hiawatha-letsencrypt-10.11-bp155.3.11 >  A dk``I%z I-.[0O?鍩2"\>ϐ-J4FwlY6سE~%yYWGAg ? Q:A5!@7\e,/"DDŽ ܓ4eO׿S,D:j/hIv33H*>10ѓ t`.Oit[P<Gh\ɥc k*: ֤Unl{ D7fȑwLLm؊GMܨMmk w~_TEvȒUM3C /8$5vDžb}Īc-^j^$C[ % ^7׫|s ڸw qL%>ܚR4Ig yx,Rњ/5mRa|5gT4&AY޼YJ+8%go K;}Kt# .ڴzZG_sL,w{]}~`s7C7Ԯ 4Sغd`#6897f0cd9cade8cab859b5bf89ba6cd11dfb5aa2c83ad8b6e153f97da8990097465b8b9a9e557ca9f9024976bcd10167bf0db446^pdk``I%z a'vAZmt ZX.ay4}GnHuIxn LHCS$ DHlm*u2.\ XñۺXŢ}oڝtϼ|4ޞT_ 7>0Hj54eWtỲ2jW;a%FpOZ[V7dG/~\,{<瀊0(0K\m" U l޷bUv G2jDT;4eAU4Q[q)~TN1Ԯ?#y)>p>(8?((d ( X '-8p     4zPl( 89t: F#G#4H#lI#X#Y#\#]$^$b%c%d&0e&5f&8l&:u&Pv&w'Tx'y'z''''($Chiawatha-letsencrypt10.11bp155.3.11Let's Encrypt script for the Hiawatha webserverThis is the Let's Encrypt script for the Hiawatha webserver. It can be used to request, renew and revoke certificated as provided by Let's Encrypt in a very easy way. It requires the PHP command line interface and uses version 2 of the ACME protocol to communicate with the Let's Encrypt server.dk`Yobs-arm-11SUSE Linux Enterprise 15 SP5openSUSEGPL-2.0-onlyhttps://bugs.opensuse.orgProductivity/Networking/Web/Servershttp://www.hiawatha-webserver.orglinuxaarch64%A-9'(xzAA큤큤dk`Xdk`X]g\]4\\!Zqdk`U]g]gRZqZqdk`U\f1216470cca35fbadd27e2b6ef4f000734dc5472a4aed5c84ba6b1bc20266c634abcc13a76e6eb7970cf5f17d169f771d1e4a6d3710cdf0f1725aa0f870520e36a0358d86dcf332b7124cad12622f32c983ba75138ed39a8801bd0f83a8c9baec3866e5778e93605b87ec0f3d8ff321b99ac92a68d06a01f2bd76dc6538240eb5898e6fee3cdd7e5f36b89240efa516c9e3b65febf228497a388a783d10a09ed8409546ea594cc3cfec1203a681d68208e0cdb3668ed20d424a481e42d3bbabbb1d102c562ca3f935057202639698507063331799b11f4b79d5424fadf63270d8b9f621806dfadf4dfeee2f0d851b6ae99f4cf994ff053b173adf21616c13b271b8e6d85d48dde7a3fa5f782c1bbd29e3714f4e1579a6c52a3a9c929d951d74429747b193fb516b7b4e28216ee4777a644b89898303b0a08afa0f852050a1f290484788488b7bfa098fa57ba8b4b1d80799ea98e564249002f5e02a5e6e62673f8dfebeab97ed3e28c7afb05223c4d0e2b3abbea1f61a7a26fb529b8e82bd4b49rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroothiawatha-10.11-bp155.3.11.src.rpmhiawatha-letsencrypthiawatha-letsencrypt(aarch-64)@    /usr/bin/phphiawathaphp-clirpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3bOaK_=@_A@]8H@\}@[tZ@ZZZZ@Y+@YEX*WWUUU~@T Tи@TeT*@TVJohannes Segitz Johannes Segitz Callum Farmer Mariusz Fik matthias.gerstner@suse.comMariusz Fik fisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgmpluskal@suse.comfisiu@opensuse.orgmpluskal@suse.commpluskal@suse.comfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.org- Allow read only access with ProtectHome=read-only to enable UserWebsites=yes Modified harden_hiawatha.service.patch and hiawatha.service- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_hiawatha.service.patch Modified: * hiawatha.service- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)- Update to version 10.11: * Default value of MinTLSversion set to 1.2. * Small bugfixes. - Changes from 10.10: * Removed several build options. Functionalities are now always enabled. * Updated Let's Encrypt script due to changes in the API. * Bugfix: AlterMode not working correctly.- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html- Update to version 10.9: * Let's Encrypt script installed via CMake. * Bugfix: Directory traversal when AllowDotFiles is enabled. * Small improvements.- Update to version 10.8.3: * Several fixes in build system * Added build system for nghttp2 * New style for directory index * uri_depth added to XML for directory index- Update to version 10.8.1.: * Removed support for secp192r1 and secp192k1 curves, to make it PCI DSS compliant out of the box. * Small improvements to Let's Encrypt ACMEv2 script.- Ship Let's Encrypt script within subpackage.- Add firewalld config files for Leap/SLE >= 15 and TW.- Update to version 10.8: * New Let's Encrypt script that supports ACME v2. * Added Syslog option. * Added GZipExtensions option. * AllowDotFiles now used to show hidden files in directory listings. * Removed support for static RSA ciphers. * Hiawatha log format changed. * Small improvements. * Bugfix: certain characters in filenames disrupted directory index output. * Bugfix: requesting non-regular files now results in a 403 instead of blocking that thread.- Fix build with mbedtls 2.7.0.- Update to version 10.7: * Connect to a Unix socket via a reverse proxy. * Added BlockExtensions setting. * Small improvements. * Bugfix: error in handling renewal scripts in Let's Encrypt script.- Update to version 10.6: * Added PublicKeyPins option. * Added renewal-scripts to Let's Encrypt script. * Small changes to CMake build system. * Added CustomHeaderBackend option. * Renamed CustomHeader option to CustomHeaderClient. Old name still works. * Hiawatha ignores FileHashes and ReverseProxy for Let's Encrypt authentication requests. * Small improvements and bugfixes.- Update to version 10.4: * SkipCacheCookie option added. * Added Systemd init script to Debian package. * Small improvements and bugfixes. - Small packaging changes and requirements update- Build fails with mbedtls < 2.- Update to version 10.3: * PreventCSRF, PreventSQLi and PreventXSS improved. * Prevention of MySQL data mining via SQL injection. * Added revoke option to Let's Encrypt script. * Hiawatha ignores RequireTLS for Let's Encrypt authentication requests. * Small bugfixes and improvements. * Bugfix: possible HTTP request pipelining error after CSRF prevented. - Changes for version 10.2: * Added Let's Encrypt script (see extra/letsencrypt). * Added support for requesting Let's Encrypt certificates (see AccessList and PasswordFile settings in manual page). * Small improvements. * Bugfix: HideProxy not working for Forwarded header. - Changes for 10.1: * Added Extensions setting. * Added support for X-Sendfile header. * mbed TLS updated to 2.2.1. * Improved SQL injection detection. * Small bugfixes and improvements. - Changes for 10.0: * Usage of Directory sections changed. * Added support for RFC 5785. * Added support for GZip compression. Removed the UseGZfile option. * Added ECDSA support for TLS 1.0 and TLS 1.1. * Replaced UrlToolkit Expire option with ExpirePeriod in Directory section. * Replaced IgnoreDotHiawatha option with UseLocalConfig. * Removed the VolatileObject option. * Improved SQL injection detection. * mbed TLS updated to 2.2.0. * Small improvements. - Changes for 9.15: * Support for WebSockets via reverse proxy. * UNIX socket support for connections to WebSockets. * Responsive design for directory index and error message. * mbed TLS updated to 2.1.2. * Fixed mbed TLS linking in CMake configuration. * ListenBacklog option added. * Small bugfixes. - Changes for 9.14: * mbed TLS updated to 2.0.0. * Small bugfixes. * Bugfix: crash when sending very large request to FastCGI server.- Fix rpmlint warnings * add rcsymlink * fix log directory permissions- Update to 9.13: * Renamed SSLcertFile to TLScertFile. * Renamed RequireSSL to RequireTLS. * Renamed SSL_* CGI environment variables to TLS_*. * Renamed UrlToolkit option UseSSL to UseTLS. * Replaced MinSSLversion by MinTLSversion. * LogTimeouts option added. * Added 'skip directories' parameter to reverse proxy. * Failed logins sent to Hiawatha Monitor. * Small bugfix and improvements.- Update to 9.12: * Bugfix: memory leak in SSL library. * Small bugfix.- Update to 9.11: * ChallengeClient option added. * UrlToolkit options TotalConnections and OmitRequestLog added. * Improvements to UrlToolkit and reverse proxy swap. * UrlToolkit rules are also applied to PUT and DELETE. * Small improvements.- Update to 9.10: * Support for banning bad clients who connect via a proxy. * UrlToolkit option Do added. Changed how Call and Skip should be called. * General UrlToolkit improvements. See config/toolkit.conf for syntax. * Hiawatha now prefers reverse proxies with a scheme matching the one of the client connection. See config/toolkit.conf for syntax. * Hiawatha will now first process UrlToolkit rules before using ReverseProxy. * Small bugfixes and improvements.- Update to 9.9: * HTTPAuthToCGI option added. * BanByCGI option added. * Improved SSL ciphersuite selections. * CAcertificates options added. * Dropped support for SSL3.0. * Small bugfixes and improvements.- Update to 9.8: * Added support for websockets. WebSocket option added. * SSL key and certificate checks added to wigwam. * Small bugfixes and improvements.obs-arm-11 1684758617 10.11-bp155.3.1110.11-bp155.3.11hiawathaletsencryptacmev2.phpconfig.phphiawatha_config.phphttp.phphttps.phpletsencrypt.confletsencrypt.phplogfile.phpopenssl.confrsa.phplefhlefh.1.gz/usr/lib64//usr/lib64/hiawatha//usr/lib64/hiawatha/letsencrypt//usr/sbin//usr/share/man/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Backports:SLE-15-SP5/standard/4ab8f3ebf1a36418a9b58978291da57c-hiawathacpioxz5aarch64-suse-linuxdirectoryPHP script, ASCII textASCII texta /usr/bin/php script, ASCII text executabletroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)R-6pl{ utf-84a5c2423521c346def87a64df4f3fa68d92fa039c4901b52d9c2437879fc79c1? 7zXZ !t/1] crt:bLL ؝/ؤO}K[ЀwDIF?-D_wET|C>FPM)ú/֩ lB2 Qdc\)ìd1DҐS$%ė%fc4+ MhIv̿t3+%#L~rLWuGoGH/on6Rr 4_` %ޚFh)-;Ž=l ._s o/VKYC88ZcCe,n웹'![6[ӂPFlq|Esõ43)2rl8GEF#L|cpWM,BvZ  Tv6۾|54QA"9]QTbv ^d6(aݎl;L=r ԻV^Q߄gTiܞl6C6}Qh<_%w ZՎVpCBg(okmeJ }j$NV~ݵ$T? E1> N+X_Y3J1E'~)[O`h8R)?UE!0 _\DTSlJǦެh1xӃWe>jfν D]Mlsl5 l~e:G|j7r 2zqՑC38~.~lj|X]c!c5Je-ۍh$@B銠l@BQ4E X]]i@}P-ؘv= ftFweQ6o2BԷR*,OG G|ŽViR2 B96 < QKΑв'wz*tot{P6b!XR"2]P57BW"i c ڗ}pܔ5xKjO\Cm=IK?Ч_'O|MdB70*P}\̍rhkL4f]Ř[$ܘS vcd3v=V!?D L -[B5&~}:łd=q9Ml[q@kIH-9ք:!}8!`7)N:b?Ԧ]{tbEbY]|?ւ=UM#j,Vgvg -}!~roKՂ,Y=ߨy½@ZWoĒq8J c)OiRVL!/G0[_氈H_499[9!FClaO6eBgmׯcb%=|N0'+t Niz3`'@WiWHo]ỦE]|l=h0b!(q sj->1 + .nyP1U73e\⡛H(:kdXaF8b @S7Sjs=͞Վ_d vu܃Ѻ5WFd[I~PO-o[u5d;hu64w3I/Ӽ|ބ10qafƥ)JlD瞔&:jtp1hM ΂"Q&`XAbK汼8SqZݨkϱӛUg 86A(e\Ȉei桓,+ F͆/΄:'?r6 kXD\ ǘlZOiK؍"˙{ՔgJ F=q (&w< ' {!V߶7;Pmf.ì2o%Ӛݹzy3hR+'V@2ÊaVT E}!0ӕ+ÝuxT`)!XejN=$M#_YO+n:Qӝ!G,ja3D w^j#yeN& 6!?x,LPG,Xyt;13dpHtKEt<@Y8:=L'&u`jo4&cYvu6#tt}!.DH@\E2?ˠدO|ȥ\`fF*Sv*{gL8ñ&LEʝ{4@twj.Fz/=O&C(SV_|9?Su"^H[kFDev =3@8/ԽC@Д6gn@&ZzI g,)cW"']v 1?GX7,rty2JO)}9PySou1.c*'LBE+f6FgTf0EVhAgkk`bz(g,=0B%,V)=t5-]y]݃%}&:%{2Γ|+7[(Rfm;U@q1n 9z*A(.>leFkkv #JHΐU.dOAN8iyah'8grkvA牖 ٢ϙdC  qzK):I?1K'uS*sheRHwb8'Dɳ"ɁkǰK.9iHR%7,կUP,GS&l?qN1 )Q_PTH1UY HOd70?{umX 0 h&eK2U ӓ]#C:Ûw.b 4Bʝ= pOJR-cճ(:kEB .N"pVǐQD ehTdDTw<)ɝӫXH(07W:q> /coJ#ʱMl+G(QU;o#_N5ҋ myE;! ʈ^ZHV?%-~bbAb߾s "آd8~~nmj84u`4\Nk>U*rnn {qb6=Ȍ<_w=*~w9ĕtHC Zd/Sy`jD6~d6&n]Cjw8ٿ K=ڷK#Pn(o!` gJ#*ƣ,]Y$zRb}%`y.}- Z47!Q',㎛?s0*t1IfQGIpzrW<aA7,j-Kk%4x@g &݁ S;*Lޱ9afEރ!8TA7gNWcOD&N rF9hxha$TF=>P IEJH>#=V`PU}VV#"bR{|x Oh@@գ3j!i24JW<2-taڬ_^jFh]E eg38m8dC`|AH#i/{x=l{?_ Қn G$ HWgY wB`<_=g'"geEĸ+YAK&_!_P1Ikj|iǑT+T|Kuf=eCRiBYLB JEP~Ѹ#+++ $Rpbe eG!tmeSqRWKD*ukj#/0pN8X}`` o˷N}Wp`JjT<;_`ß4H $iϦGÊtw"-:iy+PB)i,X/MZ)7;mB[ıܓ`垉v8m|m L0c:?AGi#?˧?GAnm+5߼uu%^xqO ij\;O;GF{}U*.+tyOS1sף9*d-+ |eا&6{u^Gt TkjK8fI17Z5,! m ψ+TP~<GI|- >aԓZu@0u ޼"t6}ʱ02]FxFƎaJd3J| [-M)YsDeݭK b@A]eZp8ߑכvyBo ITJMG |-Z6]dA+F"Z_oOT;JYTgϳg,3l1i:~|G8JOJ&? eb;+gr+瀂?ٲ*M~\aሀ0QUbf$)^Ūv[g$werX^e]czukxYb_nE2тawW:qRʪX9nV)S:m+BA6ѻHrftC8[\>Z(v~e^tߤV%ҟKX.kYS:Eg~Z* Yn7=MaKH\| qgܾ9F#9,g"p,v1 ,ߖd2MW%N;lo e0~qLj,┙6i"0!ZO=S(MD?͓u*mOPF0n4fjX\Ug%;vel]4jǨ 4MEhċ]Is #m5FLpއ ӅqTA<Ƅ̪pӓmWX@\oqBQWDd4rgMͤz>)Xݪcȵή<ְQBҗWol=D¶Ԥ2{ ^ GLFu~y & G0 oݎ ddBES W]{f >!iub Zx̏qC$ܳ$nӺ"~/D{цAEn(̅-An 5dYLShX2Z DoJuӺ^SƔNDI=p}G}XmğoL~ v.0W%W u-w*ZM5T9g's!P9{Eۙr1 Zvk{8`w_lUq4yw/) /t,Դ?@~|z4>gK*[7/9; `Plcf6 ]A1Y6A{c\97[[ыda:}b_ULs}IAQw_ _Z2~3fPW =R`Op:2$=~WԷ+ne?q1W}Qɬ-ӟ爴Jk<3F&;?8" Ţl .6J{Uq,:J~ufR,8YҦIy}xdc%st >ŧmVy Ft bmR>SˤcWXQ4!eiGI' DZE4Ğ_I/[$ nar$.P#˯n!ͭ tZ ޞYGxI(iYӴH^U 4RN}_Rt[H '>5EđNΦ(((ո 1C`I7Q k:N53lC n_Uyums-UB :l76s[aO'f,'n0w3 YJX9clmGĂn% zUf2i}F^pWqjblb̒E}hV2A?z I kFtQGVhū#M^ml F1$ m{?|8gI3txPRYTY-ЉAO7ވ<%9Thf ޾] %2.@wF׆Q BoI.脍eR (8Ur9f\yf,`fo\Ȑox$9?[xtz>P'fY ?Mq~T`tK#Dꍈ7wHB4J/y^p)3lf'%ED.F2h*qOkE)`h CͻسqfA|ā᱑UTim~b=U;ob\Urσ^(<0|7-p$F\K*oɚ.ī:x L.%*"Lx!/kJm-pz?8 foryB*W֪l4+ҽQobJJЦ7kuPVBEgWZlD2BOSuo*5w2m+.uܑb2'o>tl.h`1ji+|G`O53,x/64v7g|Ks ߾9WF:$OdS JrdZm:+4t J T#ۖ3RW(ePpѳ \[`#bUtz}~5.W-V\ Ύ0Q@+g/T#w|5tzB<՘=4bC:c b!Ģ1+B.:H,xv&V1Q }bsxQ={RAؤuf̴rN7LW?XX|P $\bo-/w0^KXaxۭ2U9$ByZt`w4j0bAIU)T5]kE3ڎk%vO'‚`Wr mMz$HV S4nVNۘDkl[1^6my1zuYj{btq (s:'rjvVn򪒚׮i~d҈E:AYDS^ *qO<Tk";Ҋ:#;)E)ܱ%~iT/Pt4{:O@Ó P).Ț 2]ˍ)dq8 7b_1my-#]vc?BW J5 v%KYqVw\pZu[ʹ!7ylg %v)sI4G0g`EvH|P.O9(X50=^HY!,y% N֌]*&ZiKƒf{iQ7`{w aMwˣ/3R>Ju`5; pdTIcn#X]@Dq9AzУY-F_J^1j fp)xA5var᜷*i?3#Qԕ,3:y̵PpTn<"[ZSokɡVءvϬ~e)2>05J>GҸ; AyUۘuG 17h;oޣ/3Laxv)Y|^`Ԉw<>I(C"ཪ};kbXtE%DpѴ[8LDDE:jA_oxtiC21L| 7yӋ:hx+U|}οwkf(gq)9Wd dSJ<)_WMVx "h>C7J\S>[oFi?k©q=IB,(44f^ D sִ< w +.T$ys-O(tuB#&w;ѩqRX30Җer#å] P|x ݄ Gϭ!~4"HLht.1|9/SPH/?Gbȱ!AҦE'JD{-Ze HhneWW. *>:) _--Fb] ;#y|v^|;EsmQCVNh^ J*88d,tNi-u2:[&\E[;bT%KA8_rJ\UaA? 6ELN0m) E²Z X=gl[iQO- ioqh]0=#h)йpgKD,MeXr;}aK >3 tUL_,frUڞ;\v/p+zxE1Pc&\ &"1Kw_o#=AmS\3߅1J(c x3\3P(#x% D#+d/w>hl^8'MMN&IT,ۚfG'0vgo=*EL|Dn(wxxi1l!YD#o{8 Z݄6M&;vD9}:g!E%ɚwCc~K3& 7)_)0{KJXIQ\p[DlFFC*Cjŕ^E4sPr}l ^7sU"ꯛFI2NI#DcBf/?ɂ*5*1HlaV Xk@*&*8 /(ĭ)I:ߙCXy6mRn.4!N7:#K@+#pWGPf-ޙ<^yך@OdxgݸOl`8P9- cX@߉G:b5[( .7欣l*L{3riFm$új=h΋Q[ ݞ.b(&Br&]zWe4K :C }Vk,Õ;X/ah\ܳ8$Xo%qӱ33iX(ST6]i5e;Ҋ뷬ЯLaa,/PsVlH\oFpqwk׀lpRmiL"4j62֎oR:kPB^po̩vFr{eн k@ Lir2hn;sLC)KA͚ KFOO(: M-. 75G!ViƖZuEIK'K>e87X$թ(PT 6NQKX'Rݔkug+M`բEyN 3McPO?P&=/8S\Id!6yy9>Uy^\Wt6HˠȎnAa@f!mZ8@Wo RuK̢5CЊ,Dh?@]v:ٽePP 8L:]KOE?[MȹG~wCQp(LC+`AvEnx Ӌ,*AR,[UZLū7>2` BxڳNio"pixlb!'ASq;5qHD:VAҔwNw*gvZL顉( 7KHѦa09%l勛oJ [ll(~MCRtڧ1E{\,>ufL߬^<)Ebӟ N#aҷ1^]%N%-ll +^;fvNᜦL=O"ffmLN> F9ySLIph5EH"~3Cyg9kNAMOFAc>3^s,FEXWyh`[K<=~k k>'wQ=!!<8bWsU'N:CSiΟib%^ qDj "d.S•:i8QdЯ7 YZ