Update to 2.3.9

- New upstream release 2.3.9 - SECURITY: Fix possible heap buffer overwrite (CVE-2013-4365) - Add experimental cmake-based build system for Windows - Correctly parse quotation and escaped spaces in FcgidWrapper and the AAA Authenticator/Authorizor/Access directives' command line argument, as currently documented (PR#51194) - Honor quoted FcgidCmdOptions arguments (notably for InitialEnv assignments) (PR#51657) - Conform script response parsing with mod_cgid and ensure no response body is sent when ap_meets_conditions() determines that request conditions are met - Improve logging in access control hook functions - Avoid making internal sub-requests and processing Location headers when in FCGI_AUTHORIZER mode, as the auth hook functions already treat Location headers returned by scripts as an error since redirections are not meaningful in this mode - Revert fix for PR#53693, added in 2.3.8 but undocumented - Fix issues with a minor optimization added in 2.3.8
2013-10-08 12:14:24 +01:00 · 2013-10-08 12:14:24 +01:00 · 4323f1aa08
commit 4323f1aa08
parent d1ebc0ae73
2 changed files with 34 additions and 14 deletions
--- a/mod_fcgid.spec
+++ b/mod_fcgid.spec
@ -33,8 +33,8 @@
 %endif
 Name:		mod_fcgid
-Version:	2.3.7
+Version:	2.3.9
-Release:	7%{?dist}
+Release:	1%{?dist}
 Summary:	FastCGI interface module for Apache 2
 Group:		System Environment/Daemons
 License:	ASL 2.0
@ -82,19 +82,19 @@ the number of fastcgi servers, and kicking out corrupt fastcgi servers as soon
 as possible.
 %if %{selinux_module}
 %global selinux_policyver %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp || echo 0.0.0)
 %global selinux_policynum %(echo %{selinux_policyver} | awk -F. '{ printf "%d%02d%02d", $1, $2, $3 }')
 %package selinux
 Summary:	  SELinux policy module supporting FastCGI applications with mod_fcgid
 Group:		  System Environment/Base
 BuildRequires:	  %{selinux_buildreqs}
 # selinux-policy is required for directory ownership of %%{_datadir}/selinux/*
-# Modules built against one version of a policy may not work with older policy
+#
-# versions, as noted on fedora-selinux-list:
+# version requirement is a hack to avoid problems mixing new modules with older policy,
-# http://www.redhat.com/archives/fedora-selinux-list/2006-May/msg00102.html
+# e.g. http://www.redhat.com/archives/fedora-selinux-list/2006-May/msg00102.html
-# Hence the versioned dependency. The versioning will hopefully be replaced by
+# _selinux_policy_version introduced in F-20 (#999584), but can be emulated by
-# an ABI version requirement or something similar in the future
+# pulling the policy version number from the policyhelp file on older distributions
-Requires:	  selinux-policy >= %{selinux_policyver}
+%{!?_selinux_policy_version: %global _selinux_policy_version %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp 2>/dev/null || echo 0.0.0)}
 %global selinux_policynum %(echo %{_selinux_policy_version} | awk -F. '{ printf "%d%02d%02d", $1, $2, $3 }')
 Requires:	  selinux-policy >= %{_selinux_policy_version}
 Requires:	  %{name} = %{version}-%{release}
 Requires(post):	  /usr/sbin/semodule, /sbin/restorecon
 Requires(postun): /usr/sbin/semodule, /sbin/restorecon
@ -221,13 +221,33 @@ exit 0
 %endif
 %changelog
-* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.7-7
+* Tue Oct  8 2013 Paul Howarth <paul@city-fan.org> 2.3.9-1
 - Update to 2.3.9
  - SECURITY: Fix possible heap buffer overwrite (CVE-2013-4365)
  - Add experimental cmake-based build system for Windows
  - Correctly parse quotation and escaped spaces in FcgidWrapper and the AAA
    Authenticator/Authorizor/Access directives' command line argument, as
    currently documented (PR#51194)
  - Honor quoted FcgidCmdOptions arguments (notably for InitialEnv
    assignments) (PR#51657)
  - Conform script response parsing with mod_cgid and ensure no response body
    is sent when ap_meets_conditions() determines that request conditions are
    met
  - Improve logging in access control hook functions
  - Avoid making internal sub-requests and processing Location headers when in
    FCGI_AUTHORIZER mode, as the auth hook functions already treat Location
    headers returned by scripts as an error since redirections are not
    meaningful in this mode
  - Revert fix for PR#53693, added in 2.3.8 but undocumented
  - Fix issues with a minor optimization added in 2.3.8
 * Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 2.3.7-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
-* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.7-6
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 2.3.7-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
-* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.7-5
+* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 2.3.7-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
 * Wed Jul  4 2012 Paul Howarth <paul@city-fan.org> 2.3.7-4
--- a/2
+++ b/2
@ -1 +1 @@
-5952c93dc16b42264a4bf2a54757fc08  mod_fcgid-2.3.7.tar.bz2
+262a8c59bceee5fcb669dd92a85c637d  mod_fcgid-2.3.9.tar.bz2
`@ -1 +1 @@`
	`5952c93dc16b42264a4bf2a54757fc08 mod_fcgid-2.3.7.tar.bz2`	`262a8c59bceee5fcb669dd92a85c637d mod_fcgid-2.3.9.tar.bz2`