Hello community, here is the log from the commit of package apache2 for openSUSE:Factory checked in at Fri Jul 30 15:54:55 CEST 2010. -------- --- apache2/apache2.changes 2010-05-11 23:43:02.000000000 +0200 +++ apache2/apache2.changes 2010-07-29 17:40:57.000000000 +0200 @@ -1,0 +2,47 @@ +Thu Jul 29 15:40:29 UTC 2010 - poeml@cmdline.net + +- update to 2.2.16: + SECURITY: CVE-2010-1452 (cve.mitre.org) + mod_dav, mod_cache: Fix Handling of requests without a path segment. + PR: 49246 + SECURITY: CVE-2010-2068 (cve.mitre.org) + mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection + for platforms Windows, Netware and OS2. PR: 49417. + core: + - Filter init functions are now run strictly once per request + before handler invocation. The init functions are no longer run + for connection filters. PR 49328. + mod_filter: + - enable it to act on non-200 responses. PR 48377 + mod_ldap: + - LDAP caching was suppressed (and ldap-status handler returns + title page only) when any mod_ldap directives were used in VirtualHost + context. + mod_ssl: + - Fix segfault at startup if proxy client certs are shared + across multiple vhosts. PR 39915. + mod_proxy_http: + - Log the port of the remote server in various messages. + PR 48812. + apxs: + - Fix -A and -a options to ignore whitespace in httpd.conf + mod_dir: + - add FallbackResource directive, to enable admin to specify + an action to happen when a URL maps to no file, without resorting + to ErrorDocument or mod_rewrite. PR 47184 + mod_rewrite: + - Allow to set environment variables without explicitely + giving a value. +- add Requires and BuildRequires on libapr1 >= 1.4.2. In the past, libapr1 >= + 1.0 was sufficient. But since 2.2.16, a failure to create listen sockets can + occur, unless newer libapr1 is used. See + https://bugzilla.redhat.com/show_bug.cgi?id=516331 +- remove obsolete httpd-2.2.15-deprecated_use_of_build_in_variable.patch + +------------------------------------------------------------------- +Mon May 17 14:33:47 UTC 2010 - poeml@cmdline.net + +- add type and encoding for zipped SVG images (.svgz) + Thanks to Sebastian Siebert (via Submit Request #40059) + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- httpd-2.2.15-deprecated_use_of_build_in_variable.patch httpd-2.2.15.tar.bz2 New: ---- httpd-2.2.16.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache2.spec ++++++ --- /var/tmp/diff_new_pack.i8BNM3/_old 2010-07-30 15:51:11.000000000 +0200 +++ /var/tmp/diff_new_pack.i8BNM3/_new 2010-07-30 15:51:11.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package apache2 (Version 2.2.15) +# spec file for package apache2 (Version 2.2.16) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -19,7 +19,7 @@ Name: apache2 -BuildRequires: db-devel ed libapr-util1-devel libapr1-devel openldap2 openldap2-devel +BuildRequires: db-devel ed libapr-util1-devel libapr1-devel >= 1.4.2 openldap2 openldap2-devel BuildRequires: openssl-devel pcre-devel zlib-devel %if %{?suse_version:1}0 %define httpduser wwwrun @@ -62,9 +62,9 @@ %define platform_string Linux/%VENDOR License: ASLv.. Group: Productivity/Networking/Web/Servers -%define realver 2.2.15 -Version: 2.2.15 -Release: 3 +%define realver 2.2.16 +Version: 2.2.16 +Release: 1 #Source0: http://www.apache.org/dist/httpd-%{version}.tar.bz2 Source0: http://httpd.apache.org/dev/dist/httpd-%{realver}.tar.bz2 # Add file to take mtime from it in prep section @@ -120,8 +120,6 @@ Patch67: httpd-2.2.0-apxs-a2enmod.dif Patch68: httpd-2.x.x-logresolve.patch Patch100: apache2.2-mpm-itk-20090414-00.patch -# PATCH-FIX-UPSTREAM fix deprecated usage of $[ in apxs2 -Patch101: httpd-2.2.15-deprecated_use_of_build_in_variable.patch Url: http://httpd.apache.org/ Icon: Apache.xpm Summary: The Apache Web Server Version 2.0 @@ -130,7 +128,10 @@ Requires: %{pname}-MPM /etc/mime.types PreReq: %{name}-utils Requires: logrotate -Requires: libapr1 >= 1.0 +# in the past, libapr1 >= 1.0 was sufficient. But since 2.2.16, a failure to +# create listen sockets can occur, unless newer libapr1 is used, with certain kernels. +# see https://bugzilla.redhat.com/show_bug.cgi?id=516331 +Requires: libapr1 >= 1.4.2 Requires: libapr1 < 2.0 PreReq: fileutils textutils grep sed %if %{?suse_version:1}0 @@ -175,12 +176,6 @@ See /usr/share/doc/packages/apache2/, http://httpd.apache.org/, and http://httpd.apache.org/docs-2.0/upgrading.html. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - %if %worker %package worker @@ -229,12 +224,6 @@ This combination offers a performance boost and retains some of the stability of the multi-process model. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - %endif %if %prefork @@ -245,12 +234,6 @@ maximum stability because each server runs in its own process. If a process dies it will not affect other servers. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - %endif %if %event @@ -266,12 +249,6 @@ This MPM depends on APR's atomic compare-and-swap operations for thread synchronization. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - %endif %if %itk @@ -287,13 +264,6 @@ See http://mpm-itk.sesse.net/ - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - Steinar H. Gunderson (ITK module) - %endif %package devel @@ -341,12 +311,6 @@ Some Example pages for Apache that show information about the installed server. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - %package example-certificates License: ASLv.. Summary: Example certificates for the Apache 2 Web Server @@ -355,12 +319,6 @@ %description example-certificates Snakeoil example certificates for Apache. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - %package utils License: ASLv.. Summary: Apache 2 utilities @@ -370,13 +328,6 @@ Utilities provided by the Apache 2 Web Server project which are useful to administrators of web servers in general. - - -Authors: --------- - Too many to list here -- see /usr/share/doc/packages/apache2/ABOUT_APACHE - - %prep # # O/ ._ .__ ._ @@ -391,7 +342,6 @@ %patch67 -p1 %patch68 -p1 %patch100 -p1 -%patch101 -p0 # cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE # ++++++ apache2-mod_mime-defaults.conf ++++++ --- /var/tmp/diff_new_pack.i8BNM3/_old 2010-07-30 15:51:12.000000000 +0200 +++ /var/tmp/diff_new_pack.i8BNM3/_new 2010-07-30 15:51:12.000000000 +0200 @@ -128,6 +128,11 @@ # are so commonly used that we add them here. Addtype image/x-icon .ico +# Zipped SVG files (.svgz) are not registered by IANA yet, and we should hint +# clients about their encoding +AddType image/svg+xml .svg .svgz +AddEncoding gzip .svgz + # # For type maps (negotiated resources): # (This is enabled by default to allow the Apache "It Worked" page ++++++ httpd-2.2.0-apxs-a2enmod.dif ++++++ --- /var/tmp/diff_new_pack.i8BNM3/_old 2010-07-30 15:51:12.000000000 +0200 +++ /var/tmp/diff_new_pack.i8BNM3/_new 2010-07-30 15:51:12.000000000 +0200 @@ -1,7 +1,8 @@ -diff -uNr httpd-2.2.0.orig/support/apxs.in httpd-2.2.0/support/apxs.in ---- httpd-2.2.0.orig/support/apxs.in 2005-06-10 11:18:14.000000000 +0200 -+++ httpd-2.2.0/support/apxs.in 2005-12-07 11:04:38.337999601 +0100 -@@ -527,105 +527,14 @@ +Index: httpd-2.2.16/support/apxs.in +=================================================================== +--- httpd-2.2.16.orig/support/apxs.in ++++ httpd-2.2.16/support/apxs.in +@@ -526,108 +526,14 @@ if ($opt_i or $opt_e) { # activate module via LoadModule/AddModule directive if ($opt_a or $opt_A) { @@ -25,7 +26,10 @@ $c = '#' if ($opt_A); foreach $lmd (@lmd) { - my $what = $opt_A ? "preparing" : "activating"; -- if ($content !~ m|\n#?\s*$lmd|) { +- my $lmd_re = $lmd; +- $lmd_re =~ s/\s+/\\s+/g; +- +- if ($content !~ m|\n#?\s*$lmd_re|) { - # check for open <containers>, so that the new LoadModule - # directive always appears *outside* of an <container>. - @@ -88,7 +92,7 @@ - } - } else { - # replace already existing LoadModule line -- $content =~ s|^(.*\n)#?\s*$lmd[^\n]*\n|$1$c$lmd\n|s; +- $content =~ s|^(.*\n)#?\s*$lmd_re[^\n]*\n|$1$c$lmd\n|s; - } - $lmd =~ m|LoadModule\s+(.+?)_module.*|; - notice("[$what module `$1' in $CFG_SYSCONFDIR/$CFG_TARGET.conf]"); ++++++ httpd-2.2.15.tar.bz2 -> httpd-2.2.16.tar.bz2 ++++++ ++++ 105488 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org