rpms / httpd

Clone
Source Code
GIT

Blame SPECS/httpd.spec

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-2.4 c8-sig-artwork c8-stream-2.4 c8s-stream-2.4 c9 c9-beta
  1.   890d24e0f9cbdc9609e3fe72f32bc0fd5be04ee7
  2.   SPECS
  3.   httpd.spec
Blob History Raw
41a6c3 
%define contentdir %{_datadir}/httpd
41a6c3 
%define docroot /var/www
41a6c3 
%define suexec_caller apache
41a6c3 
%define mmn 20120211
41a6c3 
%define oldmmnisa %{mmn}-%{__isa_name}-%{__isa_bits}
41a6c3 
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
890d24 
%define vstring CentOS
41a6c3
41a6c3 
# Drop automatic provides for module DSOs
41a6c3 
%{?filter_setup:
41a6c3 
%filter_provides_in %{_libdir}/httpd/modules/.*\.so$
41a6c3 
%filter_setup
41a6c3 
}
41a6c3
41a6c3 
Summary: Apache HTTP Server
41a6c3 
Name: httpd
41a6c3 
Version: 2.4.6
7f6d46 
Release: 94%{?dist}
41a6c3 
URL: http://httpd.apache.org/
41a6c3 
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
890d24 
Source1: centos-noindex.tar.gz
41a6c3 
Source2: httpd.logrotate
41a6c3 
Source3: httpd.sysconf
41a6c3 
Source4: httpd-ssl-pass-dialog
41a6c3 
Source5: httpd.tmpfiles
41a6c3 
Source6: httpd.service
41a6c3 
Source7: action-graceful.sh
41a6c3 
Source8: action-configtest.sh
41a6c3 
Source10: httpd.conf
41a6c3 
Source11: 00-base.conf
41a6c3 
Source12: 00-mpm.conf
41a6c3 
Source13: 00-lua.conf
41a6c3 
Source14: 01-cgi.conf
41a6c3 
Source15: 00-dav.conf
41a6c3 
Source16: 00-proxy.conf
41a6c3 
Source17: 00-ssl.conf
41a6c3 
Source18: 01-ldap.conf
41a6c3 
Source19: 00-proxyhtml.conf
41a6c3 
Source20: userdir.conf
41a6c3 
Source21: ssl.conf
41a6c3 
Source22: welcome.conf
41a6c3 
Source23: manual.conf
41a6c3 
Source24: 00-systemd.conf
41a6c3 
Source25: 01-session.conf
41a6c3 
# Documentation
41a6c3 
Source30: README.confd
41a6c3 
Source40: htcacheclean.service
41a6c3 
Source41: htcacheclean.sysconf
41a6c3 
# build/scripts patches
41a6c3 
Patch1: httpd-2.4.1-apctl.patch
41a6c3 
Patch2: httpd-2.4.3-apxs.patch
41a6c3 
Patch3: httpd-2.4.1-deplibs.patch
41a6c3 
Patch5: httpd-2.4.3-layout.patch
41a6c3 
Patch6: httpd-2.4.3-apctl-systemd.patch
41a6c3 
# Features/functional changes
41a6c3 
Patch21: httpd-2.4.6-full-release.patch
41a6c3 
Patch23: httpd-2.4.4-export.patch
41a6c3 
Patch24: httpd-2.4.1-corelimit.patch
41a6c3 
Patch25: httpd-2.4.1-selinux.patch
41a6c3 
Patch26: httpd-2.4.4-r1337344+.patch
41a6c3 
Patch27: httpd-2.4.2-icons.patch
41a6c3 
Patch28: httpd-2.4.6-r1332643+.patch
41a6c3 
Patch29: httpd-2.4.3-mod_systemd.patch
41a6c3 
Patch30: httpd-2.4.4-cachehardmax.patch
41a6c3 
Patch31: httpd-2.4.6-sslmultiproxy.patch
41a6c3 
Patch32: httpd-2.4.6-r1537535.patch
41a6c3 
Patch33: httpd-2.4.6-r1542327.patch
41a6c3 
Patch34: httpd-2.4.6-ssl-large-keys.patch
41a6c3 
Patch35: httpd-2.4.6-pre_htaccess.patch
41a6c3 
Patch36: httpd-2.4.6-r1573626.patch
41a6c3 
Patch37: httpd-2.4.6-uds.patch
41a6c3 
Patch38: httpd-2.4.6-upn.patch
41a6c3 
Patch39: httpd-2.4.6-r1664565.patch
41a6c3 
Patch40: httpd-2.4.6-r1861793+.patch
7f6d46 
# https://bugzilla.redhat.com/show_bug.cgi?id=1715981
7f6d46 
Patch41: httpd-2.4.6-session-expiry-updt-int.patch
7f6d46
41a6c3 
# Bug fixes
41a6c3 
Patch51: httpd-2.4.3-sslsninotreq.patch
41a6c3 
Patch55: httpd-2.4.4-malformed-host.patch
41a6c3 
Patch56: httpd-2.4.4-mod_unique_id.patch
41a6c3 
Patch57: httpd-2.4.6-ldaprefer.patch
41a6c3 
Patch58: httpd-2.4.6-r1507681+.patch
41a6c3 
Patch59: httpd-2.4.6-r1556473.patch
41a6c3 
Patch60: httpd-2.4.6-r1553540.patch
41a6c3 
Patch61: httpd-2.4.6-rewrite-clientaddr.patch
41a6c3 
Patch62: httpd-2.4.6-ab-overflow.patch
41a6c3 
Patch63: httpd-2.4.6-sigint.patch
41a6c3 
Patch64: httpd-2.4.6-ssl-ecdh-auto.patch
41a6c3 
Patch65: httpd-2.4.6-r1556818.patch
41a6c3 
Patch66: httpd-2.4.6-r1618851.patch
41a6c3 
Patch67: httpd-2.4.6-r1526189.patch
41a6c3 
Patch68: httpd-2.4.6-r1663647.patch
41a6c3 
Patch69: httpd-2.4.6-r1569006.patch
41a6c3 
Patch70: httpd-2.4.6-r1506474.patch
41a6c3 
Patch71: httpd-2.4.6-bomb.patch
41a6c3 
Patch72: httpd-2.4.6-r1604460.patch
41a6c3 
Patch73: httpd-2.4.6-r1624349.patch
41a6c3 
Patch74: httpd-2.4.6-ap-ipv6.patch
41a6c3 
Patch75: httpd-2.4.6-r1530280.patch
41a6c3 
Patch76: httpd-2.4.6-r1633085.patch
41a6c3 
Patch78: httpd-2.4.6-ssl-error-free.patch
41a6c3 
Patch79: httpd-2.4.6-r1528556.patch
41a6c3 
Patch80: httpd-2.4.6-r1594625.patch
41a6c3 
Patch81: httpd-2.4.6-r1674222.patch
41a6c3 
Patch82: httpd-2.4.6-apachectl-httpd-env.patch
41a6c3 
Patch83: httpd-2.4.6-rewrite-dir.patch
41a6c3 
Patch84: httpd-2.4.6-r1420184.patch
41a6c3 
Patch85: httpd-2.4.6-r1524368.patch
41a6c3 
Patch86: httpd-2.4.6-r1528958.patch
41a6c3 
Patch87: httpd-2.4.6-r1651083.patch
41a6c3 
Patch88: httpd-2.4.6-r1688399.patch
41a6c3 
Patch89: httpd-2.4.6-r1527509.patch
41a6c3 
Patch90: httpd-2.4.6-apachectl-status.patch
41a6c3 
Patch91: httpd-2.4.6-r1650655.patch
41a6c3 
Patch92: httpd-2.4.6-r1533448.patch
41a6c3 
Patch93: httpd-2.4.6-r1610013.patch
41a6c3 
Patch94: httpd-2.4.6-r1705528.patch
41a6c3 
Patch95: httpd-2.4.6-r1684462.patch
41a6c3 
Patch96: httpd-2.4.6-r1650677.patch
41a6c3 
Patch97: httpd-2.4.6-r1621601.patch
41a6c3 
Patch98: httpd-2.4.6-r1610396.patch
41a6c3 
Patch99: httpd-2.4.6-rotatelog-timezone.patch
41a6c3 
Patch100: httpd-2.4.6-ab-ssl-error.patch
41a6c3 
Patch101: httpd-2.4.6-r1723522.patch
41a6c3 
Patch102: httpd-2.4.6-r1681107.patch
41a6c3 
Patch103: httpd-2.4.6-dhparams-free.patch
41a6c3 
Patch104: httpd-2.4.6-r1651658.patch
41a6c3 
Patch105: httpd-2.4.6-r1560093.patch
41a6c3 
Patch106: httpd-2.4.6-r1748212.patch
41a6c3 
Patch107: httpd-2.4.6-r1570327.patch
41a6c3 
Patch108: httpd-2.4.6-r1631119.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1406184
41a6c3 
Patch109: httpd-2.4.6-r1593002.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1389535
41a6c3 
Patch110: httpd-2.4.6-r1662640.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1348019
41a6c3 
Patch111: httpd-2.4.6-r1348019.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1396197
41a6c3 
Patch112: httpd-2.4.6-r1587053.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1376835
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1527295
41a6c3 
Patch113: httpd-2.4.6-mpm-segfault.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1372692
41a6c3 
Patch114: httpd-2.4.6-r1681114.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1371876
41a6c3 
Patch115: httpd-2.4.6-r1775832.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1353740
41a6c3 
Patch116: httpd-2.4.6-r1726019.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1364604
41a6c3 
Patch117: httpd-2.4.6-r1683112.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1378946
41a6c3 
Patch118: httpd-2.4.6-r1651653.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1414258
41a6c3 
Patch119: httpd-2.4.6-r1634529.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1397241
41a6c3 
Patch120: httpd-2.4.6-r1738878.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1445885
41a6c3 
Patch121: httpd-2.4.6-http-protocol-options-define.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1332242
41a6c3 
Patch122: httpd-2.4.6-statements-comment.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1451333
41a6c3 
Patch123: httpd-2.4.6-rotatelogs-zombie.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1368491
41a6c3 
Patch124: httpd-2.4.6-mod_authz_dbd-missing-query.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1288395
41a6c3 
Patch125: httpd-2.4.6-r1668532.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1499253
41a6c3 
Patch126: httpd-2.4.6-r1681289.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1430640
41a6c3 
Patch127: httpd-2.4.6-r1805099.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1448892
41a6c3 
Patch128: httpd-2.4.6-r1811831.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1464406
41a6c3 
Patch129: httpd-2.4.6-r1811746.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1440590
41a6c3 
Patch130: httpd-2.4.6-r1811976.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1506392
41a6c3 
Patch131: httpd-2.4.6-r1650310.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1557785
41a6c3 
Patch132: httpd-2.4.6-r1530999.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1533793
41a6c3 
Patch133: httpd-2.4.6-r1555539.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1523536
41a6c3 
Patch134: httpd-2.4.6-r1737363.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1548501
41a6c3 
Patch135: httpd-2.4.6-r1826995.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1556761
41a6c3 
Patch136: httpd-2.4.6-default-port-worker.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1493181
41a6c3 
Patch137: httpd-2.4.6-r1825120.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1458364
41a6c3 
Patch138: httpd-2.4.6-r1515372.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1458364
41a6c3 
Patch139: httpd-2.4.6-r1824872.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1583218
41a6c3 
Patch140: httpd-2.4.6-r1833014.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1673457
41a6c3 
Patch141: httpd-2.4.6-r1583175.patch
41a6c3 
# https://bugzilla.redhat.com/show_bug.cgi?id=1649470
41a6c3 
Patch142: httpd-2.4.6-r1862604.patch
7f6d46 
# https://bugzilla.redhat.com/show_bug.cgi?id=1724879
7f6d46 
Patch143: httpd-2.4.6-ssl-close-notify-client.patch
41a6c3
41a6c3 
# Security fixes
41a6c3 
Patch200: httpd-2.4.6-CVE-2013-6438.patch
41a6c3 
Patch201: httpd-2.4.6-CVE-2014-0098.patch
41a6c3 
Patch202: httpd-2.4.6-CVE-2014-0231.patch
41a6c3 
Patch203: httpd-2.4.6-CVE-2014-0117.patch
41a6c3 
Patch204: httpd-2.4.6-CVE-2014-0118.patch
41a6c3 
Patch205: httpd-2.4.6-CVE-2014-0226.patch
41a6c3 
Patch206: httpd-2.4.6-CVE-2013-4352.patch
41a6c3 
Patch207: httpd-2.4.6-CVE-2013-5704.patch
41a6c3 
Patch208: httpd-2.4.6-CVE-2014-3581.patch
41a6c3 
Patch209: httpd-2.4.6-CVE-2015-3185.patch
41a6c3 
Patch210: httpd-2.4.6-CVE-2015-3183.patch
41a6c3 
Patch211: httpd-2.4.6-CVE-2016-5387.patch
41a6c3 
Patch212: httpd-2.4.6-CVE-2016-8743.patch
41a6c3 
Patch213: httpd-2.4.6-CVE-2016-0736.patch
41a6c3 
Patch214: httpd-2.4.6-CVE-2016-2161.patch
41a6c3 
Patch215: httpd-2.4.6-CVE-2017-3167.patch
41a6c3 
Patch216: httpd-2.4.6-CVE-2017-3169.patch
41a6c3 
Patch217: httpd-2.4.6-CVE-2017-7668.patch
41a6c3 
Patch218: httpd-2.4.6-CVE-2017-7679.patch
41a6c3 
Patch219: httpd-2.4.6-CVE-2017-9788.patch
41a6c3 
Patch220: httpd-2.4.6-CVE-2017-9798.patch
41a6c3 
Patch221: httpd-2.4.6-CVE-2018-1312.patch
41a6c3 
Patch222: httpd-2.4.6-CVE-2019-0217.patch
41a6c3 
Patch223: httpd-2.4.6-CVE-2019-0220.patch
41a6c3 
Patch224: httpd-2.4.6-CVE-2017-15710.patch
41a6c3 
Patch225: httpd-2.4.6-CVE-2018-1301.patch
7f6d46 
Patch226: httpd-2.4.6-CVE-2018-17199.patch
7f6d46 
Patch227: httpd-2.4.6-CVE-2017-15715.patch
7f6d46 
Patch228: httpd-2.4.6-CVE-2019-10098.patch
7f6d46 
Patch229: httpd-2.4.6-CVE-2018-1303.patch
7f6d46 
Patch230: httpd-2.4.6-CVE-2018-1283.patch
41a6c3
41a6c3 
License: ASL 2.0
41a6c3 
Group: System Environment/Daemons
41a6c3 
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
41a6c3 
BuildRequires: autoconf, perl, pkgconfig, findutils, xmlto
41a6c3 
BuildRequires: zlib-devel, libselinux-devel, lua-devel
41a6c3 
BuildRequires: apr-devel >= 1.4.0, apr-util-devel >= 1.2.0, pcre-devel >= 5.0
41a6c3 
BuildRequires: systemd-devel
41a6c3 
Requires: /etc/mime.types, system-logos >= 7.92.1-1
41a6c3 
Obsoletes: httpd-suexec
41a6c3 
Provides: webserver
41a6c3 
Provides: mod_dav = %{version}-%{release}, httpd-suexec = %{version}-%{release}
41a6c3 
Provides: httpd-mmn = %{mmn}, httpd-mmn = %{mmnisa}, httpd-mmn = %{oldmmnisa}
41a6c3 
Requires: httpd-tools = %{version}-%{release}
41a6c3 
Requires(pre): /usr/sbin/useradd
41a6c3 
Requires(pre): /usr/sbin/groupadd
41a6c3 
Requires(preun): systemd-units
41a6c3 
Requires(postun): systemd-units
41a6c3 
Requires(post): systemd-units
41a6c3
41a6c3 
%description
41a6c3 
The Apache HTTP Server is a powerful, efficient, and extensible
41a6c3 
web server.
41a6c3
41a6c3 
%package devel
41a6c3 
Group: Development/Libraries
41a6c3 
Summary: Development interfaces for the Apache HTTP server
41a6c3 
Obsoletes: secureweb-devel, apache-devel, stronghold-apache-devel
41a6c3 
Requires: apr-devel, apr-util-devel, pkgconfig
41a6c3 
Requires: httpd = %{version}-%{release}
41a6c3
41a6c3 
%description devel
41a6c3 
The httpd-devel package contains the APXS binary and other files
41a6c3 
that you need to build Dynamic Shared Objects (DSOs) for the
41a6c3 
Apache HTTP Server.
41a6c3
41a6c3 
If you are installing the Apache HTTP server and you want to be
41a6c3 
able to compile or develop additional modules for Apache, you need
41a6c3 
to install this package.
41a6c3
41a6c3 
%package manual
41a6c3 
Group: Documentation
41a6c3 
Summary: Documentation for the Apache HTTP server
41a6c3 
Requires: httpd = %{version}-%{release}
41a6c3 
Obsoletes: secureweb-manual, apache-manual
41a6c3 
BuildArch: noarch
41a6c3
41a6c3 
%description manual
41a6c3 
The httpd-manual package contains the complete manual and
41a6c3 
reference guide for the Apache HTTP server. The information can
41a6c3 
also be found at http://httpd.apache.org/docs/2.2/.
41a6c3
41a6c3 
%package tools
41a6c3 
Group: System Environment/Daemons
41a6c3 
Summary: Tools for use with the Apache HTTP Server
41a6c3
41a6c3 
%description tools
41a6c3 
The httpd-tools package contains tools which can be used with
41a6c3 
the Apache HTTP Server.
41a6c3
41a6c3 
%package -n mod_ssl
41a6c3 
Group: System Environment/Daemons
41a6c3 
Summary: SSL/TLS module for the Apache HTTP Server
41a6c3 
Epoch: 1
41a6c3 
BuildRequires: openssl-devel >= 1:1.0.1e-37
41a6c3 
Requires: openssl-libs >= 1:1.0.1e-37
41a6c3 
Requires(post): openssl, /bin/cat, hostname
41a6c3 
Requires(pre): httpd
41a6c3 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
41a6c3 
Obsoletes: stronghold-mod_ssl
41a6c3
41a6c3 
%description -n mod_ssl
41a6c3 
The mod_ssl module provides strong cryptography for the Apache Web
41a6c3 
server via the Secure Sockets Layer (SSL) and Transport Layer
41a6c3 
Security (TLS) protocols.
41a6c3
41a6c3 
%package -n mod_proxy_html
41a6c3 
Group: System Environment/Daemons
41a6c3 
Summary: HTML and XML content filters for the Apache HTTP Server
41a6c3 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
41a6c3 
BuildRequires: libxml2-devel
41a6c3 
Epoch: 1
41a6c3 
Obsoletes: mod_proxy_html < 1:2.4.1-2
41a6c3
41a6c3 
%description -n mod_proxy_html
41a6c3 
The mod_proxy_html and mod_xml2enc modules provide filters which can
41a6c3 
transform and modify HTML and XML content.
41a6c3
41a6c3 
%package -n mod_ldap
41a6c3 
Group: System Environment/Daemons
41a6c3 
Summary: LDAP authentication modules for the Apache HTTP Server
41a6c3 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
41a6c3 
Requires: apr-util-ldap
41a6c3
41a6c3 
%description -n mod_ldap
41a6c3 
The mod_ldap and mod_authnz_ldap modules add support for LDAP
41a6c3 
authentication to the Apache HTTP Server.
41a6c3
41a6c3 
%package -n mod_session
41a6c3 
Group: System Environment/Daemons
41a6c3 
Summary: Session interface for the Apache HTTP Server
41a6c3 
Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
41a6c3 
Requires: apr-util-openssl
41a6c3
41a6c3 
%description -n mod_session
41a6c3 
The mod_session module and associated backends provide an abstract
41a6c3 
interface for storing and accessing per-user session data.
41a6c3
41a6c3 
%prep
41a6c3 
%setup -q
41a6c3 
%patch1 -p1 -b .apctl
41a6c3 
%patch2 -p1 -b .apxs
41a6c3 
%patch3 -p1 -b .deplibs
41a6c3 
%patch5 -p1 -b .layout
41a6c3 
%patch6 -p1 -b .apctlsystemd
41a6c3
41a6c3 
%patch21 -p1 -b .fullrelease
41a6c3 
%patch23 -p1 -b .export
41a6c3 
%patch24 -p1 -b .corelimit
41a6c3 
%patch25 -p1 -b .selinux
41a6c3 
%patch26 -p1 -b .r1337344+
41a6c3 
%patch27 -p1 -b .icons
41a6c3 
%patch28 -p1 -b .r1332643+
41a6c3 
%patch29 -p1 -b .systemd
41a6c3 
%patch30 -p1 -b .cachehardmax
41a6c3 
%patch31 -p1 -b .sslmultiproxy
41a6c3 
%patch32 -p1 -b .r1537535
41a6c3 
%patch33 -p1 -b .r1542327
41a6c3 
rm modules/ssl/ssl_engine_dh.c
41a6c3 
%patch34 -p1 -b .ssllargekeys
41a6c3 
%patch35 -p1 -b .prehtaccess
41a6c3 
%patch36 -p1 -b .r1573626
41a6c3 
%patch37 -p1 -b .uds
41a6c3 
%patch38 -p1 -b .upn
41a6c3 
%patch39 -p1 -b .r1664565
41a6c3 
%patch40 -p1 -b .r1861793+
7f6d46 
%patch41 -p1 -b .session-expiry
41a6c3
41a6c3 
%patch51 -p1 -b .sninotreq
41a6c3 
%patch55 -p1 -b .malformedhost
41a6c3 
%patch56 -p1 -b .uniqueid
41a6c3 
%patch57 -p1 -b .ldaprefer
41a6c3 
%patch58 -p1 -b .r1507681+
41a6c3 
%patch59 -p1 -b .r1556473
41a6c3 
%patch60 -p1 -b .r1553540
41a6c3 
%patch61 -p1 -b .clientaddr
41a6c3 
%patch62 -p1 -b .aboverflow
41a6c3 
%patch63 -p1 -b .sigint
41a6c3 
%patch64 -p1 -b .sslecdhauto
41a6c3 
%patch65 -p1 -b .r1556818
41a6c3 
%patch66 -p1 -b .r1618851
41a6c3 
%patch67 -p1 -b .r1526189
41a6c3 
%patch68 -p1 -b .r1663647
41a6c3 
%patch69 -p1 -b .1569006
41a6c3 
%patch70 -p1 -b .r1506474
41a6c3 
%patch71 -p1 -b .bomb
41a6c3 
%patch72 -p1 -b .r1604460
41a6c3 
%patch73 -p1 -b .r1624349
41a6c3 
%patch74 -p1 -b .abipv6
41a6c3 
%patch75 -p1 -b .r1530280
41a6c3 
%patch76 -p1 -b .r1633085
41a6c3 
%patch78 -p1 -b .sslerrorfree
41a6c3 
%patch79 -p1 -b .r1528556
41a6c3 
%patch80 -p1 -b .r1594625
41a6c3 
%patch81 -p1 -b .r1674222
41a6c3 
%patch82 -p1 -b .envhttpd
41a6c3 
%patch83 -p1 -b .rewritedir
41a6c3 
%patch84 -p1 -b .r1420184
41a6c3 
%patch85 -p1 -b .r1524368
41a6c3 
%patch86 -p1 -b .r1528958
41a6c3 
%patch87 -p1 -b .r1651083
41a6c3 
%patch88 -p1 -b .r1688399
41a6c3 
%patch89 -p1 -b .r1527509
41a6c3 
%patch90 -p1 -b .apachectlstatus
41a6c3 
%patch91 -p1 -b .r1650655
41a6c3 
%patch92 -p1 -b .r1533448
41a6c3 
%patch93 -p1 -b .r1610013
41a6c3 
%patch94 -p1 -b .r1705528
41a6c3 
%patch95 -p1 -b .r1684462
41a6c3 
%patch96 -p1 -b .r1650677
41a6c3 
%patch97 -p1 -b .r1621601
41a6c3 
%patch98 -p1 -b .r1610396
41a6c3 
%patch99 -p1 -b .rotatelogtimezone
41a6c3 
%patch100 -p1 -b .absslerror
41a6c3 
%patch101 -p1 -b .r1723522
41a6c3 
%patch102 -p1 -b .r1681107
41a6c3 
%patch103 -p1 -b .dhparamsfree
41a6c3 
%patch104 -p1 -b .r1651658
41a6c3 
%patch105 -p1 -b .r1560093
41a6c3 
%patch106 -p1 -b .r1748212
41a6c3 
%patch107 -p1 -b .r1570327
41a6c3 
%patch108 -p1 -b .r1631119
41a6c3 
%patch109 -p1 -b .r1593002
41a6c3 
%patch110 -p1 -b .r1662640
41a6c3 
%patch111 -p1 -b .r1348019
41a6c3 
%patch112 -p1 -b .r1587053
41a6c3 
%patch113 -p1 -b .mpmsegfault
41a6c3 
%patch114 -p1 -b .r1681114
41a6c3 
%patch115 -p1 -b .r1371876
41a6c3 
%patch116 -p1 -b .r1726019
41a6c3 
%patch117 -p1 -b .r1683112
41a6c3 
%patch118 -p1 -b .r1651653
41a6c3 
%patch119 -p1 -b .r1634529
41a6c3 
%patch120 -p1 -b .r1738878
41a6c3 
%patch121 -p1 -b .httpprotdefine
41a6c3 
%patch122 -p1 -b .statement-comment
41a6c3 
%patch123 -p1 -b .logrotate-zombie
41a6c3 
%patch124 -p1 -b .modauthzdbd-segfault
41a6c3 
%patch125 -p1 -b .r1668532
41a6c3 
%patch126 -p1 -b .r1681289
41a6c3 
%patch127 -p1 -b .r1805099
41a6c3 
%patch128 -p1 -b .r1811831
41a6c3 
%patch129 -p1 -b .r1811746
41a6c3 
%patch130 -p1 -b .r1811976
41a6c3 
%patch131 -p1 -b .r1650310
41a6c3 
%patch132 -p1 -b .r1530999
41a6c3 
%patch133 -p1 -b .r1555539
41a6c3 
%patch134 -p1 -b .r1523536
41a6c3 
%patch135 -p1 -b .r1826995
41a6c3 
%patch136 -p1 -b .defaultport-proxy
41a6c3 
%patch137 -p1 -b .r1825120
41a6c3 
%patch138 -p1 -b .r1515372
41a6c3 
%patch139 -p1 -b .r1824872
41a6c3 
%patch140 -p1 -b .r1833014
41a6c3 
%patch141 -p1 -b .r1583175
7f6d46 
%patch142 -p1 -b .r1862604
7f6d46 
%patch143 -p1 -b .ssl-close-notify-client
41a6c3
41a6c3 
%patch200 -p1 -b .cve6438
41a6c3 
%patch201 -p1 -b .cve0098
41a6c3 
%patch202 -p1 -b .cve0231
41a6c3 
%patch203 -p1 -b .cve0117
41a6c3 
%patch204 -p1 -b .cve0118
41a6c3 
%patch205 -p1 -b .cve0226
41a6c3 
%patch206 -p1 -b .cve4352
41a6c3 
%patch207 -p1 -b .cve5704
41a6c3 
%patch208 -p1 -b .cve3581
41a6c3 
%patch209 -p1 -b .cve3185
41a6c3 
%patch210 -p1 -b .cve3183
41a6c3 
%patch211 -p1 -b .cve5387
41a6c3 
%patch212 -p1 -b .cve8743
41a6c3 
%patch213 -p1 -b .cve0736
41a6c3 
%patch214 -p1 -b .cve2161
41a6c3 
%patch215 -p1 -b .cve3167
41a6c3 
%patch216 -p1 -b .cve3169
41a6c3 
%patch217 -p1 -b .cve7668
41a6c3 
%patch218 -p1 -b .cve7679
41a6c3 
%patch219 -p1 -b .cve9788
41a6c3 
%patch220 -p1 -b .cve9798
41a6c3 
%patch221 -p1 -b .cve1312
41a6c3 
%patch222 -p1 -b .cve0217
41a6c3 
%patch223 -p1 -b .cve0220
41a6c3 
%patch224 -p1 -b .cve15710
41a6c3 
%patch225 -p1 -b .cve1301
7f6d46 
%patch226 -p1 -b .cve17199
7f6d46 
%patch227 -p1 -b .cve15715
7f6d46 
%patch228 -p1 -b .cve10098
7f6d46 
%patch229 -p1 -b .cve1303
7f6d46 
%patch230 -p1 -b .cve1283
41a6c3
41a6c3 
# Patch in the vendor string and the release string
41a6c3 
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
41a6c3 
sed -i 's/@RELEASE@/%{release}/' server/core.c
41a6c3
41a6c3 
# Prevent use of setcap in "install-suexec-caps" target.
41a6c3 
sed -i '/suexec/s,setcap ,echo Skipping setcap for ,' Makefile.in
41a6c3
41a6c3 
# Safety check: prevent build if defined MMN does not equal upstream MMN.
41a6c3 
vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
41a6c3 
if test "x${vmmn}" != "x%{mmn}"; then
41a6c3 
   : Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}
41a6c3 
   : Update the mmn macro and rebuild.
41a6c3 
   exit 1
41a6c3 
fi
41a6c3
41a6c3 
: Building with MMN %{mmn}, MMN-ISA %{mmnisa} and vendor string '%{vstring}'
41a6c3
41a6c3 
%build
41a6c3 
# forcibly prevent use of bundled apr, apr-util, pcre
41a6c3 
rm -rf srclib/{apr,apr-util,pcre}
41a6c3
41a6c3 
# regenerate configure scripts
41a6c3 
autoheader && autoconf || exit 1
41a6c3
41a6c3 
# Before configure; fix location of build dir in generated apxs
41a6c3 
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" \
41a6c3 
	support/apxs.in
41a6c3
41a6c3 
export CFLAGS=$RPM_OPT_FLAGS
41a6c3 
export LDFLAGS="-Wl,-z,relro,-z,now"
41a6c3
41a6c3 
%ifarch ppc64 ppc64le
41a6c3 
%global _performance_build 1
41a6c3 
%endif
41a6c3
41a6c3 
# Hard-code path to links to avoid unnecessary builddep
41a6c3 
export LYNX_PATH=/usr/bin/links
41a6c3
41a6c3 
# Build the daemon
41a6c3 
%configure \
41a6c3 
 	--prefix=%{_sysconfdir}/httpd \
41a6c3 
 	--exec-prefix=%{_prefix} \
41a6c3 
 	--bindir=%{_bindir} \
41a6c3 
 	--sbindir=%{_sbindir} \
41a6c3 
 	--mandir=%{_mandir} \
41a6c3 
	--libdir=%{_libdir} \
41a6c3 
	--sysconfdir=%{_sysconfdir}/httpd/conf \
41a6c3 
	--includedir=%{_includedir}/httpd \
41a6c3 
	--libexecdir=%{_libdir}/httpd/modules \
41a6c3 
	--datadir=%{contentdir} \
41a6c3 
        --enable-layout=Fedora \
41a6c3 
        --with-installbuilddir=%{_libdir}/httpd/build \
41a6c3 
        --enable-mpms-shared=all \
41a6c3 
        --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
41a6c3 
	--enable-suexec --with-suexec \
41a6c3 
        --enable-suexec-capabilities \
41a6c3 
	--with-suexec-caller=%{suexec_caller} \
41a6c3 
	--with-suexec-docroot=%{docroot} \
41a6c3 
	--without-suexec-logfile \
41a6c3 
        --with-suexec-syslog \
41a6c3 
	--with-suexec-bin=%{_sbindir}/suexec \
41a6c3 
	--with-suexec-uidmin=500 --with-suexec-gidmin=100 \
41a6c3 
        --enable-pie \
41a6c3 
        --with-pcre \
41a6c3 
        --enable-mods-shared=all \
41a6c3 
	--enable-ssl --with-ssl --disable-distcache \
41a6c3 
	--enable-proxy \
41a6c3 
        --enable-cache \
41a6c3 
        --enable-disk-cache \
41a6c3 
        --enable-ldap --enable-authnz-ldap \
41a6c3 
        --enable-cgid --enable-cgi \
41a6c3 
        --enable-authn-anon --enable-authn-alias \
41a6c3 
        --disable-imagemap  \
41a6c3 
	$*
41a6c3 
make %{?_smp_mflags}
41a6c3
41a6c3 
%install
41a6c3 
rm -rf $RPM_BUILD_ROOT
41a6c3
41a6c3 
make DESTDIR=$RPM_BUILD_ROOT install
41a6c3
41a6c3 
# Install systemd service files
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
41a6c3 
for s in httpd htcacheclean; do
41a6c3 
  install -p -m 644 $RPM_SOURCE_DIR/${s}.service \
41a6c3 
                    $RPM_BUILD_ROOT%{_unitdir}/${s}.service
41a6c3 
done
41a6c3
41a6c3 
# install conf file/directory
41a6c3 
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
41a6c3 
      $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d
41a6c3 
install -m 644 $RPM_SOURCE_DIR/README.confd \
41a6c3 
    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
41a6c3 
for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
41a6c3 
         00-proxy.conf 00-ssl.conf 01-ldap.conf 00-proxyhtml.conf \
41a6c3 
         01-ldap.conf 00-systemd.conf 01-session.conf; do
41a6c3 
  install -m 644 -p $RPM_SOURCE_DIR/$f \
41a6c3 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
41a6c3 
done
41a6c3
41a6c3 
for f in welcome.conf ssl.conf manual.conf userdir.conf; do
41a6c3 
  install -m 644 -p $RPM_SOURCE_DIR/$f \
41a6c3 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
41a6c3 
done
41a6c3
41a6c3 
# Split-out extra config shipped as default in conf.d:
41a6c3 
for f in autoindex; do
41a6c3 
  mv docs/conf/extra/httpd-${f}.conf \
41a6c3 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/${f}.conf
41a6c3 
done
41a6c3
41a6c3 
# Extra config trimmed:
41a6c3 
rm -v docs/conf/extra/httpd-{ssl,userdir}.conf
41a6c3
41a6c3 
rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
41a6c3 
install -m 644 -p $RPM_SOURCE_DIR/httpd.conf \
41a6c3 
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
41a6c3
41a6c3 
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
41a6c3 
for s in httpd htcacheclean; do
41a6c3 
  install -m 644 -p $RPM_SOURCE_DIR/${s}.sysconf \
41a6c3 
                    $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/${s}
41a6c3 
done
41a6c3
41a6c3 
# tmpfiles.d configuration
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d
41a6c3 
install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
41a6c3 
   $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/httpd.conf
41a6c3
41a6c3 
# Other directories
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav \
41a6c3 
         $RPM_BUILD_ROOT/run/httpd/htcacheclean
41a6c3
41a6c3 
# Create cache directory
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd \
41a6c3 
         $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/proxy \
41a6c3 
         $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/ssl
41a6c3
41a6c3 
# Make the MMN accessible to module packages
41a6c3 
echo %{mmnisa} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rpm
41a6c3 
cat > $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.httpd <
41a6c3 
%%_httpd_mmn %{mmnisa}
41a6c3 
%%_httpd_apxs %{_bindir}/apxs
41a6c3 
%%_httpd_modconfdir %{_sysconfdir}/httpd/conf.modules.d
41a6c3 
%%_httpd_confdir %{_sysconfdir}/httpd/conf.d
41a6c3 
%%_httpd_contentdir %{contentdir}
41a6c3 
%%_httpd_moddir %{_libdir}/httpd/modules
41a6c3 
EOF
41a6c3
41a6c3 
# Handle contentdir
41a6c3 
mkdir $RPM_BUILD_ROOT%{contentdir}/noindex
890d24 
tar xzf $RPM_SOURCE_DIR/centos-noindex.tar.gz \
890d24 
        -C $RPM_BUILD_ROOT%{contentdir}/noindex/ \
890d24 
        --strip-components=1
890d24
41a6c3 
rm -rf %{contentdir}/htdocs
41a6c3
41a6c3 
# remove manual sources
41a6c3 
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
41a6c3 
    -name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
41a6c3 
    \) -print0 | xargs -0 rm -f
41a6c3
41a6c3 
# Strip the manual down just to English and replace the typemaps with flat files:
41a6c3 
set +x
41a6c3 
for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
41a6c3 
   if test -f ${f}.en; then
41a6c3 
      cp ${f}.en ${f}
41a6c3 
      rm ${f}.*
41a6c3 
   fi
41a6c3 
done
41a6c3 
set -x
41a6c3
41a6c3 
# Clean Document Root
41a6c3 
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
41a6c3 
      $RPM_BUILD_ROOT%{docroot}/cgi-bin/*
41a6c3
41a6c3 
# Symlink for the powered-by-$DISTRO image:
890d24 
ln -s ../noindex/images/poweredby.png \
41a6c3 
        $RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
41a6c3
41a6c3 
# symlinks for /etc/httpd
41a6c3 
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
41a6c3 
ln -s /run/httpd $RPM_BUILD_ROOT/etc/httpd/run
41a6c3 
ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
41a6c3
41a6c3 
# install http-ssl-pass-dialog
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}
41a6c3 
install -m755 $RPM_SOURCE_DIR/httpd-ssl-pass-dialog \
41a6c3 
	$RPM_BUILD_ROOT%{_libexecdir}/httpd-ssl-pass-dialog
41a6c3
41a6c3 
# Install action scripts
41a6c3 
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd
41a6c3 
for f in graceful configtest; do
41a6c3 
    install -p -m 755 $RPM_SOURCE_DIR/action-${f}.sh \
41a6c3 
            $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd/${f}
41a6c3 
done
41a6c3
41a6c3 
# Install logrotate config
41a6c3 
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
41a6c3 
install -m 644 -p $RPM_SOURCE_DIR/httpd.logrotate \
41a6c3 
	$RPM_BUILD_ROOT/etc/logrotate.d/httpd
41a6c3
41a6c3 
# fix man page paths
41a6c3 
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
41a6c3 
    -e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
41a6c3 
    -e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
41a6c3 
    -e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
41a6c3 
    -e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
41a6c3 
    -e "s|/usr/local/apache2/logs/httpd.pid|/run/httpd/httpd.pid|" \
41a6c3 
    -e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
41a6c3 
  > $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
41a6c3
41a6c3 
# Make ap_config_layout.h libdir-agnostic
41a6c3 
sed -i '/.*DEFAULT_..._LIBEXECDIR/d;/DEFAULT_..._INSTALLBUILDDIR/d' \
41a6c3 
    $RPM_BUILD_ROOT%{_includedir}/httpd/ap_config_layout.h
41a6c3
41a6c3 
# Fix path to instdso in special.mk
41a6c3 
sed -i '/instdso/s,top_srcdir,top_builddir,' \
41a6c3 
    $RPM_BUILD_ROOT%{_libdir}/httpd/build/special.mk
41a6c3
41a6c3 
# Remove unpackaged files
41a6c3 
rm -vf \
41a6c3 
      $RPM_BUILD_ROOT%{_libdir}/*.exp \
41a6c3 
      $RPM_BUILD_ROOT/etc/httpd/conf/mime.types \
41a6c3 
      $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
41a6c3 
      $RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
41a6c3 
      $RPM_BUILD_ROOT%{_bindir}/{ap?-config,dbmmanage} \
41a6c3 
      $RPM_BUILD_ROOT%{_sbindir}/{checkgid,envvars*} \
41a6c3 
      $RPM_BUILD_ROOT%{contentdir}/htdocs/* \
41a6c3 
      $RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
41a6c3 
      $RPM_BUILD_ROOT%{contentdir}/cgi-bin/*
41a6c3
41a6c3 
rm -rf $RPM_BUILD_ROOT/etc/httpd/conf/{original,extra}
41a6c3
41a6c3 
%pre
41a6c3 
# Add the "apache" group and user
41a6c3 
/usr/sbin/groupadd -g 48 -r apache 2> /dev/null || :
41a6c3 
/usr/sbin/useradd -c "Apache" -u 48 -g apache \
41a6c3 
	-s /sbin/nologin -r -d %{contentdir} apache 2> /dev/null || :
41a6c3
41a6c3 
%post
41a6c3 
%systemd_post httpd.service htcacheclean.service
41a6c3
41a6c3 
%preun
41a6c3 
%systemd_preun httpd.service htcacheclean.service
41a6c3
41a6c3 
%postun
41a6c3 
%systemd_postun
41a6c3
41a6c3 
# Trigger for conversion from SysV, per guidelines at:
41a6c3 
# https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd
41a6c3 
%triggerun -- httpd < 2.2.21-5
41a6c3 
# Save the current service runlevel info
41a6c3 
# User must manually run systemd-sysv-convert --apply httpd
41a6c3 
# to migrate them to systemd targets
41a6c3 
/usr/bin/systemd-sysv-convert --save httpd.service >/dev/null 2>&1 ||:
41a6c3
41a6c3 
# Run these because the SysV package being removed won't do them
41a6c3 
/sbin/chkconfig --del httpd >/dev/null 2>&1 || :
41a6c3
41a6c3 
%posttrans
41a6c3 
test -f /etc/sysconfig/httpd-disable-posttrans || \
41a6c3 
  /bin/systemctl try-restart httpd.service htcacheclean.service >/dev/null 2>&1 || :
41a6c3
41a6c3 
%define sslcert %{_sysconfdir}/pki/tls/certs/localhost.crt
41a6c3 
%define sslkey %{_sysconfdir}/pki/tls/private/localhost.key
41a6c3
41a6c3 
%post -n mod_ssl
41a6c3 
umask 077
41a6c3
41a6c3 
if [ -f %{sslkey} -o -f %{sslcert} ]; then
41a6c3 
   exit 0
41a6c3 
fi
41a6c3
41a6c3 
%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > %{sslkey} 2> /dev/null
41a6c3
41a6c3 
FQDN=`hostname`
41a6c3 
if [ "x${FQDN}" = "x" -o ${#FQDN} -gt 59 ]; then
41a6c3 
   FQDN=localhost.localdomain
41a6c3 
fi
41a6c3
41a6c3 
cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} \
41a6c3 
         -x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
41a6c3 
         -out %{sslcert} 2>/dev/null
41a6c3 
--
41a6c3 
SomeState
41a6c3 
SomeCity
41a6c3 
SomeOrganization
41a6c3 
SomeOrganizationalUnit
41a6c3 
${FQDN}
41a6c3 
root@${FQDN}
41a6c3 
EOF
41a6c3
41a6c3 
%check
41a6c3 
# Check the built modules are all PIC
41a6c3 
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
41a6c3 
   : modules contain non-relocatable code
41a6c3 
   exit 1
41a6c3 
fi
41a6c3
41a6c3 
%clean
41a6c3 
rm -rf $RPM_BUILD_ROOT
41a6c3
41a6c3 
%files
41a6c3 
%defattr(-,root,root)
41a6c3
41a6c3 
%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING NOTICE
41a6c3 
%doc docs/conf/extra/*.conf
41a6c3
41a6c3 
%dir %{_sysconfdir}/httpd
41a6c3 
%{_sysconfdir}/httpd/modules
41a6c3 
%{_sysconfdir}/httpd/logs
41a6c3 
%{_sysconfdir}/httpd/run
41a6c3 
%dir %{_sysconfdir}/httpd/conf
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
41a6c3
41a6c3 
%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
41a6c3
41a6c3 
%dir %{_sysconfdir}/httpd/conf.d
41a6c3 
%{_sysconfdir}/httpd/conf.d/README
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
41a6c3 
%exclude %{_sysconfdir}/httpd/conf.d/ssl.conf
41a6c3 
%exclude %{_sysconfdir}/httpd/conf.d/manual.conf
41a6c3
41a6c3 
%dir %{_sysconfdir}/httpd/conf.modules.d
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
41a6c3 
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
41a6c3 
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
41a6c3 
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
41a6c3 
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
41a6c3
41a6c3 
%config(noreplace) %{_sysconfdir}/sysconfig/ht*
41a6c3 
%{_prefix}/lib/tmpfiles.d/httpd.conf
41a6c3
41a6c3 
%dir %{_libexecdir}/initscripts/legacy-actions/httpd
41a6c3 
%{_libexecdir}/initscripts/legacy-actions/httpd/*
41a6c3
41a6c3 
%{_sbindir}/ht*
41a6c3 
%{_sbindir}/fcgistarter
41a6c3 
%{_sbindir}/apachectl
41a6c3 
%{_sbindir}/rotatelogs
41a6c3 
%caps(cap_setuid,cap_setgid+pe) %attr(510,root,%{suexec_caller}) %{_sbindir}/suexec
41a6c3
41a6c3 
%dir %{_libdir}/httpd
41a6c3 
%dir %{_libdir}/httpd/modules
41a6c3 
%{_libdir}/httpd/modules/mod*.so
41a6c3 
%exclude %{_libdir}/httpd/modules/mod_auth_form.so
41a6c3 
%exclude %{_libdir}/httpd/modules/mod_ssl.so
41a6c3 
%exclude %{_libdir}/httpd/modules/mod_*ldap.so
41a6c3 
%exclude %{_libdir}/httpd/modules/mod_proxy_html.so
41a6c3 
%exclude %{_libdir}/httpd/modules/mod_xml2enc.so
41a6c3 
%exclude %{_libdir}/httpd/modules/mod_session*.so
41a6c3
41a6c3 
%dir %{contentdir}
41a6c3 
%dir %{contentdir}/icons
41a6c3 
%dir %{contentdir}/error
41a6c3 
%dir %{contentdir}/error/include
41a6c3 
%dir %{contentdir}/noindex
41a6c3 
%{contentdir}/icons/*
41a6c3 
%{contentdir}/error/README
41a6c3 
%{contentdir}/error/*.var
41a6c3 
%{contentdir}/error/include/*.html
890d24 
%{contentdir}/noindex/*
41a6c3
41a6c3 
%dir %{docroot}
41a6c3 
%dir %{docroot}/cgi-bin
41a6c3 
%dir %{docroot}/html
41a6c3
41a6c3 
%attr(0710,root,apache) %dir /run/httpd
41a6c3 
%attr(0700,apache,apache) %dir /run/httpd/htcacheclean
41a6c3 
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
41a6c3 
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
41a6c3 
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
41a6c3 
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd/proxy
41a6c3
41a6c3 
%{_mandir}/man8/*
41a6c3
41a6c3 
%{_unitdir}/*.service
41a6c3
41a6c3 
%files tools
41a6c3 
%defattr(-,root,root)
41a6c3 
%{_bindir}/*
41a6c3 
%{_mandir}/man1/*
41a6c3 
%doc LICENSE NOTICE
41a6c3 
%exclude %{_bindir}/apxs
41a6c3 
%exclude %{_mandir}/man1/apxs.1*
41a6c3
41a6c3 
%files manual
41a6c3 
%defattr(-,root,root)
41a6c3 
%{contentdir}/manual
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
41a6c3
41a6c3 
%files -n mod_ssl
41a6c3 
%defattr(-,root,root)
41a6c3 
%{_libdir}/httpd/modules/mod_ssl.so
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
41a6c3 
%attr(0700,apache,root) %dir %{_localstatedir}/cache/httpd/ssl
41a6c3 
%{_libexecdir}/httpd-ssl-pass-dialog
41a6c3
41a6c3 
%files -n mod_proxy_html
41a6c3 
%defattr(-,root,root)
41a6c3 
%{_libdir}/httpd/modules/mod_proxy_html.so
41a6c3 
%{_libdir}/httpd/modules/mod_xml2enc.so
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
41a6c3
41a6c3 
%files -n mod_ldap
41a6c3 
%defattr(-,root,root)
41a6c3 
%{_libdir}/httpd/modules/mod_*ldap.so
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
41a6c3
41a6c3 
%files -n mod_session
41a6c3 
%defattr(-,root,root)
41a6c3 
%{_libdir}/httpd/modules/mod_session*.so
41a6c3 
%{_libdir}/httpd/modules/mod_auth_form.so
41a6c3 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
41a6c3
41a6c3 
%files devel
41a6c3 
%defattr(-,root,root)
41a6c3 
%{_includedir}/httpd
41a6c3 
%{_bindir}/apxs
41a6c3 
%{_mandir}/man1/apxs.1*
41a6c3 
%dir %{_libdir}/httpd/build
41a6c3 
%{_libdir}/httpd/build/*.mk
41a6c3 
%{_libdir}/httpd/build/*.sh
41a6c3 
%{_sysconfdir}/rpm/macros.httpd
41a6c3
41a6c3 
%changelog
890d24 
* Wed May 20 2020 CentOS Sources <bugs@centos.org> - 2.4.6-94.el7.centos
890d24 
- Remove index.html, add centos-noindex.tar.gz
890d24 
- change vstring
890d24 
- change symlink for poweredby.png
890d24 
- update welcome.conf with proper aliases
890d24
7f6d46 
* Thu Mar 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-94
7f6d46 
- Resolves: #1565491 - CVE-2017-15715 httpd: <FilesMatch> bypass with a trailing
7f6d46 
  newline in the file name
7f6d46 
- Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect
7f6d46 
- Resolves: #1724879 - httpd terminates all SSL connections using an abortive
7f6d46 
  shutdown
7f6d46 
- Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive
7f6d46 
- Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in
7f6d46 
  mod_cache_socache can allow a remote attacker to cause a denial of service
7f6d46 
- Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in
7f6d46 
  mod_session can allow a remote user to modify session data for CGI applications
7f6d46
7f6d46 
* Tue Oct 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-93
7f6d46 
- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect
7f6d46 
  expiry time
469b3b
41a6c3 
* Thu Aug 22 2019 Joe Orton <jorton@redhat.com> - 2.4.6-92
41a6c3 
- htpasswd: add SHA-2 crypt() support (#1486889)
41a6c3
41a6c3 
* Wed Jul 31 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-91
41a6c3 
- Resolves: #1630886 - scriptlet can fail if hostname is not installed
41a6c3 
- Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in
41a6c3 
  mod_authnz_ldap when using too small Accept-Language values
41a6c3 
- Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after
41a6c3 
  failure in reading the HTTP request
41a6c3 
- Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch
41a6c3 
  directive
41a6c3 
- Resolves: #1633152 - mod_session missing apr-util-openssl
41a6c3 
- Resolves: #1649470 - httpd response contains garbage in Content-Type header
41a6c3 
- Resolves: #1724034 - Unexpected OCSP in proxy SSL connection
41a6c3
41a6c3 
* Sat Jun 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-90
41a6c3 
- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation
41a6c3 
  in mod_auth_digest
41a6c3 
- Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control
41a6c3 
  bypass due to race condition
41a6c3 
- Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency
41a6c3
41a6c3 
* Fri Mar 15 2019 Joe Orton <jorton@redhat.com> - 2.4.6-89
41a6c3 
- fix per-request leak of bucket brigade structure (#1583218)
41a6c3
41a6c3 
* Thu Jun 21 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-88
41a6c3 
- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple
41a6c3 
  SIGUSR1
41a6c3
41a6c3 
* Thu Jun 21 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-87
41a6c3 
- Resolves: #1458364 - RMM list corruption in ldap module results in server hang
41a6c3
41a6c3 
* Thu Jun 21 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-86
41a6c3 
- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which
41a6c3 
  differ only in case
41a6c3
41a6c3 
* Wed Jun 20 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-85
41a6c3 
- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number
41a6c3
41a6c3 
* Mon Jun 18 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-84
41a6c3 
- Resolves: #1548501 - Make OCSP more configurable (like CRL)
41a6c3
41a6c3 
* Mon Jun 11 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-83
41a6c3 
- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db
41a6c3 
  after close
41a6c3
41a6c3 
* Mon Jun 11 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-82
41a6c3 
- Resolves: #1533793 - Use Variable with mod_authnz_ldap
41a6c3
41a6c3 
* Mon Mar 26 2018 Joe Orton <jorton@redhat.com> - 2.4.6-81
41a6c3 
- don't terminate connections during graceful stop/restart (#1557785)
41a6c3
41a6c3 
* Mon Jan 08 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-80
41a6c3 
- Related: #1288395 - httpd segfault when logrotate invoked
41a6c3
41a6c3 
* Wed Nov 01 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-79
41a6c3 
- Resolves: #1274890 - mod_ssl config: tighten defaults
41a6c3
41a6c3 
* Tue Oct 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-78
41a6c3 
- Resolves: #1506392 - Backport: SSLSessionTickets directive support
41a6c3
41a6c3 
* Mon Oct 16 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-77
41a6c3 
- Resolves: #1440590 - Need an option to disable UTF8-conversion
41a6c3 
  of certificate DN
41a6c3
41a6c3 
* Thu Oct 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-76
41a6c3 
- Resolves: #1464406 - Apache consumes too much memory for CGI output
41a6c3
41a6c3 
* Thu Oct 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-75
41a6c3 
- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD
41a6c3 
  using SetEnv or PassEnv. Needs documentation.
41a6c3
41a6c3 
* Mon Oct 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-74
41a6c3 
- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective
41a6c3 
  when it's defined outside <Proxy> setting
41a6c3
41a6c3 
* Fri Oct 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-73
41a6c3 
- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests
41a6c3 
  with absoluteURI instead of abs_path
41a6c3
41a6c3 
* Tue Oct 03 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-72
41a6c3 
- Resolves: #1288395 - httpd segfault when logrotate invoked
41a6c3
41a6c3 
* Tue Oct 03 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-71
41a6c3 
- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing
41a6c3
41a6c3 
* Mon Oct 02 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-70
41a6c3 
- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used
41a6c3
41a6c3 
* Tue Sep 19 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-69
41a6c3 
- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting
41a6c3 
  unregistered HTTP method
41a6c3
41a6c3 
* Tue Jul 25 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-68
41a6c3 
- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw()
41a6c3 
  authentication bypass
41a6c3 
- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
41a6c3 
- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
41a6c3 
- Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
41a6c3 
- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection
41a6c3 
  in mod_auth_digest
41a6c3
41a6c3 
* Tue May 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-67
41a6c3 
- Related: #1332242 - Explicitly disallow the '#' character in allow,deny
41a6c3 
  directives
41a6c3
41a6c3 
* Tue May 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-66
41a6c3 
- Related: #1332242 - Explicitly disallow the '#' character in allow,deny
41a6c3 
  directives
41a6c3
41a6c3 
* Thu Apr 27 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-65
41a6c3 
- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS
41a6c3
41a6c3 
* Tue Apr 18 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-64
41a6c3 
- Resolves: #1442872 - apache user is not created during httpd installation
41a6c3 
  when apache group already exist with GID other than 48
41a6c3
41a6c3 
* Wed Mar 22 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-63
41a6c3 
- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743
41a6c3 
  httpd: various flaws
41a6c3
41a6c3 
* Wed Mar 15 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-62
41a6c3 
- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp:
41a6c3 
  patch to set worker secret passed to tomcat
41a6c3
41a6c3 
* Wed Mar 15 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-61
41a6c3 
- Related: #1414258 - Crash during restart or at startup in mod_ssl,
41a6c3 
  in certinfo_free() function registered by ssl_stapling_ex_init()
41a6c3
41a6c3 
* Tue Mar 14 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-60
41a6c3 
- Resolves: #1414258 - Crash during restart or at startup in mod_ssl,
41a6c3 
  in certinfo_free() function registered by ssl_stapling_ex_init()
41a6c3
41a6c3 
* Mon Mar 13 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-59
41a6c3 
- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines
41a6c3 
  are broken during buffer resize
41a6c3
41a6c3 
* Fri Mar 10 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-58
41a6c3 
- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves
41a6c3 
  with mod_proxy_http and mod_proxy_ajp
41a6c3
41a6c3 
* Thu Mar 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-57
41a6c3 
- Resolves: #1324416 - Error 404 when switching language in HTML manual
41a6c3 
  more than once
41a6c3
41a6c3 
* Wed Mar 08 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-56
41a6c3 
- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi
41a6c3 
  spamming non-errors: AH01075: Error dispatching request to : (passing
41a6c3 
  brigade to output filters)
41a6c3
41a6c3 
* Wed Mar 08 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-55
41a6c3 
- Resolves: #1371876 - Apache httpd returns "200 OK" for a request
41a6c3 
  exceeding LimitRequestBody when enabling mod_ext_filter
41a6c3
41a6c3 
* Tue Mar 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-54
41a6c3 
- Resolves: #1372692 - Apache httpd does not log status code "413" in
41a6c3 
  access_log when exceeding LimitRequestBody
41a6c3
41a6c3 
* Tue Mar 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-53
41a6c3 
- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple
41a6c3 
  successive graceful reloads
41a6c3
41a6c3 
* Tue Mar 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-52
41a6c3 
- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny
41a6c3 
  directives
41a6c3
41a6c3 
* Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-51
41a6c3 
- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup
41a6c3 
  on backconn
41a6c3
41a6c3 
* Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-50
41a6c3 
- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed
41a6c3 
  worker to be retried before the retry period is over
41a6c3
41a6c3 
* Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-49
41a6c3 
- Resolves: #1389535 - Segmentation fault in SSL_renegotiate
41a6c3
41a6c3 
* Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-48
41a6c3 
- Resolves: #1406184 - stapling_renew_response: abort early
41a6c3 
  (before apr_uri_parse) if ocspuri is empty
41a6c3
41a6c3 
* Tue Feb  7 2017 Joe Orton <jorton@redhat.com> - 2.4.6-47
41a6c3 
- prefork: fix delay completing graceful restart (#1327624)
41a6c3 
- mod_ldap: fix authz regression, failing to rebind (#1415257)
41a6c3
41a6c3 
* Thu Jan 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-46
41a6c3 
- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743
41a6c3 
  httpd: various flaws
41a6c3
41a6c3 
* Wed Aug 03 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-45
41a6c3 
- RFE: run mod_rewrite external mapping program as non-root (#1316900)
41a6c3
41a6c3 
* Tue Jul 12 2016 Joe Orton <jorton@redhat.com> - 2.4.6-44
41a6c3 
- add security fix for CVE-2016-5387
41a6c3
41a6c3 
* Tue Jul  5 2016 Joe Orton <jorton@redhat.com> - 2.4.6-43
41a6c3 
- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)
41a6c3
41a6c3 
* Fri Jun 17 2016 Joe Orton <jorton@redhat.com> - 2.4.6-42
41a6c3 
- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)
41a6c3
41a6c3 
* Wed Feb 24 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-41
41a6c3 
- mod_cache: merge r->err_headers_out into r->headers when the response
41a6c3 
  is cached for the first time (#1264989)
41a6c3 
- mod_ssl: Do not send SSL warning when SNI hostname is not found as per
41a6c3 
  RFC 6066 (#1298148)
41a6c3 
- mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038)
41a6c3 
- fix apache user creation when apache group already exists (#1299889)
41a6c3 
- fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757)
41a6c3 
- mod_proxy: fix slow response time for reponses with error status code
41a6c3 
  when using ProxyErrorOverride (#1283653)
41a6c3 
- mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149)
41a6c3 
- mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495)
41a6c3 
- rotatelogs: improve support for localtime (#1244545)
41a6c3 
- ab: fix read failure when targeting SSL server (#1255331)
41a6c3 
- mod_log_debug: fix LogMessage example in documentation (#1279465)
41a6c3 
- mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime
41a6c3 
  of DB lookup entries independently of the selected DB engine (#1287844)
41a6c3 
- mod_ssl: fix hardware crypto support with custom DH parms (#1291865)
41a6c3 
- mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)
41a6c3
41a6c3 
* Thu Sep 17 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-40
41a6c3 
- mod_dav: follow up fix for previous commit (#1263975)
41a6c3
41a6c3 
* Wed Aug 26 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-39
41a6c3 
- mod_dav: treat dav_resource uri as escaped (#1255480)
41a6c3
41a6c3 
* Wed Aug 19 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-38
41a6c3 
- mod_ssl: add support for User Principal Name in SSLUserName  (#1242503)
41a6c3
41a6c3 
* Mon Aug 10 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-37
41a6c3 
- core: fix chunk header parsing defect (CVE-2015-3183)
41a6c3 
- core: replace of ap_some_auth_required with ap_some_authn_required
41a6c3 
  and ap_force_authn hook (CVE-2015-3185)
41a6c3
41a6c3 
* Tue Jul 14 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-36
41a6c3 
- Revert fix for #1162152, it is not needed in RHEL7
41a6c3 
- mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)
41a6c3
41a6c3 
* Wed Jul 01 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-35
41a6c3 
- mod_remoteip: correct the trusted proxy match test (#1179306)
41a6c3 
- mod_dav: send complete response when resource is created (#1235383)
41a6c3 
- apachectl: correct the apachectl status man page (#1231924)
41a6c3
41a6c3 
* Wed Jun 03 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-34
41a6c3 
- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328)
41a6c3 
- do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820)
41a6c3 
- fix -D[efined] or <Define>[d] variables lifetime accross restarts (#1227219)
41a6c3 
- mod_ssl: do not send NPN extension with not configured (#1226015)
41a6c3
41a6c3 
* Mon May 18 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-33
41a6c3 
- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)
41a6c3
41a6c3 
* Wed Apr 15 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-32
41a6c3 
- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779)
41a6c3 
- mod_remoteip: correct the trusted proxy match test (#1179306)
41a6c3 
- mod_status: honor remote_ip as documented (#1169081)
41a6c3 
- mod_deflate: fix decompression of files larger than 4GB (#1170214)
41a6c3 
- core: improve error message for inaccessible DocumentRoot (#1170220)
41a6c3 
- ab: try all addresses instead of failing on first one when not available (#1125276)
41a6c3 
- mod_proxy_wstunnel: add support for SSL (#1180745)
41a6c3 
- mod_proxy_wstunnel: load this module by default (#1180745)
41a6c3 
- mod_rewrite: add support for WebSockets (#1180745)
41a6c3 
- mod_rewrite: do not search for directory if a URL will be rewritten (#1210091)
41a6c3 
- mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache
41a6c3 
  are used and SSL session is resumed (#1170206)
41a6c3 
- mod_ssl: fix memory leak on httpd reloads (#1181690)
41a6c3 
- mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476)
41a6c3 
- mod_cgi: return error code 408 on timeout (#1162152)
41a6c3 
- mod_dav_fs: set default value of DAVLockDB (#1176449)
41a6c3 
- add Documentation= to the httpd.service and htcacheclean.service (#1184118)
41a6c3 
- do not display "bomb" icon for files ending with "core" (#1170215)
41a6c3 
- add missing Reason-Phrase in HTTP response headers (#1162159)
41a6c3 
- fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625)
41a6c3 
- apachectl: ignore HTTPD variable from sysconfig (#1214401)
41a6c3 
- apachectl: fix "graceful" documentation (#1214398)
41a6c3 
- apachectl: fix "graceful" behaviour when httpd is not running (#1214430)
41a6c3
41a6c3 
* Tue Dec 02 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-31
41a6c3 
- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled
41a6c3 
  instead of hardcoding it (#1168050)
41a6c3 
- mod_proxy: support Unix Domain Sockets (#1168081)
41a6c3
41a6c3 
* Tue Nov 25 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-30
41a6c3 
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
41a6c3 
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
41a6c3
41a6c3 
* Tue Nov 04 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-29
41a6c3 
- rebuild against proper version of OpenSSL (#1080125)
41a6c3
41a6c3 
* Wed Oct 22 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-28
41a6c3 
- set vstring based on /etc/os-release (#1114123)
41a6c3
41a6c3 
* Mon Oct 06 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-27
41a6c3 
- fix the dependency on openssl-libs to match the fix for #1080125
41a6c3
41a6c3 
* Mon Sep 22 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-26
41a6c3 
- allow <Auth*ProviderAlias>'es to be seen under virtual hosts (#1131847)
41a6c3
41a6c3 
* Fri Sep 19 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-25
41a6c3 
- do not use hardcoded curve for ECDHE suites (#1080125)
41a6c3
41a6c3 
* Wed Sep 03 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-24
41a6c3 
- allow reverse-proxy to be set via SetHandler (#1136290)
41a6c3
41a6c3 
* Thu Aug 21 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-23
41a6c3 
- fix possible crash in SIGINT handling (#1131006)
41a6c3
41a6c3 
* Mon Aug 18 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-22
41a6c3 
- ab: fix integer overflow when printing stats with lot of requests (#1092420)
41a6c3
41a6c3 
* Mon Aug 11 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-21
41a6c3 
- add pre_htaccess so mpm-itk can be build as separate module (#1059143)
41a6c3
41a6c3 
* Tue Aug 05 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-20
41a6c3 
- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)
41a6c3
41a6c3 
* Mon Aug 04 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-19
41a6c3 
- fix build on ppc64le by using configure macro (#1125545)
41a6c3 
- compile httpd with -O3 on ppc64le (#1123490)
41a6c3 
- mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)
41a6c3
41a6c3 
* Thu Jul 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-18
41a6c3 
- mod_cgid: add security fix for CVE-2014-0231 (#1120608)
41a6c3 
- mod_proxy: add security fix for CVE-2014-0117 (#1120608)
41a6c3 
- mod_deflate: add security fix for CVE-2014-0118 (#1120608)
41a6c3 
- mod_status: add security fix for CVE-2014-0226 (#1120608)
41a6c3 
- mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)
41a6c3
41a6c3 
* Thu Mar 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-17
41a6c3 
- mod_dav: add security fix for CVE-2013-6438 (#1077907)
41a6c3 
- mod_log_config: add security fix for CVE-2014-0098 (#1077907)
41a6c3
41a6c3 
* Wed Mar  5 2014 Joe Orton <jorton@redhat.com> - 2.4.6-16
41a6c3 
- mod_ssl: improve DH temp key handling (#1057687)
41a6c3
41a6c3 
* Wed Mar  5 2014 Joe Orton <jorton@redhat.com> - 2.4.6-15
41a6c3 
- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)
41a6c3
41a6c3 
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 2.4.6-14
41a6c3 
- Mass rebuild 2014-01-24
41a6c3
41a6c3 
* Mon Jan 13 2014 Joe Orton <jorton@redhat.com> - 2.4.6-13
41a6c3 
- mod_ssl: sanity-check use of "SSLCompression" (#1036666)
41a6c3 
- mod_proxy_http: fix brigade memory usage (#1040447)
41a6c3
41a6c3 
* Fri Jan 10 2014 Joe Orton <jorton@redhat.com> - 2.4.6-12
41a6c3 
- rebuild
41a6c3
41a6c3 
* Thu Jan  9 2014 Joe Orton <jorton@redhat.com> - 2.4.6-11
41a6c3 
- build with -O3 on ppc64 (#1051066)
41a6c3
41a6c3 
* Tue Jan  7 2014 Joe Orton <jorton@redhat.com> - 2.4.6-10
41a6c3 
- mod_dav: fix locktoken handling (#1004046)
41a6c3
41a6c3 
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 2.4.6-9
41a6c3 
- Mass rebuild 2013-12-27
41a6c3
41a6c3 
* Fri Dec 20 2013 Joe Orton <jorton@redhat.com> - 2.4.6-8
41a6c3 
- use unambiguous httpd-mmn (#1029360)
41a6c3
41a6c3 
* Fri Nov   1 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-7
41a6c3 
- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)
41a6c3
41a6c3 
* Thu Oct  31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-6
41a6c3 
- systemd: Use {MAINPID} notation in service file (#969972)
41a6c3
41a6c3 
* Thu Oct 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-5
41a6c3 
- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)
41a6c3
41a6c3 
* Thu Oct 03 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-4
41a6c3 
- expand macros in macros.httpd (#1011393)
41a6c3
41a6c3 
* Mon Aug 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-3
41a6c3 
- fix "LDAPReferrals off" to really disable LDAP Referrals
41a6c3
41a6c3 
* Wed Jul 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-2
41a6c3 
- revert fix for dumping vhosts twice
41a6c3
41a6c3 
* Mon Jul 22 2013 Joe Orton <jorton@redhat.com> - 2.4.6-1
41a6c3 
- update to 2.4.6
41a6c3 
- mod_ssl: use revised NPN API (r1487772)
41a6c3
41a6c3 
* Thu Jul 11 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-12
41a6c3 
- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)
41a6c3 
- apxs: mention -p option in manpage
41a6c3
41a6c3 
* Tue Jul  2 2013 Joe Orton <jorton@redhat.com> - 2.4.4-11
41a6c3 
- add patch for aarch64 (Dennis Gilmore, #925558)
41a6c3
41a6c3 
* Mon Jul  1 2013 Joe Orton <jorton@redhat.com> - 2.4.4-10
41a6c3 
- remove duplicate apxs man page from httpd-tools
41a6c3
41a6c3 
* Mon Jun 17 2013 Joe Orton <jorton@redhat.com> - 2.4.4-9
41a6c3 
- remove zombie dbmmanage script
41a6c3
41a6c3 
* Fri May 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-8
41a6c3 
- return 400 Bad Request on malformed Host header
41a6c3
41a6c3 
* Mon May 20 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6
41a6c3 
- htpasswd/htdbm: fix hash generation bug (#956344)
41a6c3 
- do not dump vhosts twice in httpd -S output (#928761)
41a6c3 
- mod_cache: fix potential crash caused by uninitialized variable (#954109)
41a6c3
41a6c3 
* Thu Apr 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-5
41a6c3 
- execute systemctl reload as result of apachectl graceful
41a6c3 
- mod_ssl: ignore SNI hints unless required by config
41a6c3 
- mod_cache: forward-port CacheMaxExpire "hard" option
41a6c3 
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
41a6c3 
  is not configured.
41a6c3
41a6c3 
* Tue Apr 16 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-4
41a6c3 
- fix service file to not send SIGTERM after ExecStop (#906321, #912288)
41a6c3
41a6c3 
* Tue Mar 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-3
41a6c3 
- protect MIMEMagicFile with IfModule (#893949)
41a6c3
41a6c3 
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-2
41a6c3 
- really package mod_auth_form in mod_session (#915438)
41a6c3
41a6c3 
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-1
41a6c3 
- update to 2.4.4
41a6c3 
- fix duplicate ownership of mod_session config (#914901)
41a6c3
41a6c3 
* Fri Feb 22 2013 Joe Orton <jorton@redhat.com> - 2.4.3-17
41a6c3 
- add mod_session subpackage, move mod_auth_form there (#894500)
41a6c3
41a6c3 
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.3-16
41a6c3 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
41a6c3
41a6c3 
* Tue Jan  8 2013 Joe Orton <jorton@redhat.com> - 2.4.3-15
41a6c3 
- add systemd service for htcacheclean
41a6c3
41a6c3 
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-14
41a6c3 
- drop patch for r1344712
41a6c3
41a6c3 
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-13
41a6c3 
- filter mod_*.so auto-provides (thanks to rcollet)
41a6c3 
- pull in syslog logging fix from upstream (r1344712)
41a6c3
41a6c3 
* Fri Oct 26 2012 Joe Orton <jorton@redhat.com> - 2.4.3-12
41a6c3 
- rebuild to pick up new apr-util-ldap
41a6c3
41a6c3 
* Tue Oct 23 2012 Joe Orton <jorton@redhat.com> - 2.4.3-11
41a6c3 
- rebuild
41a6c3
41a6c3 
* Wed Oct  3 2012 Joe Orton <jorton@redhat.com> - 2.4.3-10
41a6c3 
- pull upstream patch r1392850 in addition to r1387633
41a6c3
41a6c3 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9.1
41a6c3 
- restore "ServerTokens Full-Release" support (#811714)
41a6c3
41a6c3 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9
41a6c3 
- define PLATFORM in os.h using vendor string
41a6c3
41a6c3 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-8
41a6c3 
- use systemd script unconditionally (#850149)
41a6c3
41a6c3 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-7
41a6c3 
- use systemd scriptlets if available (#850149)
41a6c3 
- don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists
41a6c3
41a6c3 
* Mon Oct 01 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-6
41a6c3 
- use systemctl from apachectl (#842736)
41a6c3
41a6c3 
* Wed Sep 19 2012 Joe Orton <jorton@redhat.com> - 2.4.3-5
41a6c3 
- fix some error log spam with graceful-stop (r1387633)
41a6c3 
- minor mod_systemd tweaks
41a6c3
41a6c3 
* Thu Sep 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-4
41a6c3 
- use IncludeOptional for conf.d/*.conf inclusion
41a6c3
41a6c3 
* Fri Sep 07 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-3
41a6c3 
- adding mod_systemd to integrate with systemd better
41a6c3
41a6c3 
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-2
41a6c3 
- mod_ssl: add check for proxy keypair match (upstream r1374214)
41a6c3
41a6c3 
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-1
41a6c3 
- update to 2.4.3 (#849883)
41a6c3 
- own the docroot (#848121)
41a6c3
41a6c3 
* Mon Aug  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-23
41a6c3 
- add mod_proxy fixes from upstream (r1366693, r1365604)
41a6c3
41a6c3 
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-22
41a6c3 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
41a6c3
41a6c3 
* Fri Jul  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-21
41a6c3 
- drop explicit version requirement on initscripts
41a6c3
41a6c3 
* Thu Jul  5 2012 Joe Orton <jorton@redhat.com> - 2.4.2-20
41a6c3 
- mod_ext_filter: fix error_log warnings
41a6c3
41a6c3 
* Mon Jul  2 2012 Joe Orton <jorton@redhat.com> - 2.4.2-19
41a6c3 
- support "configtest" and "graceful" as initscripts "legacy actions"
41a6c3
41a6c3 
* Fri Jun  8 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18
41a6c3 
- avoid use of "core" GIF for a "core" directory (#168776)
41a6c3 
- drop use of "syslog.target" in systemd unit file
41a6c3
41a6c3 
* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17
41a6c3 
- use _unitdir for systemd unit file
41a6c3 
- use /run in unit file, ssl.conf
41a6c3
41a6c3 
* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
41a6c3 
- mod_ssl: fix NPN patch merge
41a6c3
41a6c3 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15
41a6c3 
- move tmpfiles.d fragment into /usr/lib per new guidelines
41a6c3 
- package /run/httpd not /var/run/httpd
41a6c3 
- set runtimedir to /run/httpd likewise
41a6c3
41a6c3 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
41a6c3 
- fix htdbm/htpasswd crash on crypt() failure (#818684)
41a6c3
41a6c3 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
41a6c3 
- pull fix for NPN patch from upstream (r1345599)
41a6c3
41a6c3 
* Thu May 31 2012 Joe Orton <jorton@redhat.com> - 2.4.2-12
41a6c3 
- update suexec patch to use LOG_AUTHPRIV facility
41a6c3
41a6c3 
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-11
41a6c3 
- really fix autoindex.conf (thanks to remi@)
41a6c3
41a6c3 
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-10
41a6c3 
- fix autoindex.conf to allow symlink to poweredby.png
41a6c3
41a6c3 
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-9
41a6c3 
- suexec: use upstream version of patch for capability bit support
41a6c3
41a6c3 
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-8
41a6c3 
- suexec: use syslog rather than suexec.log, drop dac_override capability
41a6c3
41a6c3 
* Tue May  1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-7
41a6c3 
- mod_ssl: add TLS NPN support (r1332643, #809599)
41a6c3
41a6c3 
* Tue May  1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-6
41a6c3 
- add BR on APR >= 1.4.0
41a6c3
41a6c3 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-5
41a6c3 
- use systemctl from logrotate (#221073)
41a6c3
41a6c3 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-4
41a6c3 
- pull from upstream:
41a6c3 
  * use TLS close_notify alert for dummy_connection (r1326980+)
41a6c3 
  * cleanup symbol exports (r1327036+)
41a6c3
41a6c3 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3.2
41a6c3 
- rebuild
41a6c3
41a6c3 
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3
41a6c3 
- really fix restart
41a6c3
41a6c3 
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-2
41a6c3 
- tweak default ssl.conf
41a6c3 
- fix restart handling (#814645)
41a6c3 
- use graceful restart by default
41a6c3
41a6c3 
* Wed Apr 18 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.2-1
41a6c3 
- update to 2.4.2
41a6c3
41a6c3 
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-6
41a6c3 
- fix macros
41a6c3
41a6c3 
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-5
41a6c3 
- add _httpd_moddir to macros
41a6c3
41a6c3 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-4
41a6c3 
- fix symlink for poweredby.png
41a6c3 
- fix manual.conf
41a6c3
41a6c3 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-3
41a6c3 
- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)
41a6c3 
- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage
41a6c3
41a6c3 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-2
41a6c3 
- clean docroot better
41a6c3 
- ship proxy, ssl directories within /var/cache/httpd
41a6c3 
- default config:
41a6c3 
 * unrestricted access to (only) /var/www
41a6c3 
 * remove (commented) Mutex, MaxRanges, ScriptSock
41a6c3 
 * split autoindex config to conf.d/autoindex.conf
41a6c3 
- ship additional example configs in docdir
41a6c3
41a6c3 
* Tue Mar  6 2012 Joe Orton <jorton@redhat.com> - 2.4.1-1
41a6c3 
- update to 2.4.1
41a6c3 
- adopt upstream default httpd.conf (almost verbatim)
41a6c3 
- split all LoadModules to conf.modules.d/*.conf
41a6c3 
- include conf.d/*.conf at end of httpd.conf
41a6c3 
- trim %%changelog
41a6c3
41a6c3 
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-2
41a6c3 
- fix build against PCRE 8.30
41a6c3
41a6c3 
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-1
41a6c3 
- update to 2.2.22
41a6c3
41a6c3 
* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 2.2.21-8
41a6c3 
- Rebuild against PCRE 8.30
41a6c3
41a6c3 
* Mon Jan 23 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-7
41a6c3 
- fix #783629 - start httpd after named
41a6c3
41a6c3 
* Mon Jan 16 2012 Joe Orton <jorton@redhat.com> - 2.2.21-6
41a6c3 
- complete conversion to systemd, drop init script (#770311)
41a6c3 
- fix comments in /etc/sysconfig/httpd (#771024)
41a6c3 
- enable PrivateTmp in service file (#781440)
41a6c3 
- set LANG=C in /etc/sysconfig/httpd
41a6c3
41a6c3 
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.21-5
41a6c3 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
41a6c3
41a6c3 
* Tue Dec 06 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-4
41a6c3 
- fix #751591 - start httpd after remote-fs
41a6c3
41a6c3 
* Mon Oct 24 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-3
41a6c3 
- allow change state of BalancerMember in mod_proxy_balancer web interface
41a6c3
41a6c3 
* Thu Sep 22 2011 Ville Skyttä <ville.skytta@iki.fi> - 2.2.21-2
41a6c3 
- Make mmn available as %%{_httpd_mmn}.
41a6c3 
- Add .svgz to AddEncoding x-gzip example in httpd.conf.
41a6c3
41a6c3 
* Tue Sep 13 2011 Joe Orton <jorton@redhat.com> - 2.2.21-1
41a6c3 
- update to 2.2.21
41a6c3
41a6c3 
* Mon Sep  5 2011 Joe Orton <jorton@redhat.com> - 2.2.20-1
41a6c3 
- update to 2.2.20
41a6c3 
- fix MPM stub man page generation
41a6c3
41a6c3 
* Wed Aug 10 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-5
41a6c3 
- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd
41a6c3
41a6c3 
* Fri Jul 22 2011 Iain Arnell <iarnell@gmail.com> 1:2.2.19-4
41a6c3 
- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided
41a6c3 
  directory names
41a6c3
41a6c3 
* Wed Jul 20 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-3
41a6c3 
- fix #716621 - suexec now works without setuid bit
41a6c3
41a6c3 
* Thu Jul 14 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-2
41a6c3 
- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve
41a6c3
41a6c3 
* Fri Jul  1 2011 Joe Orton <jorton@redhat.com> - 2.2.19-1
41a6c3 
- update to 2.2.19
41a6c3 
- enable dbd, authn_dbd in default config
41a6c3
41a6c3 
* Thu Apr 14 2011 Joe Orton <jorton@redhat.com> - 2.2.17-13
41a6c3 
- fix path expansion in service files
41a6c3
41a6c3 
* Tue Apr 12 2011 Joe Orton <jorton@redhat.com> - 2.2.17-12
41a6c3 
- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)
41a6c3
41a6c3 
* Wed Mar 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-11
41a6c3 
- minor updates to httpd.conf
41a6c3 
- drop old patches
41a6c3
41a6c3 
* Wed Mar  2 2011 Joe Orton <jorton@redhat.com> - 2.2.17-10
41a6c3 
- rebuild
41a6c3
41a6c3 
* Wed Feb 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-9
41a6c3 
- use arch-specific mmn
41a6c3
41a6c3 
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.17-8
41a6c3 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
41a6c3
41a6c3 
* Mon Jan 31 2011 Joe Orton <jorton@redhat.com> - 2.2.17-7
41a6c3 
- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)
41a6c3 
- add man page stubs for httpd.event, httpd.worker
41a6c3 
- drop distcache support
41a6c3 
- add STOP_TIMEOUT support to init script
41a6c3
41a6c3 
* Sat Jan  8 2011 Joe Orton <jorton@redhat.com> - 2.2.17-6
41a6c3 
- update default SSLCipherSuite per upstream trunk
41a6c3
41a6c3 
* Wed Jan  5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-5
41a6c3 
- fix requires (#667397)
41a6c3
41a6c3 
* Wed Jan  5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-4
41a6c3 
- de-ghost /var/run/httpd
41a6c3
41a6c3 
* Tue Jan  4 2011 Joe Orton <jorton@redhat.com> - 2.2.17-3
41a6c3 
- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)
41a6c3
41a6c3 
* Sat Nov 20 2010 Joe Orton <jorton@redhat.com> - 2.2.17-2
41a6c3 
- drop setuid bit, use capabilities for suexec binary
41a6c3
41a6c3 
* Wed Oct 27 2010 Joe Orton <jorton@redhat.com> - 2.2.17-1
41a6c3 
- update to 2.2.17
41a6c3
41a6c3 
* Fri Sep 10 2010 Joe Orton <jorton@redhat.com> - 2.2.16-2
41a6c3 
- link everything using -z relro and -z now
41a6c3
41a6c3 
* Mon Jul 26 2010 Joe Orton <jorton@redhat.com> - 2.2.16-1
41a6c3 
- update to 2.2.16
41a6c3
41a6c3 
* Fri Jul  9 2010 Joe Orton <jorton@redhat.com> - 2.2.15-3
41a6c3 
- default config tweaks:
41a6c3 
 * harden httpd.conf w.r.t. .htaccess restriction (#591293)
41a6c3 
 * load mod_substitute, mod_version by default
41a6c3 
 * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
41a6c3 
 * add commented list of shipped-but-unloaded modules
41a6c3 
 * bump up worker defaults a little
41a6c3 
 * drop KeepAliveTimeout to 5 secs per upstream
41a6c3 
- fix LSB compliance in init script (#522074)
41a6c3 
- bundle NOTICE in -tools
41a6c3 
- use init script in logrotate postrotate to pick up PIDFILE
41a6c3 
- drop some old Obsoletes/Conflicts
41a6c3
41a6c3 
* Sun Apr 04 2010 Robert Scheck <robert@fedoraproject.org> - 2.2.15-1
41a6c3 
- update to 2.2.15 (#572404, #579311)
41a6c3

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation