rpms / httpd

Clone
Source Code
GIT

Blame SPECS/httpd.spec

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-2.4 c8-sig-artwork c8-stream-2.4 c8s-stream-2.4 c9 c9-beta
  1.   0ac66abcd8d9406daa7ec6169971d2d8921d77fd
  2.   SPECS
  3.   httpd.spec
Blob History Raw
576df0 
%define contentdir %{_datadir}/httpd
576df0 
%define docroot /var/www
576df0 
%define suexec_caller apache
576df0 
%define mmn 20120211
576df0 
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
576df0 
%define vstring %(source /etc/os-release; echo ${REDHAT_SUPPORT_PRODUCT})
576df0 
%if 0%{?fedora} > 26 || 0%{?rhel} > 7
576df0 
%global mpm event
576df0 
%else
576df0 
%global mpm prefork
576df0 
%endif
576df0
576df0 
Summary: Apache HTTP Server
576df0 
Name: httpd
576df0 
Version: 2.4.37
0ac66a 
Release: 54%{?dist}
576df0 
URL: https://httpd.apache.org/
576df0 
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
576df0 
Source2: httpd.logrotate
576df0 
Source3: instance.conf
576df0 
Source4: httpd-ssl-pass-dialog
576df0 
Source5: httpd.tmpfiles
576df0 
Source6: httpd.service
576df0 
Source7: action-graceful.sh
576df0 
Source8: action-configtest.sh
576df0 
Source10: httpd.conf
576df0 
Source11: 00-base.conf
576df0 
Source12: 00-mpm.conf
576df0 
Source13: 00-lua.conf
576df0 
Source14: 01-cgi.conf
576df0 
Source15: 00-dav.conf
576df0 
Source16: 00-proxy.conf
576df0 
Source17: 00-ssl.conf
576df0 
Source18: 01-ldap.conf
576df0 
Source19: 00-proxyhtml.conf
576df0 
Source20: userdir.conf
576df0 
Source21: ssl.conf
576df0 
Source22: welcome.conf
576df0 
Source23: manual.conf
576df0 
Source24: 00-systemd.conf
576df0 
Source25: 01-session.conf
576df0 
Source26: 10-listen443.conf
576df0 
Source27: httpd.socket
576df0 
Source28: 00-optional.conf
576df0 
# Documentation
576df0 
Source30: README.confd
576df0 
Source31: README.confmod
576df0 
Source32: httpd.service.xml
576df0 
Source33: htcacheclean.service.xml
576df0 
Source34: httpd.conf.xml
576df0 
Source40: htcacheclean.service
576df0 
Source41: htcacheclean.sysconf
576df0 
Source42: httpd-init.service
576df0 
Source43: httpd-ssl-gencerts
576df0 
Source44: httpd@.service
576df0 
Source45: config.layout
692b48 
Source46: apache-poweredby.png
576df0
576df0 
# build/scripts patches
576df0 
# http://bugzilla.redhat.com/show_bug.cgi?id=1231924
576df0 
# http://bugzilla.redhat.com/show_bug.cgi?id=842736
576df0 
# http://bugzilla.redhat.com/show_bug.cgi?id=1214401
576df0 
Patch1: httpd-2.4.35-apachectl.patch
576df0 
Patch2: httpd-2.4.28-apxs.patch
576df0 
Patch3: httpd-2.4.35-deplibs.patch
576df0
576df0 
# Needed for socket activation and mod_systemd patch
576df0 
Patch19: httpd-2.4.35-detect-systemd.patch
576df0
576df0 
# Features/functional changes
576df0 
Patch20: httpd-2.4.32-export.patch
576df0 
Patch21: httpd-2.4.35-corelimit.patch
576df0 
Patch22: httpd-2.4.35-selinux.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1170215
576df0 
Patch23: httpd-2.4.28-icons.patch
576df0 
Patch24: httpd-2.4.35-systemd.patch
576df0 
Patch25: httpd-2.4.35-cachehardmax.patch
576df0 
Patch26: httpd-2.4.28-socket-activation.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1109119
576df0 
Patch27: httpd-2.4.35-sslciphdefault.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1332242
576df0 
Patch28: httpd-2.4.28-statements-comment.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=811714
576df0 
Patch29: httpd-2.4.35-full-release.patch
576df0 
Patch30: httpd-2.4.35-freebind.patch
576df0 
Patch31: httpd-2.4.35-r1830819+.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1638738
576df0 
Patch32: httpd-2.4.37-sslprotdefault.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747898
576df0 
Patch33: httpd-2.4.37-mod-md-mod-ssl-hooks.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1725031
576df0 
Patch34: httpd-2.4.37-r1861793+.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1704317
576df0 
Patch35: httpd-2.4.37-sslkeylogfile-support.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1794728
576df0 
Patch36: httpd-2.4.37-session-expiry-updt-int.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1209162
576df0 
Patch37: httpd-2.4.37-logjournal.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1869576
5183f0 
Patch38: httpd-2.4.37-pr37355.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1896176
5183f0 
Patch39: httpd-2.4.37-proxy-ws-idle-timeout.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1883648
5183f0 
Patch40: httpd-2.4.37-ssl-proxy-chains.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1935742
692b48 
Patch41: httpd-2.4.37-usertrack-samesite.patch
5183f0
576df0 
# Bug fixes
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1397243
576df0 
Patch61: httpd-2.4.35-r1738878.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1170206
576df0 
Patch62: httpd-2.4.35-r1633085.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1448892
576df0 
Patch63: httpd-2.4.28-r1811831.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1602548
576df0 
Patch65: httpd-2.4.35-r1842888.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1653009
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1672977
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1673022
576df0 
Patch66: httpd-2.4.37-r1842929+.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1630432
576df0 
Patch67: httpd-2.4.35-r1825120.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1670716
576df0 
Patch68: httpd-2.4.37-fips-segfault.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1669221
576df0 
Patch70: httpd-2.4.37-r1840554.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1673022
576df0 
Patch71: httpd-2.4.37-mod-md-perms.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1724549
576df0 
Patch72: httpd-2.4.37-mod-mime-magic-strdup.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1724034
576df0 
Patch73: httpd-2.4.35-ocsp-wrong-ctx.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1633224
576df0 
Patch74: httpd-2.4.37-r1828172+.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1775158
576df0 
Patch75: httpd-2.4.37-r1870095+.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1771847
576df0 
Patch76: httpd-2.4.37-proxy-continue.patch
576df0 
Patch77: httpd-2.4.37-balancer-failover.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1875844
5183f0 
Patch78: httpd-2.4.37-r1881459.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1891829
5183f0 
Patch79: httpd-2.4.37-r1864000.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1868608
5183f0 
Patch80: httpd-2.4.37-r1872790.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1861380
5183f0 
Patch81: httpd-2.4.37-r1879224.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1680118
5183f0 
Patch82: httpd-2.4.37-r1877397.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1847585
5183f0 
Patch83: httpd-2.4.37-r1878890.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1918741
5183f0 
Patch84: httpd-2.4.37-r1878280.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1891594
5183f0 
Patch85: httpd-2.4.37-htcacheclean-dont-break.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1937334
5183f0 
Patch86: httpd-2.4.37-r1873907.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1680111
692b48 
Patch87: httpd-2.4.37-reply-two-tls-rec.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1905613
692b48 
Patch88: httpd-2.4.37-r1845768+.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2001046
692b48 
Patch89: httpd-2.4.37-r1862410.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1984828
692b48 
Patch90: httpd-2.4.37-hcheck-mem-issues.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2017543
0ac66a 
Patch91: httpd-2.4.37-add-SNI-support.patch
576df0
576df0 
# Security fixes
576df0 
Patch200: httpd-2.4.37-r1851471.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1694980
576df0 
Patch201: httpd-2.4.37-CVE-2019-0211.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1695025
576df0 
Patch202: httpd-2.4.37-CVE-2019-0215.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1696141
576df0 
Patch203: httpd-2.4.37-CVE-2019-0217.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1696097
576df0 
Patch204: httpd-2.4.37-CVE-2019-0220.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1741860
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1741864
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1741868
576df0 
Patch205: httpd-2.4.34-CVE-2019-9511-and-9516-and-9517.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1823259
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747284
576df0 
# fixes both CVE-2020-1927 and CVE-2019-10098
576df0 
Patch206: httpd-2.4.37-CVE-2019-10098.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747281
576df0 
Patch207: httpd-2.4.37-CVE-2019-10092.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747291
576df0 
Patch208: httpd-2.4.37-CVE-2019-10097.patch
576df0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1820772
576df0 
Patch209: httpd-2.4.37-CVE-2020-1934.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1668493
5183f0 
Patch210: httpd-2.4.37-CVE-2018-17199.patch
5183f0 
# https://bugzilla.redhat.com/show_bug.cgi?id=1866563
5183f0 
Patch211: httpd-2.4.37-CVE-2020-11984.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1972500
692b48 
Patch212: httpd-2.4.37-CVE-2021-30641.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1968307
692b48 
Patch213: httpd-2.4.37-CVE-2021-26690.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2005117
692b48 
Patch214: httpd-2.4.37-CVE-2021-40438.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1966732
692b48 
Patch215: httpd-2.4.37-CVE-2021-26691.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1968278
692b48 
Patch216: httpd-2.4.37-CVE-2020-35452.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2005128
692b48 
Patch217: httpd-2.4.37-CVE-2021-34798.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2005119
692b48 
Patch218: httpd-2.4.37-CVE-2021-39275.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2005124
692b48 
Patch219: httpd-2.4.37-CVE-2021-36160.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=1966728
692b48 
Patch220: httpd-2.4.37-CVE-2021-33193.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2034674
692b48 
Patch221: httpd-2.4.37-CVE-2021-44790.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2034672
692b48 
Patch222: httpd-2.4.37-CVE-2021-44224.patch
692b48 
# https://bugzilla.redhat.com/show_bug.cgi?id=2064321
692b48 
Patch223: httpd-2.4.37-CVE-2022-22720.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=1966738
0ac66a 
Patch224: httpd-2.4.37-CVE-2020-13950.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2064322
0ac66a 
Patch225: httpd-2.4.37-CVE-2022-22719.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2064320
0ac66a 
Patch226: httpd-2.4.37-CVE-2022-22721.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2065324
0ac66a 
Patch227: httpd-2.4.37-CVE-2022-23943.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2095002
0ac66a 
Patch228: httpd-2.4.37-CVE-2022-28614.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2095006
0ac66a 
Patch229: httpd-2.4.37-CVE-2022-28615.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2095015
0ac66a 
Patch230: httpd-2.4.37-CVE-2022-30522.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2095018
0ac66a 
Patch231: httpd-2.4.37-CVE-2022-30556.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2095020
0ac66a 
Patch232: httpd-2.4.37-CVE-2022-31813.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2095012
0ac66a 
Patch233: httpd-2.4.37-CVE-2022-29404.patch
0ac66a 
# https://bugzilla.redhat.com/show_bug.cgi?id=2094997
0ac66a 
Patch234: httpd-2.4.37-CVE-2022-26377.patch
0ac66a
576df0
576df0 
License: ASL 2.0
576df0 
Group: System Environment/Daemons
576df0 
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
576df0 
BuildRequires: autoconf, perl-interpreter, perl-generators, pkgconfig, findutils, xmlto
576df0 
BuildRequires: zlib-devel, libselinux-devel, lua-devel,  brotli-devel
576df0 
BuildRequires: apr-devel >= 1.5.0, apr-util-devel >= 1.5.0, pcre-devel >= 5.0
576df0 
BuildRequires: systemd-devel
5183f0 
# web server testpage added to redhat-logos in 82.0 (rhbz1896319)
692b48 
# new logo requires new footer copyring which was added in rhbz1934800
692b48 
Requires: /etc/mime.types, system-logos(httpd-logo-ng)
576df0 
Obsoletes: httpd-suexec
576df0 
Provides: webserver
576df0 
Provides: mod_dav = %{version}-%{release}, httpd-suexec = %{version}-%{release}
576df0 
Provides: httpd-mmn = %{mmn}, httpd-mmn = %{mmnisa}
576df0 
Requires: httpd-tools = %{version}-%{release}
576df0 
Requires: httpd-filesystem = %{version}-%{release}
0ac66a 
Requires: mod_http2 >= 1.15.7-5
576df0 
Requires(pre): httpd-filesystem
576df0 
Requires(preun): systemd-units
576df0 
Requires(postun): systemd-units
576df0 
Requires(post): systemd-units
576df0 
Conflicts: apr < 1.5.0-1
576df0
576df0 
%description
576df0 
The Apache HTTP Server is a powerful, efficient, and extensible
576df0 
web server.
576df0
576df0 
%package devel
576df0 
Group: Development/Libraries
576df0 
Summary: Development interfaces for the Apache HTTP server
576df0 
Requires: apr-devel, apr-util-devel, pkgconfig
576df0 
Requires: httpd = %{version}-%{release}
576df0
576df0 
%description devel
576df0 
The httpd-devel package contains the APXS binary and other files
576df0 
that you need to build Dynamic Shared Objects (DSOs) for the
576df0 
Apache HTTP Server.
576df0
576df0 
If you are installing the Apache HTTP server and you want to be
576df0 
able to compile or develop additional modules for Apache, you need
576df0 
to install this package.
576df0
576df0 
%package manual
576df0 
Group: Documentation
576df0 
Summary: Documentation for the Apache HTTP server
576df0 
Requires: httpd = %{version}-%{release}
576df0 
Obsoletes: secureweb-manual, apache-manual
576df0 
BuildArch: noarch
576df0
576df0 
%description manual
576df0 
The httpd-manual package contains the complete manual and
576df0 
reference guide for the Apache HTTP server. The information can
576df0 
also be found at http://httpd.apache.org/docs/2.2/.
576df0
576df0 
%package filesystem
576df0 
Group: System Environment/Daemons
576df0 
Summary: The basic directory layout for the Apache HTTP server
576df0 
BuildArch: noarch
576df0 
Requires(pre): /usr/sbin/useradd
576df0
576df0 
%description filesystem
576df0 
The httpd-filesystem package contains the basic directory layout
576df0 
for the Apache HTTP server including the correct permissions
576df0 
for the directories.
576df0
576df0 
%package tools
576df0 
Group: System Environment/Daemons
576df0 
Summary: Tools for use with the Apache HTTP Server
576df0
576df0 
%description tools
576df0 
The httpd-tools package contains tools which can be used with
576df0 
the Apache HTTP Server.
576df0
576df0 
%package -n mod_ssl
576df0 
Group: System Environment/Daemons
576df0 
Summary: SSL/TLS module for the Apache HTTP Server
576df0 
Epoch: 1
576df0 
BuildRequires: openssl-devel
576df0 
Requires(pre): httpd-filesystem
576df0 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
0ac66a 
Requires: sscg >= 2.2.0, /usr/bin/hostname
576df0 
Obsoletes: stronghold-mod_ssl
576df0 
# Require an OpenSSL which supports PROFILE=SYSTEM
576df0 
Conflicts: openssl-libs < 1:1.0.1h-4
576df0
576df0 
%description -n mod_ssl
576df0 
The mod_ssl module provides strong cryptography for the Apache Web
576df0 
server via the Secure Sockets Layer (SSL) and Transport Layer
576df0 
Security (TLS) protocols.
576df0
576df0 
%package -n mod_proxy_html
576df0 
Group: System Environment/Daemons
576df0 
Summary: HTML and XML content filters for the Apache HTTP Server
576df0 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
576df0 
BuildRequires: libxml2-devel
576df0 
Epoch: 1
576df0 
Obsoletes: mod_proxy_html < 1:2.4.1-2
576df0
576df0 
%description -n mod_proxy_html
576df0 
The mod_proxy_html and mod_xml2enc modules provide filters which can
576df0 
transform and modify HTML and XML content.
576df0
576df0 
%package -n mod_ldap
576df0 
Group: System Environment/Daemons
576df0 
Summary: LDAP authentication modules for the Apache HTTP Server
576df0 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
576df0 
Requires: apr-util-ldap
576df0
576df0 
%description -n mod_ldap
576df0 
The mod_ldap and mod_authnz_ldap modules add support for LDAP
576df0 
authentication to the Apache HTTP Server.
576df0
576df0 
%package -n mod_session
576df0 
Group: System Environment/Daemons
576df0 
Summary: Session interface for the Apache HTTP Server
576df0 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
576df0
576df0 
%description -n mod_session
576df0 
The mod_session module and associated backends provide an abstract
576df0 
interface for storing and accessing per-user session data.
576df0
576df0 
%prep
576df0 
%setup -q
576df0 
%patch1 -p1 -b .apctl
576df0 
%patch2 -p1 -b .apxs
576df0 
%patch3 -p1 -b .deplibs
576df0
576df0 
%patch19 -p1 -b .detectsystemd
576df0 
%patch20 -p1 -b .export
576df0 
%patch21 -p1 -b .corelimit
576df0 
%patch22 -p1 -b .selinux
576df0 
%patch23 -p1 -b .icons
576df0 
%patch24 -p1 -b .systemd
576df0 
%patch25 -p1 -b .cachehardmax
576df0 
%patch26 -p1 -b .socketactivation
576df0 
%patch27 -p1 -b .sslciphdefault
576df0 
%patch28 -p1 -b .statementscomment
576df0 
%patch29 -p1 -b .fullrelease
576df0 
%patch30 -p1 -b .freebind
576df0 
%patch31 -p1 -b .r1830819+
576df0 
%patch32 -p1 -b .sslprotdefault
576df0 
%patch33 -p1 -b .mod-md-mod-ssl-hooks
576df0 
%patch34 -p1 -b .r1861793+
576df0 
%patch35 -p1 -b .sslkeylogfile-support
576df0 
%patch36 -p1 -b .session-expiry
576df0 
%patch37 -p1 -b .logjournal
5183f0 
%patch38 -p1 -b .pr37355
5183f0 
%patch39 -p1 -b .proxy-ws-idle-timeout
5183f0 
%patch40 -p1 -b .ssl-proxy-chains
692b48 
%patch41 -p1 -b .usertrack-samesite
576df0
576df0 
%patch61 -p1 -b .r1738878
576df0 
%patch62 -p1 -b .r1633085
576df0 
%patch63 -p1 -b .r1811831
576df0 
%patch65 -p1 -b .r1842888
576df0 
%patch66 -p1 -b .r1842929+
576df0 
%patch67 -p1 -b .r1825120
576df0 
%patch68 -p1 -b .fipscore
576df0 
%patch70 -p1 -b .r1840554
576df0 
%patch71 -p1 -b .modmdperms
576df0 
%patch72 -p1 -b .mimemagic
576df0 
%patch73 -p1 -b .ocspwrongctx
576df0 
%patch74 -p1 -b .r1828172+
576df0 
%patch75 -p1 -b .r1870095+
576df0 
%patch76 -p1 -b .proxy-continue
576df0 
%patch77 -p1 -b .balancer-failover
5183f0 
%patch78 -p1 -b .r1881459
5183f0 
%patch79 -p1 -b .r1864000
5183f0 
%patch80 -p1 -b .r1872790
5183f0 
%patch81 -p1 -b .r1879224
5183f0 
%patch82 -p1 -b .r1877397
5183f0 
%patch83 -p1 -b .r1878890
5183f0 
%patch84 -p1 -b .r1878280
5183f0 
%patch85 -p1 -b .htcacheclean-dont-break
5183f0 
%patch86 -p1 -b .r1873907
692b48 
%patch87 -p1 -b .reply-two-tls-rec
692b48 
%patch88 -p1 -b .r1845768+
692b48 
%patch89 -p1 -b .r1862410
692b48 
%patch90 -p1 -b .hcheck-mem-issues
0ac66a 
%patch91 -p1 -b .SNI
576df0
576df0 
%patch200 -p1 -b .r1851471
576df0 
%patch201 -p1 -b .CVE-2019-0211
576df0 
%patch202 -p1 -b .CVE-2019-0215
576df0 
%patch203 -p1 -b .CVE-2019-0217
576df0 
%patch204 -p1 -b .CVE-2019-0220
576df0 
%patch205 -p1 -b .CVE-2019-9511-and-9516-and-9517
576df0 
%patch206 -p1 -b .CVE-2019-10098
576df0 
%patch207 -p1 -b .CVE-2019-10092
576df0 
%patch208 -p1 -b .CVE-2019-10097
576df0 
%patch209 -p1 -b .CVE-2020-1934
5183f0 
%patch210 -p1 -b .CVE-2018-17199
5183f0 
%patch211 -p1 -b .CVE-2020-11984
692b48 
%patch212 -p1 -b .CVE-2021-30641
692b48 
%patch213 -p1 -b .CVE-2021-26690
692b48 
%patch214 -p1 -b .CVE-2021-40438
692b48 
%patch215 -p1 -b .CVE-2021-26691
692b48 
%patch216 -p1 -b .CVE-2020-35452
692b48 
%patch217 -p1 -b .CVE-2021-34798
692b48 
%patch218 -p1 -b .CVE-2021-39275
692b48 
%patch219 -p1 -b .CVE-2021-36160
692b48 
%patch220 -p1 -b .CVE-2021-33193
692b48 
%patch221 -p1 -b .CVE-2021-44790
692b48 
%patch222 -p1 -b .CVE-2021-44224
692b48 
%patch223 -p1 -b .CVE-2022-22720
0ac66a 
%patch224 -p1 -b .CVE-2020-13950
0ac66a 
%patch225 -p1 -b .CVE-2022-22719
0ac66a 
%patch226 -p1 -b .CVE-2022-22721
0ac66a 
%patch227 -p1 -b .CVE-2022-23943
0ac66a 
%patch228 -p1 -b .CVE-2022-28614
0ac66a 
%patch229 -p1 -b .CVE-2022-28615
0ac66a 
%patch230 -p1 -b .CVE-2022-30522
0ac66a 
%patch231 -p1 -b .CVE-2022-30556
0ac66a 
%patch232 -p1 -b .CVE-2022-31813
0ac66a 
%patch233 -p1 -b .CVE-2022-29404
0ac66a 
%patch234 -p1 -b .CVE-2022-26377
576df0
576df0 
# Patch in the vendor string
576df0 
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
576df0 
sed -i 's/@RELEASE@/%{release}/' server/core.c
576df0
576df0 
# Prevent use of setcap in "install-suexec-caps" target.
576df0 
sed -i '/suexec/s,setcap ,echo Skipping setcap for ,' Makefile.in
576df0
576df0 
# Example conf for instances
576df0 
cp $RPM_SOURCE_DIR/instance.conf .
576df0 
sed < $RPM_SOURCE_DIR/httpd.conf >> instance.conf '
576df0 
0,/^ServerRoot/d;
576df0 
/# Supplemental configuration/,$d
576df0 
/^ *CustomLog .logs/s,logs/,logs/${HTTPD_INSTANCE}_,
576df0 
/^ *ErrorLog .logs/s,logs/,logs/${HTTPD_INSTANCE}_,
576df0 
'
576df0 
touch -r $RPM_SOURCE_DIR/instance.conf instance.conf
576df0
576df0 
# Safety check: prevent build if defined MMN does not equal upstream MMN.
576df0 
vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
576df0 
if test "x${vmmn}" != "x%{mmn}"; then
576df0 
   : Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}
576df0 
   : Update the mmn macro and rebuild.
576df0 
   exit 1
576df0 
fi
576df0
692b48 
# A new logo which comes together with a new test page
692b48 
cp %{SOURCE46} ./docs/icons/apache_pb3.png
692b48
576df0 
# Provide default layout
576df0 
cp $RPM_SOURCE_DIR/config.layout .
576df0
576df0 
sed '
576df0 
s,@MPM@,%{mpm},g
576df0 
s,@DOCROOT@,%{docroot},g
576df0 
s,@LOGDIR@,%{_localstatedir}/log/httpd,g
576df0 
' < $RPM_SOURCE_DIR/httpd.conf.xml \
576df0 
    > httpd.conf.xml
576df0
576df0 
xmlto man ./httpd.conf.xml
576df0 
xmlto man $RPM_SOURCE_DIR/htcacheclean.service.xml
576df0 
xmlto man $RPM_SOURCE_DIR/httpd.service.xml
576df0
576df0 
: Building with MMN %{mmn}, MMN-ISA %{mmnisa}
576df0 
: Default MPM is %{mpm}, vendor string is '%{vstring}'
576df0
576df0 
%build
576df0 
# forcibly prevent use of bundled apr, apr-util, pcre
576df0 
rm -rf srclib/{apr,apr-util,pcre}
576df0
576df0 
# regenerate configure scripts
576df0 
autoheader && autoconf || exit 1
576df0
576df0 
# Before configure; fix location of build dir in generated apxs
576df0 
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" \
576df0 
        support/apxs.in
576df0
576df0 
export CFLAGS=$RPM_OPT_FLAGS
576df0 
export LDFLAGS="-Wl,-z,relro,-z,now"
576df0
576df0 
# Hard-code path to links to avoid unnecessary builddep
576df0 
export LYNX_PATH=/usr/bin/links
576df0
576df0 
# Build the daemon
576df0 
./configure \
576df0 
        --prefix=%{_sysconfdir}/httpd \
576df0 
        --exec-prefix=%{_prefix} \
576df0 
        --bindir=%{_bindir} \
576df0 
        --sbindir=%{_sbindir} \
576df0 
        --mandir=%{_mandir} \
576df0 
        --libdir=%{_libdir} \
576df0 
        --sysconfdir=%{_sysconfdir}/httpd/conf \
576df0 
        --includedir=%{_includedir}/httpd \
576df0 
        --libexecdir=%{_libdir}/httpd/modules \
576df0 
        --datadir=%{contentdir} \
576df0 
        --enable-layout=Fedora \
576df0 
        --with-installbuilddir=%{_libdir}/httpd/build \
576df0 
        --enable-mpms-shared=all \
576df0 
        --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
576df0 
        --enable-suexec --with-suexec \
576df0 
        --enable-suexec-capabilities \
576df0 
        --with-suexec-caller=%{suexec_caller} \
576df0 
        --with-suexec-docroot=%{docroot} \
576df0 
        --without-suexec-logfile \
576df0 
        --with-suexec-syslog \
576df0 
        --with-suexec-bin=%{_sbindir}/suexec \
576df0 
        --with-suexec-uidmin=1000 --with-suexec-gidmin=1000 \
576df0 
        --with-brotli \
576df0 
        --enable-pie \
576df0 
        --with-pcre \
576df0 
        --enable-mods-shared=all \
576df0 
        --enable-ssl --with-ssl --disable-distcache \
576df0 
        --enable-proxy --enable-proxy-fdpass \
576df0 
        --enable-cache \
576df0 
        --enable-disk-cache \
576df0 
        --enable-ldap --enable-authnz-ldap \
576df0 
        --enable-cgid --enable-cgi \
576df0 
        --enable-cgid-fdpassing \
576df0 
        --enable-authn-anon --enable-authn-alias \
576df0 
        --disable-imagemap --disable-file-cache \
576df0 
        --disable-http2 \
576df0 
        --disable-md \
576df0 
        $*
576df0 
make %{?_smp_mflags}
576df0
576df0 
%install
576df0 
rm -rf $RPM_BUILD_ROOT
576df0
576df0 
make DESTDIR=$RPM_BUILD_ROOT install
576df0
576df0 
# Install systemd service files
576df0 
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
576df0 
for s in httpd.service htcacheclean.service httpd.socket \
576df0 
         httpd@.service httpd-init.service; do
576df0 
  install -p -m 644 $RPM_SOURCE_DIR/${s} \
576df0 
                    $RPM_BUILD_ROOT%{_unitdir}/${s}
576df0 
done
576df0
576df0 
# install conf file/directory
576df0 
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
576df0 
      $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d
576df0 
install -m 644 $RPM_SOURCE_DIR/README.confd \
576df0 
    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
576df0 
install -m 644 $RPM_SOURCE_DIR/README.confmod \
576df0 
    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/README
576df0 
for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
576df0 
         00-proxy.conf 00-ssl.conf 01-ldap.conf 00-proxyhtml.conf \
576df0 
         01-ldap.conf 00-systemd.conf 01-session.conf 00-optional.conf; do
576df0 
  install -m 644 -p $RPM_SOURCE_DIR/$f \
576df0 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
576df0 
done
576df0
576df0 
sed -i '/^#LoadModule mpm_%{mpm}_module /s/^#//' \
576df0 
     $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/00-mpm.conf
576df0 
touch -r $RPM_SOURCE_DIR/00-mpm.conf \
576df0 
     $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/00-mpm.conf
576df0
576df0 
# install systemd override drop directory
576df0 
# Web application packages can drop snippets into this location if
576df0 
# they need ExecStart[pre|post].
576df0 
mkdir $RPM_BUILD_ROOT%{_unitdir}/httpd.service.d
576df0 
mkdir $RPM_BUILD_ROOT%{_unitdir}/httpd.socket.d
576df0
576df0 
install -m 644 -p $RPM_SOURCE_DIR/10-listen443.conf \
576df0 
      $RPM_BUILD_ROOT%{_unitdir}/httpd.socket.d/10-listen443.conf
576df0
576df0 
for f in welcome.conf ssl.conf manual.conf userdir.conf; do
576df0 
  install -m 644 -p $RPM_SOURCE_DIR/$f \
576df0 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
576df0 
done
576df0
576df0 
# Split-out extra config shipped as default in conf.d:
576df0 
for f in autoindex; do
576df0 
  install -m 644 docs/conf/extra/httpd-${f}.conf \
576df0 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/${f}.conf
576df0 
done
576df0
576df0 
# Extra config trimmed:
576df0 
rm -v docs/conf/extra/httpd-{ssl,userdir}.conf
576df0
576df0 
rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
576df0 
install -m 644 -p $RPM_SOURCE_DIR/httpd.conf \
576df0 
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
576df0
576df0 
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
576df0 
install -m 644 -p $RPM_SOURCE_DIR/htcacheclean.sysconf \
576df0 
   $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/htcacheclean
576df0
576df0 
# tmpfiles.d configuration
576df0 
mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d
576df0 
install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
576df0 
   $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/httpd.conf
576df0
576df0 
# Other directories
576df0 
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav \
576df0 
         $RPM_BUILD_ROOT%{_localstatedir}/lib/httpd \
576df0 
         $RPM_BUILD_ROOT/run/httpd/htcacheclean
576df0
576df0 
# Substitute in defaults which are usually done (badly) by "make install"
576df0 
sed -i \
576df0 
   "s,@@ServerRoot@@/var,%{_localstatedir}/lib/dav,;
576df0 
    s,@@ServerRoot@@/user.passwd,/etc/httpd/conf/user.passwd,;
576df0 
    s,@@ServerRoot@@/docs,%{docroot},;
576df0 
    s,@@ServerRoot@@,%{docroot},;
576df0 
    s,@@Port@@,80,;" \
576df0 
    docs/conf/extra/*.conf
576df0
576df0 
# Create cache directory
576df0 
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd \
576df0 
         $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/proxy \
576df0 
         $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/ssl
576df0
576df0 
# Make the MMN accessible to module packages
576df0 
echo %{mmnisa} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn
576df0 
mkdir -p $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d
576df0 
cat > $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d/macros.httpd <
576df0 
%%_httpd_mmn %{mmnisa}
576df0 
%%_httpd_apxs %%{_bindir}/apxs
576df0 
%%_httpd_modconfdir %%{_sysconfdir}/httpd/conf.modules.d
576df0 
%%_httpd_confdir %%{_sysconfdir}/httpd/conf.d
576df0 
%%_httpd_contentdir %{contentdir}
576df0 
%%_httpd_moddir %%{_libdir}/httpd/modules
576df0 
EOF
576df0
576df0 
# Handle contentdir
576df0 
mkdir $RPM_BUILD_ROOT%{contentdir}/noindex
5183f0 
ln -s ../../testpage/index.html \
5183f0 
      $RPM_BUILD_ROOT%{contentdir}/noindex/index.html
576df0 
rm -rf %{contentdir}/htdocs
576df0
576df0 
# remove manual sources
576df0 
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
576df0 
    -name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
576df0 
    \) -print0 | xargs -0 rm -f
576df0
576df0 
# Strip the manual down just to English and replace the typemaps with flat files:
576df0 
set +x
576df0 
for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
576df0 
   if test -f ${f}.en; then
576df0 
      cp ${f}.en ${f}
576df0 
      rm ${f}.*
576df0 
   fi
576df0 
done
576df0 
set -x
576df0
576df0 
# Clean Document Root
576df0 
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
576df0 
      $RPM_BUILD_ROOT%{docroot}/cgi-bin/*
576df0
576df0 
# Symlink for the powered-by-$DISTRO image:
576df0 
ln -s ../../pixmaps/poweredby.png \
576df0 
        $RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
576df0
576df0 
# symlinks for /etc/httpd
576df0 
rmdir $RPM_BUILD_ROOT/etc/httpd/{state,run}
576df0 
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
576df0 
ln -s ../..%{_localstatedir}/lib/httpd $RPM_BUILD_ROOT/etc/httpd/state
576df0 
ln -s /run/httpd $RPM_BUILD_ROOT/etc/httpd/run
576df0 
ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
576df0
576df0 
# install http-ssl-pass-dialog
576df0 
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}
576df0 
install -m755 $RPM_SOURCE_DIR/httpd-ssl-pass-dialog \
576df0 
        $RPM_BUILD_ROOT%{_libexecdir}/httpd-ssl-pass-dialog
576df0
576df0 
# install http-ssl-gencerts
576df0 
install -m755 $RPM_SOURCE_DIR/httpd-ssl-gencerts \
576df0 
        $RPM_BUILD_ROOT%{_libexecdir}/httpd-ssl-gencerts
576df0
576df0 
# Install action scripts
576df0 
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd
576df0 
for f in graceful configtest; do
576df0 
    install -p -m 755 $RPM_SOURCE_DIR/action-${f}.sh \
576df0 
            $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd/${f}
576df0 
done
576df0
576df0 
# Install logrotate config
576df0 
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
576df0 
install -m 644 -p $RPM_SOURCE_DIR/httpd.logrotate \
576df0 
        $RPM_BUILD_ROOT/etc/logrotate.d/httpd
576df0
576df0 
# Install man pages
576df0 
install -d $RPM_BUILD_ROOT%{_mandir}/man8 $RPM_BUILD_ROOT%{_mandir}/man5
576df0 
install -m 644 -p httpd.service.8 httpd-init.service.8 httpd.socket.8 \
576df0 
        httpd@.service.8  htcacheclean.service.8 \
576df0 
        $RPM_BUILD_ROOT%{_mandir}/man8
576df0 
install -m 644 -p httpd.conf.5 \
576df0 
        $RPM_BUILD_ROOT%{_mandir}/man5
576df0
576df0 
# fix man page paths
576df0 
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
576df0 
    -e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
576df0 
    -e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
576df0 
    -e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
576df0 
    -e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
576df0 
    -e "s|/usr/local/apache2/logs/httpd.pid|/run/httpd/httpd.pid|" \
576df0 
    -e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
576df0 
  > $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
576df0
576df0 
# Make ap_config_layout.h libdir-agnostic
576df0 
sed -i '/.*DEFAULT_..._LIBEXECDIR/d;/DEFAULT_..._INSTALLBUILDDIR/d' \
576df0 
    $RPM_BUILD_ROOT%{_includedir}/httpd/ap_config_layout.h
576df0
576df0 
# Fix path to instdso in special.mk
576df0 
sed -i '/instdso/s,top_srcdir,top_builddir,' \
576df0 
    $RPM_BUILD_ROOT%{_libdir}/httpd/build/special.mk
576df0
576df0 
# Remove unpackaged files
576df0 
rm -vf \
576df0 
      $RPM_BUILD_ROOT%{_libdir}/*.exp \
576df0 
      $RPM_BUILD_ROOT/etc/httpd/conf/mime.types \
576df0 
      $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
576df0 
      $RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
576df0 
      $RPM_BUILD_ROOT%{_bindir}/{ap?-config,dbmmanage} \
576df0 
      $RPM_BUILD_ROOT%{_sbindir}/{checkgid,envvars*} \
576df0 
      $RPM_BUILD_ROOT%{contentdir}/htdocs/* \
576df0 
      $RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
576df0 
      $RPM_BUILD_ROOT%{contentdir}/cgi-bin/*
576df0
576df0 
rm -rf $RPM_BUILD_ROOT/etc/httpd/conf/{original,extra}
576df0
576df0 
%pre filesystem
576df0 
getent group apache >/dev/null || groupadd -g 48 -r apache
576df0 
getent passwd apache >/dev/null || \
576df0 
  useradd -r -u 48 -g apache -s /sbin/nologin \
576df0 
    -d %{contentdir} -c "Apache" apache
576df0 
exit 0
576df0
576df0 
%post
576df0 
%systemd_post httpd.service htcacheclean.service httpd.socket
576df0
576df0 
%preun
576df0 
%systemd_preun httpd.service htcacheclean.service httpd.socket
576df0
576df0 
%postun
576df0 
%systemd_postun httpd.service htcacheclean.service httpd.socket
576df0
576df0 
# Trigger for conversion from SysV, per guidelines at:
576df0 
# https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd
576df0 
%triggerun -- httpd < 2.2.21-5
576df0 
# Save the current service runlevel info
576df0 
# User must manually run systemd-sysv-convert --apply httpd
576df0 
# to migrate them to systemd targets
576df0 
/usr/bin/systemd-sysv-convert --save httpd.service >/dev/null 2>&1 ||:
576df0
576df0 
# Run these because the SysV package being removed won't do them
576df0 
/sbin/chkconfig --del httpd >/dev/null 2>&1 || :
576df0
576df0 
%posttrans
576df0 
test -f /etc/sysconfig/httpd-disable-posttrans || \
576df0 
  /bin/systemctl try-restart --no-block httpd.service htcacheclean.service >/dev/null 2>&1 || :
576df0
576df0 
%check
576df0 
# Check the built modules are all PIC
576df0 
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
576df0 
   : modules contain non-relocatable code
576df0 
   exit 1
576df0 
fi
576df0 
set +x
576df0 
rv=0
576df0 
# Ensure every mod_* that's built is loaded.
576df0 
for f in $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so; do
576df0 
  m=${f##*/}
576df0 
  if ! grep -q $m $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf; then
576df0 
    echo ERROR: Module $m not configured.  Disable it, or load it.
576df0 
    rv=1
576df0 
  fi
576df0 
done
576df0 
# Ensure every loaded mod_* is actually built
576df0 
mods=`grep -h ^LoadModule $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf | sed 's,.*modules/,,'`
576df0 
for m in $mods; do
576df0 
  f=$RPM_BUILD_ROOT%{_libdir}/httpd/modules/${m}
576df0 
  if ! test -x $f; then
576df0 
    echo ERROR: Module $m is configured but not built.
576df0 
    rv=1
576df0 
  fi
576df0 
done
576df0 
set -x
576df0 
exit $rv
576df0
576df0 
%clean
576df0 
rm -rf $RPM_BUILD_ROOT
576df0
576df0 
%files
576df0 
%defattr(-,root,root)
576df0
576df0 
%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING NOTICE
576df0 
%doc docs/conf/extra/*.conf
576df0 
%doc instance.conf
576df0
576df0 
%{_sysconfdir}/httpd/modules
576df0 
%{_sysconfdir}/httpd/logs
576df0 
%{_sysconfdir}/httpd/state
576df0 
%{_sysconfdir}/httpd/run
576df0 
%dir %{_sysconfdir}/httpd/conf
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
576df0
576df0 
%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
576df0
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
576df0 
%exclude %{_sysconfdir}/httpd/conf.d/ssl.conf
576df0 
%exclude %{_sysconfdir}/httpd/conf.d/manual.conf
576df0
576df0 
%dir %{_sysconfdir}/httpd/conf.modules.d
576df0 
%{_sysconfdir}/httpd/conf.modules.d/README
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
576df0 
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
576df0 
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
576df0 
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
576df0 
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
576df0
576df0 
%config(noreplace) %{_sysconfdir}/sysconfig/htcacheclean
576df0 
%{_prefix}/lib/tmpfiles.d/httpd.conf
576df0
576df0 
%dir %{_libexecdir}/initscripts/legacy-actions/httpd
576df0 
%{_libexecdir}/initscripts/legacy-actions/httpd/*
576df0
576df0 
%{_sbindir}/ht*
576df0 
%{_sbindir}/fcgistarter
576df0 
%{_sbindir}/apachectl
576df0 
%{_sbindir}/rotatelogs
576df0 
%caps(cap_setuid,cap_setgid+pe) %attr(510,root,%{suexec_caller}) %{_sbindir}/suexec
576df0
576df0 
%dir %{_libdir}/httpd
576df0 
%dir %{_libdir}/httpd/modules
576df0 
%{_libdir}/httpd/modules/mod*.so
576df0 
%exclude %{_libdir}/httpd/modules/mod_auth_form.so
576df0 
%exclude %{_libdir}/httpd/modules/mod_ssl.so
576df0 
%exclude %{_libdir}/httpd/modules/mod_*ldap.so
576df0 
%exclude %{_libdir}/httpd/modules/mod_proxy_html.so
576df0 
%exclude %{_libdir}/httpd/modules/mod_xml2enc.so
576df0 
%exclude %{_libdir}/httpd/modules/mod_session*.so
576df0
576df0 
%dir %{contentdir}/error
576df0 
%dir %{contentdir}/error/include
576df0 
%dir %{contentdir}/noindex
576df0 
%{contentdir}/icons/*
576df0 
%{contentdir}/error/README
576df0 
%{contentdir}/error/*.var
576df0 
%{contentdir}/error/include/*.html
5183f0 
%{contentdir}/noindex/index.html
576df0
576df0 
%attr(0710,root,apache) %dir /run/httpd
576df0 
%attr(0700,apache,apache) %dir /run/httpd/htcacheclean
576df0 
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
576df0 
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
576df0 
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/httpd
576df0 
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
576df0 
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd/proxy
576df0
576df0 
%{_mandir}/man8/*
576df0 
%{_mandir}/man5/*
576df0 
%exclude %{_mandir}/man8/httpd-init.*
576df0
576df0 
%{_unitdir}/httpd.service
576df0 
%{_unitdir}/httpd@.service
576df0 
%{_unitdir}/htcacheclean.service
576df0 
%{_unitdir}/*.socket
576df0
576df0 
%files filesystem
576df0 
%dir %{_sysconfdir}/httpd
576df0 
%dir %{_sysconfdir}/httpd/conf.d
576df0 
%{_sysconfdir}/httpd/conf.d/README
576df0 
%dir %{docroot}
576df0 
%dir %{docroot}/cgi-bin
576df0 
%dir %{docroot}/html
576df0 
%dir %{contentdir}
576df0 
%dir %{contentdir}/icons
576df0 
%attr(755,root,root) %dir %{_unitdir}/httpd.service.d
576df0 
%attr(755,root,root) %dir %{_unitdir}/httpd.socket.d
576df0
576df0 
%files tools
576df0 
%defattr(-,root,root)
576df0 
%{_bindir}/*
576df0 
%{_mandir}/man1/*
576df0 
%doc LICENSE NOTICE
576df0 
%exclude %{_bindir}/apxs
576df0 
%exclude %{_mandir}/man1/apxs.1*
576df0
576df0 
%files manual
576df0 
%defattr(-,root,root)
576df0 
%{contentdir}/manual
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
576df0
576df0 
%files -n mod_ssl
576df0 
%defattr(-,root,root)
576df0 
%{_libdir}/httpd/modules/mod_ssl.so
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
576df0 
%attr(0700,apache,root) %dir %{_localstatedir}/cache/httpd/ssl
576df0 
%{_unitdir}/httpd-init.service
576df0 
%{_libexecdir}/httpd-ssl-pass-dialog
576df0 
%{_libexecdir}/httpd-ssl-gencerts
576df0 
%{_unitdir}/httpd.socket.d/10-listen443.conf
576df0 
%{_mandir}/man8/httpd-init.*
576df0
576df0 
%files -n mod_proxy_html
576df0 
%defattr(-,root,root)
576df0 
%{_libdir}/httpd/modules/mod_proxy_html.so
576df0 
%{_libdir}/httpd/modules/mod_xml2enc.so
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
576df0
576df0 
%files -n mod_ldap
576df0 
%defattr(-,root,root)
576df0 
%{_libdir}/httpd/modules/mod_*ldap.so
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
576df0
576df0 
%files -n mod_session
576df0 
%defattr(-,root,root)
576df0 
%{_libdir}/httpd/modules/mod_session*.so
576df0 
%{_libdir}/httpd/modules/mod_auth_form.so
576df0 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
576df0
576df0 
%files devel
576df0 
%defattr(-,root,root)
576df0 
%{_includedir}/httpd
576df0 
%{_bindir}/apxs
576df0 
%{_mandir}/man1/apxs.1*
576df0 
%dir %{_libdir}/httpd/build
576df0 
%{_libdir}/httpd/build/*.mk
576df0 
%{_libdir}/httpd/build/*.sh
576df0 
%{_rpmconfigdir}/macros.d/macros.httpd
576df0
576df0 
%changelog
0ac66a 
* Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-54
0ac66a 
- Resolves: #2095650 - Dependency from mod_http2 on httpd broken
0ac66a
0ac66a 
* Wed Nov 09 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-53
0ac66a 
- Resolves: #2050888 - httpd with SSL fails to start unless hostname command
0ac66a 
  was installed
0ac66a
0ac66a 
* Mon Sep 19 2022 Tomas Korbar <tkorbar@redhat.com> - 2.4.37-52
0ac66a 
- Add the SNI support in mod_proxy_wstunnel module for Apache httpd
0ac66a 
- Resolves: rhbz#2017543
0ac66a
0ac66a 
* Mon Jul 25 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-51
0ac66a 
- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via
0ac66a 
  ap_rwrite()
0ac66a 
- Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in
0ac66a 
  ap_strcmp_match()
0ac66a 
- Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS
0ac66a 
  vulnerability
0ac66a 
- Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information
0ac66a 
  disclosure with websockets
0ac66a 
- Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy:
0ac66a 
  X-Forwarded-For dropped by hop-by-hop mechanism
0ac66a 
- Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in
0ac66a 
  r:parsebody
0ac66a 
- Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible
0ac66a 
  request smuggling
0ac66a
0ac66a 
* Tue Jun 21 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-50
0ac66a 
- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of
0ac66a 
  uninitialized value of in r:parsebody
0ac66a 
- Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer
0ac66a 
  overflow with very large or unlimited LimitXMLRequestBody
0ac66a 
- Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write
0ac66a 
  beyond bounds
0ac66a
0ac66a 
* Fri Jun 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-49
0ac66a 
- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer
0ac66a 
  dereference
0ac66a
0ac66a 
* Mon Mar 21 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-48
0ac66a 
- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling
692b48 
  vulnerability in Apache HTTP Server 2.4.52 and earlier
692b48
692b48 
* Thu Jan 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-47
692b48 
- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference
692b48 
  or SSRF in forward proxy configurations
692b48
692b48 
* Mon Jan 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-46
692b48 
- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer
692b48 
  overflow when parsing multipart content
692b48
692b48 
* Thu Jan 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-45
692b48 
- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi:
692b48 
  out-of-bounds read via a crafted request uri-path
692b48 
- Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via
692b48 
  HTTP/2 method injection and mod_proxy
692b48
692b48 
* Mon Nov 29 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-44
692b48 
- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack
692b48 
  overflow in mod_auth_digest
692b48 
- Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8
692b48 
- Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer
692b48 
  dereference via malformed requests
692b48 
- Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high
692b48 
  memory consumption
692b48 
- Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in
692b48 
  ap_escape_quotes() via malicious input
692b48
692b48 
* Tue Oct 26 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-43
692b48 
- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via
692b48 
  a crafted request uri-path
692b48
692b48 
* Thu Sep 30 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-42
692b48 
- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via
692b48 
  a crafted request uri-path
692b48 
- Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in
692b48 
  mod_session
692b48
692b48 
* Fri Jul 09 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-41
692b48 
- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records
692b48 
- Resolves: #1905613 - mod_ssl does not like valid certificate chain
692b48 
- Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for
692b48 
  usertrack
692b48 
- Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression
692b48 
- Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer
692b48 
  dereference in parser
692b48 
- Resolves: #1934741 - Apache trademark update - new logo
692b48
5183f0 
* Fri May 14 2021 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-40
5183f0 
- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML
5183f0 
- Resolves: #1937334 - SSLProtocol with based virtual hosts
5183f0
5183f0 
* Tue Jan 26 2021 Artem Egorenkov <aegorenk@redhat.com> - 2.4.37-39
5183f0 
- prevent htcacheclean from while break when first file processed
5183f0
5183f0 
* Tue Jan 26 2021 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-38
5183f0 
- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache
5183f0
5183f0 
* Wed Dec 09 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-37
5183f0 
- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile
5183f0 
  to be able to handle certs without matching private key
5183f0
5183f0 
* Mon Nov 30 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-36
5183f0 
- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd
5183f0 
  mod_proxy_wstunnel
5183f0 
- Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()
5183f0
5183f0 
* Wed Nov 11 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-35
5183f0 
- Resolves: #1651376 - centralizing default index.html for httpd
5183f0
5183f0 
* Fri Nov 06 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-33
5183f0 
- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool
5183f0 
  concurrency issues
5183f0 
- Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending
5183f0 
  a client cert to backend server
5183f0 
- Resolves: #1680118 - unorderly connection close when client attempts
5183f0 
  renegotiation
5183f0
5183f0 
* Thu Oct 29 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-31
5183f0 
- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does
5183f0 
  not respect expiry time
5183f0 
- Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer
5183f0 
  overflow
5183f0 
- Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package
5183f0 
- Resolves: #1869576 - httpd : mod_proxy should allow to specify
5183f0 
  Proxy-Authorization in ProxyRemote directive
5183f0 
- Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout
5183f0 
- Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in
5183f0 
  a balancer
5183f0
576df0 
* Mon Jun 15 2020 Joe Orton <jorton@redhat.com> - 2.4.37-30
576df0 
- Resolves: #1209162 - support logging to journald from CustomLog
576df0
576df0 
* Mon Jun 08 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-29
576df0 
- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of
576df0 
  uninitialized value
576df0
576df0 
* Fri May 29 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-28
576df0 
- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http
576df0 
  doesn't work
576df0
576df0 
* Tue Apr 14 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-27
576df0 
- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations
576df0 
  vulnerable to open redirect
576df0 
- Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential
576df0 
  open redirect
576df0 
- Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site
576df0 
  scripting in mod_proxy error page
576df0 
- Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference
576df0 
  in mod_remoteip
576df0 
- Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http
576df0 
  doesn't work
576df0 
- Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive
576df0
576df0 
* Mon Dec 02 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-21
576df0 
- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails:
576df0 
  Re-negotiation handshake failed: Client certificate missing
576df0
576df0 
* Sun Dec 01 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-20
576df0 
- Resolves: #1704317 - Add support for SSLKEYLOGFILE
576df0
576df0 
* Thu Nov 28 2019 Joe Orton <jorton@redhat.com> - 2.4.37-19
576df0 
- mod_cgid: enable fd passing (#1633224)
576df0
576df0 
* Mon Nov 18 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-18
576df0 
- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection
576df0 
- Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility
576df0 
- Resolves: #1633224 - mod_cgid logging issues
576df0
576df0 
* Wed Oct 02 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-17
576df0 
- remove bundled mod_md module
576df0 
- Related: #1747898 - add mod_md package
576df0
576df0 
* Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-16
576df0 
- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount
576df0 
  of data request leads to denial of service
576df0 
- Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length
576df0 
  headers leads to denial of service
576df0 
- Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for
576df0 
  large response leads to denial of service
576df0
576df0 
* Tue Jul 16 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-15
576df0 
- Resolves: #1730721 - absolute path used for default state and runtime dir by
576df0 
  default
576df0
576df0 
* Thu Jun 27 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-14
576df0 
- Resolves: #1724549 - httpd response contains garbage in Content-Type header
576df0
576df0 
* Wed Jun 12 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-13
576df0 
- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access
576df0 
  control bypass due to race condition
576df0 
- Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization
576df0 
  inconsistency
576df0 
- Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd
576df0 
  causes systemctl to hang
576df0 
- Resolves: #1673022 - httpd can not be started with mod_md enabled
576df0
576df0 
* Mon Apr 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-11
576df0 
- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation
576df0 
  from modules scripts
576df0 
- Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control
576df0 
  bypass when using per-location client certification authentication
576df0
576df0 
* Wed Feb 06 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-10
576df0 
- Resolves: #1672977 - state-dir corruption on reload
576df0
576df0 
* Tue Feb 05 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-9
576df0 
- Resolves: #1670716 - Coredump when starting in FIPS mode
576df0
576df0 
* Fri Feb  1 2019 Joe Orton <jorton@redhat.com> - 2.4.37-8
576df0 
- add security fix for CVE-2019-0190 (#1671282)
576df0
576df0 
* Tue Dec 11 2018 Joe Orton <jorton@redhat.com> - 2.4.37-7
576df0 
- add DefaultStateDir/ap_state_dir_relative() (#1653009)
576df0 
- mod_dav_fs: use state dir for default DAVLockDB
576df0 
- mod_md: use state dir for default MDStoreDir
576df0
576df0 
* Mon Dec 10 2018 Joe Orton <jorton@redhat.com> - 2.4.37-6
576df0 
- add httpd.conf(5) (#1611361)
576df0
576df0 
* Mon Nov 26 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-5
576df0 
- Resolves: #1652966 - Missing RELEASE in http header
576df0
576df0 
* Fri Nov 23 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-4
576df0 
- Resolves: #1641951 - No Documentation= line in htcacheclean.service files
576df0
576df0 
* Fri Nov 23 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-3
576df0 
- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden
576df0
576df0 
* Thu Nov 22 2018 Joe Orton <jorton@redhat.com> - 2.4.37-2
576df0 
- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)
576df0
576df0 
* Wed Nov 21 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-1
576df0 
- Resolves: #1644625 - httpd rebase to 2.4.37
576df0
576df0 
* Thu Oct 18 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.35-10
576df0 
- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen
576df0
576df0 
* Tue Oct 16 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.35-9
576df0 
- mod_ssl: allow sending multiple CA names which differ only in case
576df0
576df0 
* Tue Oct 16 2018 Joe Orton <jorton@redhat.com> - 2.4.35-7
576df0 
- mod_ssl: drop SSLRandomSeed from default config (#1638730)
576df0 
- mod_ssl: follow OpenSSL protocol defaults if SSLProtocol
576df0 
     is not configured (Rob Crittenden, #1638738)
576df0
576df0 
* Mon Oct 15 2018 Joe Orton <jorton@redhat.com> - 2.4.35-5
576df0 
- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert
576df0
576df0 
* Mon Oct 15 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.35-4
576df0 
- Resolves: #1635681 - sync with Fedora 28/29 httpd
576df0 
- comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default
576df0 
  configuration; now follow OpenSSL system default (#1468322)
576df0 
- dropped NPN support
576df0 
- mod_md: change hard-coded default MdStoreDir to state/md (#1563846)
576df0 
- don't block on service try-restart in posttrans scriptlet
576df0 
- build and load mod_brotli
576df0 
- mod_systemd: show bound ports in status and log to journal
576df0 
  at startup
576df0 
- updated httpd.service.xml man page
576df0 
- tweak wording in privkey passphrase prompt
576df0 
- drop sslmultiproxy patch
576df0 
- apachectl: don't read /etc/sysconfig/httpd
576df0 
- drop irrelevant Obsoletes for devel subpackage
576df0 
- move instantiated httpd@.service to main httpd package
576df0
576df0 
* Mon Oct 15 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.35-3
576df0 
- Resolves: #1602548 - various covscan fixes
576df0
576df0 
* Thu Sep 27 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.35-2
576df0 
- apache httpd can work with TLS 1.3 (#1617997)
576df0 
- drop SSLv3 support patch
576df0
576df0 
* Thu Sep 27 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.35-1
576df0 
- new version 2.4.35 (#1632754)
576df0
576df0 
* Mon Sep 03 2018 Lubos Uhliarik <luhliari@redhat.com> - 2.4.33-4
576df0 
- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All"
576df0 
  configuration (#1622630)
576df0
576df0 
* Thu Jul 26 2018 Joe Orton <jorton@redhat.com> - 2.4.33-3
576df0 
- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)
576df0
576df0 
* Mon Apr 30 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.33-2
576df0 
- new version 2.4.33
576df0 
- add mod_md subpackage; load mod_proxy_uwsgi by default
576df0
576df0 
* Mon Apr 30 2018 Joe Orton <jorton@redhat.com> - 2.4.28-8
576df0 
- remove %%ghosted /etc/sysconfig/httpd (#1572676)
576df0
576df0 
* Wed Mar 07 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.28-2
576df0 
- Resolves: #1512563 - httpd: update welcome page branding
576df0 
- Resolves: #1511123 - RFE: httpd use event MPM by default
576df0 
- Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen
576df0
576df0 
* Fri Oct 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.28-1
576df0 
- new version 2.4.28
576df0
576df0 
* Tue Oct  3 2017 Joe Orton <jorton@redhat.com> - 2.4.27-14
576df0 
- add notes on enabling httpd_graceful_shutdown boolean for prefork
576df0
576df0 
* Fri Sep 22 2017 Joe Orton <jorton@redhat.com> - 2.4.27-13
576df0 
- drop Requires(post) for mod_ssl
576df0
576df0 
* Fri Sep 22 2017 Joe Orton <jorton@redhat.com> - 2.4.27-12
576df0 
- better error handling in httpd-ssl-gencerts (#1494556)
576df0
576df0 
* Thu Sep 21 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.4.27-11
576df0 
- Require sscg 2.2.0 for creating service and CA certificates together
576df0
576df0 
* Thu Sep 21 2017 Jeroen van Meeuwen <kanarip@fedoraproject.org> - 2.4.27-10
576df0 
- Address CVE-2017-9798 by applying patch from upstream (#1490344)
576df0
576df0 
* Thu Sep 21 2017 Joe Orton <jorton@redhat.com> - 2.4.27-9
576df0 
- use sscg defaults; append CA cert to generated cert
576df0 
- document httpd-init.service in httpd-init.service(8)
576df0
576df0 
* Thu Sep 21 2017 Jeroen van Meeuwen <kanarip@fedoraproject.org> - 2.4.27-8
576df0 
- Address CVE-2017-9798 by applying patch from upstream (#1490344)
576df0
576df0 
* Wed Sep 20 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.4.27-8.1
576df0 
- Generate SSL certificates on service start, not %%posttrans
576df0
576df0 
* Tue Sep 19 2017 Joe Orton <jorton@redhat.com> - 2.4.27-8.1
576df0 
- move httpd.service.d, httpd.socket.d dirs to -filesystem
576df0
576df0 
* Wed Sep 13 2017 Joe Orton <jorton@redhat.com> - 2.4.27-7
576df0 
- add new content-length filter (upstream PR 61222)
576df0
576df0 
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.27-6
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
576df0
576df0 
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.27-5
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
576df0
576df0 
* Tue Jul 18 2017 Joe Orton <jorton@redhat.com> - 2.4.27-4
576df0 
- update mod_systemd (r1802251)
576df0
576df0 
* Mon Jul 17 2017 Joe Orton <jorton@redhat.com> - 2.4.27-3
576df0 
- switch to event by default for Fedora 27 and later (#1471708)
576df0
576df0 
* Wed Jul 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-2
576df0 
- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig
576df0
576df0 
* Mon Jul 10 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-1
576df0 
- new version 2.4.27
576df0
576df0 
* Fri Jun 30 2017 Joe Orton <jorton@redhat.com> - 2.4.26-2
576df0 
- mod_proxy_fcgi: fix further regressions (PR 61202)
576df0
576df0 
* Mon Jun 19 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-1
576df0 
- new version 2.4.26
576df0
576df0 
* Mon Jun  5 2017 Joe Orton <jorton@redhat.com> - 2.4.25-10
576df0 
- move unit man pages to section 8, add as Documentation= in units
576df0
576df0 
* Fri May 19 2017 Joe Orton <jorton@redhat.com> - 2.4.25-9
576df0 
- add httpd.service(5) and httpd.socket(5) man pages
576df0
576df0 
* Tue May 16 2017 Joe Orton <jorton@redhat.com> - 2.4.25-8
576df0 
- require mod_http2, now packaged separately
576df0
576df0 
* Wed Mar 29 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-7
576df0 
- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp:
576df0 
  patch to set worker secret passed to tomcat
576df0
576df0 
* Tue Mar 28 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-6
576df0 
- Resolves: #1434916 - httpd.service: Failed with result timeout
576df0
576df0 
* Fri Mar 24 2017 Joe Orton <jorton@redhat.com> - 2.4.25-5
576df0 
- link only httpd, not support/* against -lselinux -lsystemd
576df0
576df0 
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.25-4
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
576df0
576df0 
* Thu Jan 12 2017 Joe Orton <jorton@redhat.com> - 2.4.25-3
576df0 
- mod_watchdog: restrict thread lifetime (#1410883)
576df0
576df0 
* Thu Dec 22 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-2
576df0 
- Resolves: #1358875 - require nghttp2 >= 1.5.0
576df0
576df0 
* Thu Dec 22 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-1
576df0 
- new version 2.4.25
576df0
576df0 
* Mon Dec 05 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.4.23-7
576df0 
- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of
576df0 
  LimitRequestFields directive in mod_http2
576df0
576df0 
* Mon Nov 14 2016 Joe Orton <jorton@redhat.com> - 2.4.23-6
576df0 
- fix build with OpenSSL 1.1 (#1392900)
576df0 
- fix typos in ssl.conf (josef randinger, #1379407)
576df0
576df0 
* Wed Nov  2 2016 Joe Orton <jorton@redhat.com> - 2.4.23-5
576df0 
- no longer package /etc/sysconfig/httpd
576df0 
- synch ssl.conf with upstream
576df0
576df0 
* Mon Jul 18 2016 Joe Orton <jorton@redhat.com> - 2.4.23-4
576df0 
- add security fix for CVE-2016-5387
576df0
576df0 
* Thu Jul  7 2016 Joe Orton <jorton@redhat.com> - 2.4.23-3
576df0 
- load mod_watchdog by default (#1353582)
576df0
576df0 
* Thu Jul  7 2016 Joe Orton <jorton@redhat.com> - 2.4.23-2
576df0 
- restore build of mod_proxy_fdpass (#1325883)
576df0 
- improve check tests to catch configured-but-not-built modules
576df0
576df0 
* Thu Jul  7 2016 Joe Orton <jorton@redhat.com> - 2.4.23-1
576df0 
- update to 2.4.23 (#1325883, #1353203)
576df0 
- load mod_proxy_hcheck
576df0 
- recommend use of "systemctl edit" in httpd.service
576df0
576df0 
* Thu Apr  7 2016 Joe Orton <jorton@redhat.com> - 2.4.18-6
576df0 
- have "apachectl graceful" start httpd if not running, per man page
576df0
576df0 
* Wed Apr  6 2016 Joe Orton <jorton@redhat.com> - 2.4.18-5
576df0 
- use redirects for lang-specific /manual/ URLs
576df0
576df0 
* Fri Mar 18 2016 Joe Orton <jorton@redhat.com> - 2.4.18-4
576df0 
- fix welcome page HTML validity (Ville Skyttä)
576df0
576df0 
* Fri Mar 18 2016 Joe Orton <jorton@redhat.com> - 2.4.18-3
576df0 
- remove httpd pre script (duplicate of httpd-filesystem's)
576df0 
- in httpd-filesystem pre script, create group/user iff non-existent
576df0
576df0 
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.18-2
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
576df0
576df0 
* Mon Dec 14 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-1
576df0 
- update to new version 2.4.18
576df0
576df0 
* Wed Dec  9 2015 Joe Orton <jorton@redhat.com> - 2.4.17-4
576df0 
- re-enable mod_asis due to popular demand (#1284315)
576df0
576df0 
* Mon Oct 26 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.17-3
576df0 
- fix crash when using -X argument (#1272234)
576df0
576df0 
* Wed Oct 14 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.17-2
576df0 
- rebase socket activation patch to 2.4.17
576df0
576df0 
* Tue Oct 13 2015 Joe Orton <jorton@redhat.com> - 2.4.17-1
576df0 
- update to 2.4.17 (#1271224)
576df0 
- build, load mod_http2
576df0 
- don't build mod_asis, mod_file_cache
576df0 
- load mod_cache_socache, mod_proxy_wstunnel by default
576df0 
- check every built mod_* is configured
576df0 
- synch ssl.conf with upstream; disable SSLv3 by default
576df0
576df0 
* Wed Jul 15 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-4
576df0 
- update to 2.4.16
576df0
576df0 
* Tue Jul  7 2015 Joe Orton <jorton@redhat.com> - 2.4.12-3
576df0 
- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars
576df0
576df0 
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.12-2
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
576df0
576df0 
* Fri Mar 27 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-1
576df0 
- update to 2.4.12
576df0
576df0 
* Tue Mar 24 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-17
576df0 
- fix compilation with lua-5.3
576df0
576df0 
* Tue Mar 24 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-16
576df0 
- remove filter for auto-provides of httpd modules, it is not needed since F20
576df0
576df0 
* Wed Dec 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-15
576df0 
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
576df0 
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
576df0 
- mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583)
576df0 
- mod_lua: fix handling of the Require line when a LuaAuthzProvider is used
576df0 
  in multiple Require directives with different arguments (CVE-2014-8109)
576df0
576df0 
* Tue Oct 14 2014 Joe Orton <jorton@redhat.com> - 2.4.10-14
576df0 
- require apr-util 1.5.x
576df0
576df0 
* Thu Sep 18 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-13
576df0 
- use NoDelay and DeferAcceptSec in httpd.socket
576df0
576df0 
* Mon Sep 08 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-12
576df0 
- increase suexec minimum acceptable uid/gid to 1000 (#1136391)
576df0
576df0 
* Wed Sep 03 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-11
576df0 
- fix hostname requirement and conflict with openssl-libs
576df0
576df0 
* Mon Sep 01 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-10
576df0 
- use KillMode=mixed in httpd.service (#1135122)
576df0
576df0 
* Fri Aug 29 2014 Joe Orton <jorton@redhat.com> - 2.4.10-9
576df0 
- set vstring based on /etc/os-release (Pat Riehecky, #1114539)
576df0
576df0 
* Fri Aug 29 2014 Joe Orton <jorton@redhat.com> - 2.4.10-8
576df0 
- pull in httpd-filesystem as Requires(pre) (#1128328)
576df0 
- fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348)
576df0 
- require hostname for mod_ssl post script (#1135118)
576df0
576df0 
* Fri Aug 22 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-7
576df0 
- mod_systemd: updated to the latest version
576df0 
- use -lsystemd instead of -lsystemd-daemon (#1125084)
576df0 
- fix possible crash in SIGINT handling (#958934)
576df0
576df0 
* Thu Aug 21 2014 Joe Orton <jorton@redhat.com> - 2.4.10-6
576df0 
- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119)
576df0 
- switch default ssl.conf to use PROFILE=SYSTEM (#1109119)
576df0
576df0 
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.10-5
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
576df0
576df0 
* Fri Aug 15 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-4
576df0 
- add /usr/bin/useradd dependency to -filesystem requires
576df0
576df0 
* Thu Aug 14 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-3
576df0 
- fix creating apache user in pre script (#1128328)
576df0
576df0 
* Thu Jul 31 2014 Joe Orton <jorton@redhat.com> - 2.4.10-2
576df0 
- enable mod_request by default for mod_auth_form
576df0 
- move disabled-by-default modules from 00-base.conf to 00-optional.conf
576df0
576df0 
* Mon Jul 21 2014 Joe Orton <jorton@redhat.com> - 2.4.10-1
576df0 
- update to 2.4.10
576df0 
- expand variables in docdir example configs
576df0
576df0 
* Tue Jul 08 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.9-8
576df0 
- add support for systemd socket activation (#1111648)
576df0
576df0 
* Mon Jul 07 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.9-7
576df0 
- remove conf.modules.d from httpd-filesystem subpackage (#1081453)
576df0
576df0 
* Mon Jul 07 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.9-6
576df0 
- add httpd-filesystem subpackage (#1081453)
576df0
576df0 
* Fri Jun 20 2014 Joe Orton <jorton@redhat.com> - 2.4.9-5
576df0 
- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)
576df0
576df0 
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.9-4
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
576df0
576df0 
* Fri Mar 28 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.9-3
576df0 
- add support for SetHandler + proxy (#1078970)
576df0
576df0 
* Thu Mar 27 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.9-2
576df0 
- move macros from /etc/rpm to macros.d (#1074277)
576df0 
- remove unused patches
576df0
576df0 
* Mon Mar 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.9-1
576df0 
- update to 2.4.9
576df0
576df0 
* Fri Feb 28 2014 Joe Orton <jorton@redhat.com> - 2.4.7-6
576df0 
- use 2048-bit RSA key with SHA-256 signature in dummy certificate
576df0
576df0 
* Fri Feb 28 2014 Stephen Gallagher <sgallagh@redhat.com> 2.4.7-5
576df0 
- Create drop directory for systemd snippets
576df0
576df0 
* Thu Feb 27 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.7-4
576df0 
- remove provides of old MMN, because it contained double-dash (#1068851)
576df0
576df0 
* Thu Feb 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.7-3
576df0 
- fix graceful restart using legacy actions
576df0
576df0 
* Thu Dec 12 2013 Joe Orton <jorton@redhat.com> - 2.4.7-2
576df0 
- conflict with pre-1.5.0 APR
576df0 
- fix sslsninotreq patch
576df0
576df0 
* Wed Nov 27 2013 Joe Orton <jorton@redhat.com> - 2.4.7-1
576df0 
- update to 2.4.7 (#1034071)
576df0
576df0 
* Fri Nov 22 2013 Joe Orton <jorton@redhat.com> - 2.4.6-10
576df0 
- switch to requiring system-logos-httpd (#1031288)
576df0
576df0 
* Tue Nov 12 2013 Joe Orton <jorton@redhat.com> - 2.4.6-9
576df0 
- change mmnisa to drop "-" altogether
576df0
576df0 
* Tue Nov 12 2013 Joe Orton <jorton@redhat.com> - 2.4.6-8
576df0 
- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide
576df0 
  for transition
576df0
576df0 
* Fri Nov  1 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-7
576df0 
- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg
576df0
576df0 
* Thu Oct 31 2013 Joe Orton <jorton@redhat.com> - 2.4.6-6
576df0 
- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)
576df0
576df0 
* Thu Oct 24 2013 Jan kaluza <jkaluza@redhat.com> - 2.4.6-5
576df0 
- systemd: send SIGWINCH signal without httpd -k in ExecStop
576df0
576df0 
* Mon Oct 21 2013 Joe Orton <jorton@redhat.com> - 2.4.6-4
576df0 
- load mod_macro by default (#998452)
576df0 
- add README to conf.modules.d
576df0 
- mod_proxy_http: add possible fix for threading issues (r1534321)
576df0 
- core: add fix for truncated output with CGI scripts (r1530793)
576df0
576df0 
* Thu Oct 10 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-3
576df0 
- require fedora-logos-httpd (#1009162)
576df0
576df0 
* Wed Jul 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-2
576df0 
- revert fix for dumping vhosts twice
576df0
576df0 
* Mon Jul 22 2013 Joe Orton <jorton@redhat.com> - 2.4.6-1
576df0 
- update to 2.4.6
576df0 
- mod_ssl: use revised NPN API (r1487772)
576df0
576df0 
* Thu Jul 11 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-12
576df0 
- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)
576df0 
- apxs: mention -p option in manpage
576df0
576df0 
* Tue Jul  2 2013 Joe Orton <jorton@redhat.com> - 2.4.4-11
576df0 
- add patch for aarch64 (Dennis Gilmore, #925558)
576df0
576df0 
* Mon Jul  1 2013 Joe Orton <jorton@redhat.com> - 2.4.4-10
576df0 
- remove duplicate apxs man page from httpd-tools
576df0
576df0 
* Mon Jun 17 2013 Joe Orton <jorton@redhat.com> - 2.4.4-9
576df0 
- remove zombie dbmmanage script
576df0
576df0 
* Fri May 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-8
576df0 
- return 400 Bad Request on malformed Host header
576df0
576df0 
* Fri May 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-7
576df0 
- ignore /etc/sysconfig/httpd and document systemd way of setting env variables
576df0 
  in this file
576df0
576df0 
* Mon May 20 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6
576df0 
- htpasswd/htdbm: fix hash generation bug (#956344)
576df0 
- do not dump vhosts twice in httpd -S output (#928761)
576df0 
- mod_cache: fix potential crash caused by uninitialized variable (#954109)
576df0
576df0 
* Thu Apr 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-5
576df0 
- execute systemctl reload as result of apachectl graceful
576df0 
- mod_ssl: ignore SNI hints unless required by config
576df0 
- mod_cache: forward-port CacheMaxExpire "hard" option
576df0 
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
576df0 
  is not configured.
576df0
576df0 
* Tue Apr 16 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-4
576df0 
- fix service file to not send SIGTERM after ExecStop (#906321, #912288)
576df0
576df0 
* Tue Mar 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-3
576df0 
- protect MIMEMagicFile with IfModule (#893949)
576df0
576df0 
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-2
576df0 
- really package mod_auth_form in mod_session (#915438)
576df0
576df0 
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-1
576df0 
- update to 2.4.4
576df0 
- fix duplicate ownership of mod_session config (#914901)
576df0
576df0 
* Fri Feb 22 2013 Joe Orton <jorton@redhat.com> - 2.4.3-17
576df0 
- add mod_session subpackage, move mod_auth_form there (#894500)
576df0
576df0 
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.3-16
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
576df0
576df0 
* Tue Jan  8 2013 Joe Orton <jorton@redhat.com> - 2.4.3-15
576df0 
- add systemd service for htcacheclean
576df0
576df0 
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-14
576df0 
- drop patch for r1344712
576df0
576df0 
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-13
576df0 
- filter mod_*.so auto-provides (thanks to rcollet)
576df0 
- pull in syslog logging fix from upstream (r1344712)
576df0
576df0 
* Fri Oct 26 2012 Joe Orton <jorton@redhat.com> - 2.4.3-12
576df0 
- rebuild to pick up new apr-util-ldap
576df0
576df0 
* Tue Oct 23 2012 Joe Orton <jorton@redhat.com> - 2.4.3-11
576df0 
- rebuild
576df0
576df0 
* Wed Oct  3 2012 Joe Orton <jorton@redhat.com> - 2.4.3-10
576df0 
- pull upstream patch r1392850 in addition to r1387633
576df0
576df0 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9
576df0 
- define PLATFORM in os.h using vendor string
576df0
576df0 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-8
576df0 
- use systemd script unconditionally (#850149)
576df0
576df0 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-7
576df0 
- use systemd scriptlets if available (#850149)
576df0 
- don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists
576df0
576df0 
* Mon Oct 01 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-6
576df0 
- use systemctl from apachectl (#842736)
576df0
576df0 
* Wed Sep 19 2012 Joe Orton <jorton@redhat.com> - 2.4.3-5
576df0 
- fix some error log spam with graceful-stop (r1387633)
576df0 
- minor mod_systemd tweaks
576df0
576df0 
* Thu Sep 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-4
576df0 
- use IncludeOptional for conf.d/*.conf inclusion
576df0
576df0 
* Fri Sep 07 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-3
576df0 
- adding mod_systemd to integrate with systemd better
576df0
576df0 
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-2
576df0 
- mod_ssl: add check for proxy keypair match (upstream r1374214)
576df0
576df0 
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-1
576df0 
- update to 2.4.3 (#849883)
576df0 
- own the docroot (#848121)
576df0
576df0 
* Mon Aug  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-23
576df0 
- add mod_proxy fixes from upstream (r1366693, r1365604)
576df0
576df0 
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-22
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
576df0
576df0 
* Fri Jul  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-21
576df0 
- drop explicit version requirement on initscripts
576df0
576df0 
* Thu Jul  5 2012 Joe Orton <jorton@redhat.com> - 2.4.2-20
576df0 
- mod_ext_filter: fix error_log warnings
576df0
576df0 
* Mon Jul  2 2012 Joe Orton <jorton@redhat.com> - 2.4.2-19
576df0 
- support "configtest" and "graceful" as initscripts "legacy actions"
576df0
576df0 
* Fri Jun  8 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18
576df0 
- avoid use of "core" GIF for a "core" directory (#168776)
576df0 
- drop use of "syslog.target" in systemd unit file
576df0
576df0 
* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17
576df0 
- use _unitdir for systemd unit file
576df0 
- use /run in unit file, ssl.conf
576df0
576df0 
* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
576df0 
- mod_ssl: fix NPN patch merge
576df0
576df0 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15
576df0 
- move tmpfiles.d fragment into /usr/lib per new guidelines
576df0 
- package /run/httpd not /var/run/httpd
576df0 
- set runtimedir to /run/httpd likewise
576df0
576df0 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
576df0 
- fix htdbm/htpasswd crash on crypt() failure (#818684)
576df0
576df0 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
576df0 
- pull fix for NPN patch from upstream (r1345599)
576df0
576df0 
* Thu May 31 2012 Joe Orton <jorton@redhat.com> - 2.4.2-12
576df0 
- update suexec patch to use LOG_AUTHPRIV facility
576df0
576df0 
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-11
576df0 
- really fix autoindex.conf (thanks to remi@)
576df0
576df0 
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-10
576df0 
- fix autoindex.conf to allow symlink to poweredby.png
576df0
576df0 
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-9
576df0 
- suexec: use upstream version of patch for capability bit support
576df0
576df0 
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-8
576df0 
- suexec: use syslog rather than suexec.log, drop dac_override capability
576df0
576df0 
* Tue May  1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-7
576df0 
- mod_ssl: add TLS NPN support (r1332643, #809599)
576df0
576df0 
* Tue May  1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-6
576df0 
- add BR on APR >= 1.4.0
576df0
576df0 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-5
576df0 
- use systemctl from logrotate (#221073)
576df0
576df0 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-4
576df0 
- pull from upstream:
576df0 
  * use TLS close_notify alert for dummy_connection (r1326980+)
576df0 
  * cleanup symbol exports (r1327036+)
576df0
576df0 
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3
576df0 
- really fix restart
576df0
576df0 
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-2
576df0 
- tweak default ssl.conf
576df0 
- fix restart handling (#814645)
576df0 
- use graceful restart by default
576df0
576df0 
* Wed Apr 18 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.2-1
576df0 
- update to 2.4.2
576df0
576df0 
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-6
576df0 
- fix macros
576df0
576df0 
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-5
576df0 
- add _httpd_moddir to macros
576df0
576df0 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-4
576df0 
- fix symlink for poweredby.png
576df0 
- fix manual.conf
576df0
576df0 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-3
576df0 
- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)
576df0 
- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage
576df0
576df0 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-2
576df0 
- clean docroot better
576df0 
- ship proxy, ssl directories within /var/cache/httpd
576df0 
- default config:
576df0 
 * unrestricted access to (only) /var/www
576df0 
 * remove (commented) Mutex, MaxRanges, ScriptSock
576df0 
 * split autoindex config to conf.d/autoindex.conf
576df0 
- ship additional example configs in docdir
576df0
576df0 
* Tue Mar  6 2012 Joe Orton <jorton@redhat.com> - 2.4.1-1
576df0 
- update to 2.4.1
576df0 
- adopt upstream default httpd.conf (almost verbatim)
576df0 
- split all LoadModules to conf.modules.d/*.conf
576df0 
- include conf.d/*.conf at end of httpd.conf
576df0 
- trim %%changelog
576df0
576df0 
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-2
576df0 
- fix build against PCRE 8.30
576df0
576df0 
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-1
576df0 
- update to 2.2.22
576df0
576df0 
* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 2.2.21-8
576df0 
- Rebuild against PCRE 8.30
576df0
576df0 
* Mon Jan 23 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-7
576df0 
- fix #783629 - start httpd after named
576df0
576df0 
* Mon Jan 16 2012 Joe Orton <jorton@redhat.com> - 2.2.21-6
576df0 
- complete conversion to systemd, drop init script (#770311)
576df0 
- fix comments in /etc/sysconfig/httpd (#771024)
576df0 
- enable PrivateTmp in service file (#781440)
576df0 
- set LANG=C in /etc/sysconfig/httpd
576df0
576df0 
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.21-5
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
576df0
576df0 
* Tue Dec 06 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-4
576df0 
- fix #751591 - start httpd after remote-fs
576df0
576df0 
* Mon Oct 24 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-3
576df0 
- allow change state of BalancerMember in mod_proxy_balancer web interface
576df0
576df0 
* Thu Sep 22 2011 Ville Skyttä <ville.skytta@iki.fi> - 2.2.21-2
576df0 
- Make mmn available as %%{_httpd_mmn}.
576df0 
- Add .svgz to AddEncoding x-gzip example in httpd.conf.
576df0
576df0 
* Tue Sep 13 2011 Joe Orton <jorton@redhat.com> - 2.2.21-1
576df0 
- update to 2.2.21
576df0
576df0 
* Mon Sep  5 2011 Joe Orton <jorton@redhat.com> - 2.2.20-1
576df0 
- update to 2.2.20
576df0 
- fix MPM stub man page generation
576df0
576df0 
* Wed Aug 10 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-5
576df0 
- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd
576df0
576df0 
* Fri Jul 22 2011 Iain Arnell <iarnell@gmail.com> 1:2.2.19-4
576df0 
- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided
576df0 
  directory names
576df0
576df0 
* Wed Jul 20 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-3
576df0 
- fix #716621 - suexec now works without setuid bit
576df0
576df0 
* Thu Jul 14 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-2
576df0 
- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve
576df0
576df0 
* Fri Jul  1 2011 Joe Orton <jorton@redhat.com> - 2.2.19-1
576df0 
- update to 2.2.19
576df0 
- enable dbd, authn_dbd in default config
576df0
576df0 
* Thu Apr 14 2011 Joe Orton <jorton@redhat.com> - 2.2.17-13
576df0 
- fix path expansion in service files
576df0
576df0 
* Tue Apr 12 2011 Joe Orton <jorton@redhat.com> - 2.2.17-12
576df0 
- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)
576df0
576df0 
* Wed Mar 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-11
576df0 
- minor updates to httpd.conf
576df0 
- drop old patches
576df0
576df0 
* Wed Mar  2 2011 Joe Orton <jorton@redhat.com> - 2.2.17-10
576df0 
- rebuild
576df0
576df0 
* Wed Feb 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-9
576df0 
- use arch-specific mmn
576df0
576df0 
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.17-8
576df0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
576df0
576df0 
* Mon Jan 31 2011 Joe Orton <jorton@redhat.com> - 2.2.17-7
576df0 
- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)
576df0 
- add man page stubs for httpd.event, httpd.worker
576df0 
- drop distcache support
576df0 
- add STOP_TIMEOUT support to init script
576df0
576df0 
* Sat Jan  8 2011 Joe Orton <jorton@redhat.com> - 2.2.17-6
576df0 
- update default SSLCipherSuite per upstream trunk
576df0
576df0 
* Wed Jan  5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-5
576df0 
- fix requires (#667397)
576df0
576df0 
* Wed Jan  5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-4
576df0 
- de-ghost /var/run/httpd
576df0
576df0 
* Tue Jan  4 2011 Joe Orton <jorton@redhat.com> - 2.2.17-3
576df0 
- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)
576df0
576df0 
* Sat Nov 20 2010 Joe Orton <jorton@redhat.com> - 2.2.17-2
576df0 
- drop setuid bit, use capabilities for suexec binary
576df0
576df0 
* Wed Oct 27 2010 Joe Orton <jorton@redhat.com> - 2.2.17-1
576df0 
- update to 2.2.17
576df0
576df0 
* Fri Sep 10 2010 Joe Orton <jorton@redhat.com> - 2.2.16-2
576df0 
- link everything using -z relro and -z now
576df0
576df0 
* Mon Jul 26 2010 Joe Orton <jorton@redhat.com> - 2.2.16-1
576df0 
- update to 2.2.16
576df0
576df0 
* Fri Jul  9 2010 Joe Orton <jorton@redhat.com> - 2.2.15-3
576df0 
- default config tweaks:
576df0 
 * harden httpd.conf w.r.t. .htaccess restriction (#591293)
576df0 
 * load mod_substitute, mod_version by default
576df0 
 * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
576df0 
 * add commented list of shipped-but-unloaded modules
576df0 
 * bump up worker defaults a little
576df0 
 * drop KeepAliveTimeout to 5 secs per upstream
576df0 
- fix LSB compliance in init script (#522074)
576df0 
- bundle NOTICE in -tools
576df0 
- use init script in logrotate postrotate to pick up PIDFILE
576df0 
- drop some old Obsoletes/Conflicts
576df0
576df0 
* Sun Apr 04 2010 Robert Scheck <robert@fedoraproject.org> - 2.2.15-1
576df0 
- update to 2.2.15 (#572404, #579311)
576df0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation