rpms/httpd
6
0
Fork 0
Code Issues Pull Requests Releases Activity
751 Commits 13 Branches 102 Tags 9.7 MiB
c10s
Commit Graph

751 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luboš Uhliarik
c32927f911 Resolves: RHEL-131829 - Fix error page messaging when error handling fails 2025-12-19 03:10:15 +01:00
Luboš Uhliarik
8998eaa4ec Revert RHEL-107924 changes 
Resolves: RHEL-107924 - Improve default httpd LogFormats for better support
diagnostics
 2025-12-01 12:36:01 +01:00
Luboš Uhliarik
427878438d Resolves: RHEL-107924 - Improve default httpd LogFormats for better support 
diagnostics
 2025-11-27 16:46:07 +01:00
Luboš Uhliarik
0d46269f5b SSL vhost SNI policy: Fix handling of STRICT mode. 
Resolves: RHEL-125880 - mod_ssl: allow more fine grained SSL SNI vhost check
to avoid unnecessary 421 errors after CVE-2025-23048 fix
 2025-11-10 17:04:43 +01:00
Luboš Uhliarik
f57ae09072 Resolves: RHEL-125880 - mod_ssl: allow more fine grained SSL SNI vhost check 
to avoid unnecessary 421 errors after CVE-2025-23048 fix
 2025-11-06 13:14:22 +01:00
Luboš Uhliarik
bc23a5927d Resolves: RHEL-122290 - mod_proxy_hcheck may stop healthchecks after a child 
process is reclaimed
 2025-10-24 16:56:08 +02:00
Branislav Náter
f2e7ddf5e9 Run tests in centos-stream namespace 2025-09-10 11:45:05 +02:00
Luboš Uhliarik
3cc2f90162 Resolves: RHEL-92663 - Image mode: The dir /var/www is not created when 
updating system in image mode
 2025-09-08 17:42:29 +02:00
Luboš Uhliarik
c7abef52c5 Resolves: RHEL-99945 - httpd: HTTP Session Hijack via a TLS 
upgrade (CVE-2025-49812)
Resolves: RHEL-99962 - httpd: access control bypass by trusted clients
  is possible using TLS 1.3 session resumption (CVE-2025-23048)
Resolves: RHEL-99970 - httpd: insufficient escaping of user-supplied
  data in mod_ssl (CVE-2024-47252)
Resolves: RHEL-103489 - stickysession field does not work when
  specifying it in the query parameter after upgrade to 9.5
 2025-08-16 14:53:35 +02:00
Luboš Uhliarik
c9f9440a5c Resolves: RHEL-106043 - httpd 2.4.62: mod_proxy_connect prematurely closes 
connections
 2025-07-29 13:55:21 +02:00
Joe Orton
891311ad03 mod_dav: add dav_get_base_path() API 
Resolves: RHEL-105255
 2025-07-24 10:57:53 +01:00
Luboš Uhliarik
897a585da6 new version 2.4.63 
Resolves: RHEL-76358 - httpd rebase to 2.4.63
Resolves: RHEL-73414 - RewriteRule proxying to UDS (unix domain socket)
  configured in .htaccess doesn't work on httpd-2.4.62-1
Resolves: RHEL-66489 - Apache HTTPD no longer parse PHP files with unicode
  characters in the name
 2025-01-27 15:43:26 +01:00
Troy Dawson
0a0943f905 Bump release for October 2024 mass rebuild: 
Resolves: RHEL-64018
 2024-10-29 08:30:27 -07:00
Luboš Uhliarik
3f0c72457c Resolves: RHEL-50031 - httpd default config changes 2024-08-12 14:14:08 +02:00
Luboš Uhliarik
a7f0464790 Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen 
Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from
  httpd mod_proxy_wstunnel
 2024-08-08 21:34:04 +02:00
Luboš Uhliarik
239a3e0f11 Add necessary openldap-devel build dependency 2024-08-03 19:55:47 +02:00
Luboš Uhliarik
e9082a8a62 Resolves: RHEL-52722 - Regression introduced by CVE-2024-38474 fix 2024-08-03 19:46:19 +02:00
Luboš Uhliarik
6b2ff10ef8 new version 2.4.62 
Resolves: RHEL-33446
 2024-07-19 16:55:58 +02:00
Luboš Uhliarik
9d3f3ddfcd Add missing CVE reference 
Resolves: RHEL-46051 - httpd: Security issues via backend applications
whose response headers are malicious or exploitable (CVE-2024-38476)
 2024-07-03 21:43:12 +02:00
Luboš Uhliarik
6ad1ffded3 new version 2.4.61 2024-07-03 21:40:39 +02:00
Branislav Náter
14ca0d5a20 Select test only for httpd component 2024-07-03 14:56:50 +02:00
Troy Dawson
6d48afbcf9 Bump release for June 2024 mass rebuild 2024-06-24 08:46:31 -07:00
Branislav Náter
ea680b766f Changing tests url to https 2024-05-29 10:17:54 +00:00
Joe Orton
57b169ed96 Bump NVR. 2024-05-23 12:41:57 +01:00
Joe Orton
3d46650df4 mod_ssl: disable ENGINE support 
Resolves: RHEL-33734
 2024-05-23 10:13:49 +01:00
Joe Orton
3dfccd856a mod_ssl: defer ENGINE_finish() calls to a cleanup 
Related: RHEL-36755
 2024-05-22 08:21:35 +01:00
Joe Orton
0040a4da5a mod_ssl: use SSL_OP_NO_RENEGOTIATION 
Resolves: RHEL-36720
 2024-05-17 09:57:35 +01:00
Joe Orton
16e064a085 apachectl(8): use BUG_REPORT_URL from /etc/os-release 
apachectl(8): fix grammar (#2278748)
httpd.service.xml(8): mention ProtectSystem= setting
 2024-05-03 09:06:42 +01:00
Branislav Náter
498f8fdb8b Tier3 plan added 2024-05-02 12:50:35 +02:00
Branislav Náter
a3465e81ed Test plans and gating configuration 2024-05-02 12:09:42 +02:00
Joe Orton
3bf7121c69 add ServerTokens: Full-Release support 2024-05-01 16:36:09 +01:00
Joe Orton
1ebfa49b02 mod_ssl: add DH param handling fix (r1916863) 2024-05-01 09:11:40 +01:00
Joe Orton
dbbe9d570e update to 2.4.59 
Resolves: RHEL-33446
Resolves: RHEL-31930
Resolves: RHEL-31917
 2024-05-01 09:11:33 +01:00
Michal Srb
17b0b4e042 Fix rpminspect.yaml syntax 
Any entries in the upstream inspection block that contain wildcards for glob(7) specification need to be wrapped in single quotes.

We are also changing the badfuncs block to allow the specific function in mod_proxy.so rather than ignoring the entire file.

Thanks to David Cantrell who discovered this problem (in OSCI-6724) and proposed the fix.
 2024-04-17 15:40:56 +00:00
Joe Orton
1c126ced89 really fix changelog ordering. 2024-03-28 14:25:42 +00:00
Joe Orton
2ce898b07d rebuild to fix changelog ordering 2024-03-28 14:23:56 +00:00
Joe Orton
27131dea8d Update tracking. 2024-03-28 14:23:51 +00:00
Joe Orton
5528c4fdcf Merge remote-tracking branch 'centos/c10s' into rawhide 2024-03-28 14:22:48 +00:00
Joe Orton
5096106709 Add gating configuration. 2024-03-28 13:28:04 +00:00
Joe Orton
264f63b024 - ignore source file changes in rpminspect's "upstream" module 2024-03-07 17:02:24 +00:00
Joe Orton
dee54cd734 - Updated Systemd security settings (closes #3) (Rahul Sundaram) 
- updated httpd.service(5) man page (Joe Orton)
 2024-03-07 13:04:06 +00:00
Joe Orton
756bc47b6f Add upstream tracking notes for patches. 2024-03-07 11:55:21 +00:00
Fedora Release Engineering
7fa757742f Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-24 21:49:39 +00:00
Fedora Release Engineering
9e93ea3734 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-20 22:15:08 +00:00
Joe Orton
df3d3d1151 - remove some old workarounds 2024-01-05 16:31:55 +00:00
Joe Orton
ab864817dc - renumber patches to apply in numerical order 
- use %autosetup
 2024-01-05 16:31:44 +00:00
Joe Orton
fcc34b87be Fix suffix. 2024-01-05 11:55:23 +00:00
Joe Orton
16be14d05f fix OpenSSL 3.0 deprecation warnings (r1913912, r1915067) 
mod_ssl: move to provider API for pkcs11 support (#2253014)
 2024-01-05 11:48:45 +00:00
Joe Orton
af4e8a43b6 Note build fix. 2023-12-12 08:59:47 +00:00
Joe Orton
3d4b4777ce - fix build with libxml2 2.12 2023-12-08 12:01:00 +00:00