar.bz2 -> lighttpd-1.4.26.tar.bz2 ++++++
++++ 98608 lines of diff (skipped)
++++++ lighttpd-ssl-retval-fix.patch ++++++
diff -purN orig/src/network.c lighttpd-1.4.25/src/network.c
--- orig/src/network.c 2010-01-28 10:43:33.829209750 -0500
+++ lighttpd-1.4.25/src/network.c 2010-01-28 10:44:22.639208732 -0500
@@ -525,7 +525,7 @@ int network_init(server *srv) {
if (!s->ssl_use_sslv2) {
/* disable SSLv2 */
- if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) {
+ if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
ERR_error_string(ERR_get_error(), NULL));
return -1;
++++++ lighttpd_1.4.26-1.1~backport1.dsc ++++++
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.0
Source: lighttpd
Binary: lighttpd, lighttpd-doc, lighttpd-mod-mysql-vhost, lighttpd-mod-trigger-b4-dl, lighttpd-mod-cml, lighttpd-mod-magnet, lighttpd-mod-webdav
Architecture: any
Version: 1.4.26-1.1~backport1
Maintainer: Debian lighttpd maintainers
Uploaders: Krzysztof Krzyżaniak (eloy) , Torsten Marek , Franz Pletz , Pierre Habouzit
Homepage: http://www.lighttpd.net
Standards-Version: 3.8.3
Vcs-Svn: svn://svn.debian.org/pkg-lighttpd/lighttpd/trunk
Build-Depends: debhelper (>= 5.0.0), cdbs, mime-support, libssl-dev, zlib1g-dev, libbz2-dev, libattr1-dev, libpcre3-dev, libmysqlclient-dev | libmysqlclient15-dev, libfam-dev, libldap2-dev, libfcgi-dev, libgdbm-dev, libmemcache-dev, liblua5.1-0-dev, pkg-config, uuid-dev, libsqlite3-dev, libxml2-dev, libkrb5-dev, perl
Checksums-Sha1:
c22642dc3616043293fb895b9f049b9270dbb2a0 780352 lighttpd_1.4.26.orig.tar.gz
6de3887a9d9c979fdebfc7f753936fd8aa59187e 21711 lighttpd_1.4.26-1.1~backport1.diff.gz
Checksums-Sha256:
08fc11864a0ad6d2871f32e6d0b0eaeb070f78698a72959f812526173145986e 780352 lighttpd_1.4.26.orig.tar.gz
3d9568c90c5dd230adf175b00f7dece9801a380181b303bee85c42c788ef5cf3 21711 lighttpd_1.4.26-1.1~backport1.diff.gz
Files:
3ce5be17a4dac3c384a8a452c664b840 780352 lighttpd_1.4.26.orig.tar.gz
cffb18f22518d982a9567aefb327d607 21711 lighttpd_1.4.26-1.1~backport1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkty6hgACgkQgBIc0keWidjxIQCgkZaWH0g3pYnDiz3v+azp5AM4
XocAn0qJCxqT0DRrFgv3WRb2HLcFzLpN
=IszI
-----END PGP SIGNATURE-----
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org