rpms
/
httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
61 Commits 11 Branches 64 Tags 8.4 MiB
Commit Graph

61 Commits

Author SHA1 Message Date
Luboš Uhliarik e48d1ff2b5 Resolves: #2097016 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() 2022-07-21 17:19:49 +02:00
Luboš Uhliarik 3e971cd869 Resolves: #2098248 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped 
by hop-by-hop mechanism
 2022-07-20 18:39:13 +02:00
Luboš Uhliarik f50c76924f Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in 
ap_strcmp_match()

- uncomment previous security patch200 - it was commented out by mistake
 2022-07-20 17:04:41 +02:00
Luboš Uhliarik 4e955b0b8d Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request 
smuggling
 2022-07-20 16:41:33 +02:00
Luboš Uhliarik 3bed4484eb Related: #2065677 - fix downgrade issue after introducing httpd 
core sub-package

- mod_ssl and other modules should depend on httpd core sub-package
 2022-06-28 01:18:59 +02:00
Luboš Uhliarik 7fd1efd8e0 Resolves: #2098056 - mod_ldap: High CPU usage at apr_ldap_rebind_remove() 2022-06-24 14:53:45 +02:00
Luboš Uhliarik 032b2cd822 Resolves: #2095838 - mod_mime_magic: invalid type 0 in mconvert() 2022-06-16 18:28:30 +02:00
Luboš Uhliarik 14361142ce Related: #2079939 - httpd rebase to 2.4.53 
- there is possible regression in PCRE 2 and in httpd 2.4.53 it was
  automatically switched to use PCRE 1 as default. Therefore I'm forcing
  httpd to build with PCRE 1
 2022-06-15 15:28:08 +02:00
Luboš Uhliarik ef2b91d363 Resolves: #2065677 - httpd minimisation for ubi-micro 
minimize httpd dependencies (new httpd-core package)
mod_systemd and mod_brotli are now packaged in the main httpd package
 2022-06-01 16:48:59 +02:00
Luboš Uhliarik d6fbadf25f Related: #2079939 - httpd rebase to 2.4.53 
- backport regression fix - r1901199
 2022-06-01 02:11:42 +02:00
Luboš Uhliarik 0ded77a485 Resolves: #2075406 - httpd.conf uses icon bomb.gif for all files/dirs ending 
with core
 2022-06-01 01:49:31 +02:00
Luboš Uhliarik 0579fb3c3f new version 2.4.53 
Resolves: #2079939 - httpd rebase to 2.4.53
 2022-06-01 01:12:41 +02:00
Luboš Uhliarik 30c01a09c1 Resolves: #2073459 - Cannot override LD_LIBARY_PATH in Apache HTTPD using 
SetEnv or PassEnv
 2022-04-11 15:13:04 +02:00
Luboš Uhliarik c3884c0db7 Related: #2065251 - bump release num 2022-03-22 12:29:12 +01:00
Luboš Uhliarik bdf0e9e785 Resolves: #2065251 - CVE-2022-22720 httpd: HTTP request smuggling 
vulnerability in Apache HTTP Server 2.4.52 and earlier
Resolves: #2066311 - CVE-2021-44224 httpd: possible NULL dereference or SSRF
  in forward proxy configurations
 2022-03-21 14:25:44 +01:00
Luboš Uhliarik b7d7474a46 Resolves: #2065251 - CVE-2022-22720 httpd: HTTP request smuggling 
vulnerability in Apache HTTP Server 2.4.52 and earlier
 2022-03-21 13:04:58 +01:00
Luboš Uhliarik 0cc775339f Resolves: #2035064 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow 
when parsing multipart content
 2022-01-10 18:57:43 +01:00
Neal Gompa ec4da30e9b Use NAME from os-release(5) for vendor string 
Resolves: #2029071 - httpd on CentOS identifies as RHEL

Signed-off-by: Neal Gompa <ngompa@centosproject.org>
 2021-12-06 19:39:06 -05:00
Joe Orton 9d1c57410b Bump NVR. 
Resolves: rhbz#1938740
 2021-12-03 15:01:54 +00:00
Joe Orton 4d3fe82afc add fixes for static analyzer issues (#1938740) 
Resolves: rhbz#1938740
 2021-12-03 14:19:05 +00:00
Branislav Náter 6a9dd7ed67 Resolves: #2025996 - Internal tests are not available for c9s 2021-12-02 12:41:35 +01:00
Branislav Náter 69ec5aa077 Resolves: #2025996 - Enhanced TMT testing 2021-11-23 17:03:11 +01:00
Luboš Uhliarik 71a047ad15 Resolves: #2005416 - httpd default configuration changes 2021-11-08 16:26:13 +01:00
Luboš Uhliarik 7f280ee9bc - new version 2.4.51 (#2011090) 
- add comments to apachectl
- adjust patches
- update openssl 3.0 patch

Resolves: #2011090
 2021-10-19 18:23:25 +02:00
Luboš Uhliarik 7302c9b133 new version 2.4.49 (#2005339) 
Resolves: #2005339
 2021-09-17 17:54:49 +02:00
Luboš Uhliarik d826352e8c Resolves: #2004143 - RFE: mod_ssl: allow sending multiple CA names which 
differ only in case
 2021-09-15 13:23:58 +02:00
Mohan Boddu c77124140b Rebuilt for IMA sigs, glibc 2.34, aarch64 flags 
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-08-09 20:28:44 +00:00
Luboš Uhliarik 674e740262 Related: #1956386 - Apache trademark update - new logo 
- fix link destination (when you use underscores in filenames in
one package and dashes in the other....)
 2021-08-09 14:36:09 +02:00
Luboš Uhliarik 01677aa399 Related: #1956386 - Apache trademark update - new logo 
- fix release number
 2021-08-09 13:01:58 +02:00
Luboš Uhliarik 23cd1df953 Merge branch 'c9s' into bz1956386 2021-08-09 10:44:10 +02:00
Luboš Uhliarik e50a90d493 Related: #1956386 - Apache trademark update - new logo 
- fix link destination
 2021-08-09 10:40:41 +02:00
Luboš Uhliarik 76b2921307 Resolves: #1956386 - Apache trademark update - new logo 2021-08-09 10:29:50 +02:00
Florian Weimer c4d6c17a34 Rebuild to pick up new build flags from redhat-rpm-config (#1984652) 
Related: #1984652
 2021-08-06 19:37:10 +02:00
Joe Orton 6ba433c549 mod_ssl: OpenSSL 3 compatibility update (#1986822) 
Resolves: rhbz#1986822
 2021-07-28 12:47:32 +01:00
Joe Orton 5097b89c7d Update to upstream version of patch for #1976080 (no functional change, 
except it also builds on OpenSSL < 3.0)

Related: rhbz#1976080
 2021-07-15 13:04:34 +01:00
Joe Orton e6d49b6319 - mod_ssl: add SSLKEYLOGFILE support (#1982656) 
Resolves: rhbz#1982656
 2021-07-15 12:41:39 +01:00
Joe Orton daf3bf9ef7 mod_cgid: fix doubled script timeout (#1977234) 
Resolves: rhbz#1977234
 2021-07-12 15:48:10 +01:00
Joe Orton 694f7e90dc fix release in ServerTokens Full-Release (#1932442) 
Related: rhbz#1932442
 2021-07-09 12:05:12 +01:00
Joe Orton f0962294b0 use OOMPolicy=continue in httpd.service, httpd@.service (#1947475) 
Resolves: rhbz#1947475
 2021-07-07 11:53:40 +01:00
Luboš Uhliarik 2be7e43256 Resolves: #1950021 - [RFE] Update httpd directive SSLProxyMachineCertificateFile 
to be able to handle certs without matching private key
 2021-07-01 14:16:33 +02:00
Luboš Uhliarik dc59040381 Resolves: #1950011 - unorderly connection close when client attempts 
renegotiation
 2021-07-01 13:16:36 +02:00
Luboš Uhliarik 566c28b19e Resolves: #1932442 - "ServerTokens FullRelease" support 2021-07-01 12:56:22 +02:00
Joe Orton f4d5942464 mod_ssl: fix loading encrypted privkeys with OpenSSL 3.0 (#1976080) 
Resolves: rhbz#1976080

Add rpminspect waivers.
 2021-06-25 14:52:16 +01:00
Joe Orton c476545bd9 add OpenSSL v3 compatibility fixes (#1975201) 
Resolves: rhbz#1975201
 2021-06-25 08:35:13 +01:00
Mohan Boddu ca9ca1b1ff Rebuilt for RHEL 9 BETA for openssl 3.0 
Related: rhbz#1971065
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-06-16 03:26:02 +00:00
Luboš Uhliarik a8dd1da944 Resolves: #1947099 - centralizing default index.html for httpd 2021-06-08 11:17:18 +02:00
Luboš Uhliarik 538ad5ff55 new version 2.4.48 
Resolves: #1952817 - rebase to 2.4.48
 2021-06-02 19:01:28 +02:00
Luboš Uhliarik 16516bd59b Resolves: #1949606 - RFE: httpd, add IP_FREEBIND support for Listen 2021-05-26 16:09:45 +02:00
Lubos Uhliarik eec74b76f8 Resolves: #1949969 - httpd : mod_proxy should allow to specify 
Proxy-Authorization in ProxyRemote directive
 2021-05-19 12:24:58 +00:00
Lubos Uhliarik c6262a06d2 Fix gating.yaml for RHEL-9. 2021-04-30 14:30:45 +00:00