hiawatha-letsencrypt-10.11-bp155.3.11 >  A dkQ&I%z K|+Hq#"wi$SvKy`2z$1|W[~B7 +g$nFukQtȚy}d*4P6 ثlhU0?0jp){kF JzZM=K1&&"4v)e>f˵,gNsrQ,A $feoGG2o6/%(B  c>x!Sж`eNc:[,};.^n+Y4ݗ⻦ަ4#-/:9o&G6lfnCE( ؇/#l[tO҈TR'c@2%N>Qk q}X![#K/4:>vd#p(?fOr3vV]4K07DW\؜M̍?ǬiLr‘x.*5m' v~AWwws3QrU@:Żt{|'a9aba389bf05379f2e09966481164a5af148c32ded8d04661ffec2b8f1d95fdc215afe089c9aef0af2e601639a7447518cea9f57^xdkQ&I%z ~Oop>(@?(0d ( X  +1<t     8~ Tp(89x: F#!G#<H#tI#X#Y#\#]$ ^$b%%c%d&8e&=f&@l&Bu&Xv&w'\x'y'z''''(,Chiawatha-letsencrypt10.11bp155.3.11Let's Encrypt script for the Hiawatha webserverThis is the Let's Encrypt script for the Hiawatha webserver. It can be used to request, renew and revoke certificated as provided by Let's Encrypt in a very easy way. It requires the PHP command line interface and uses version 2 of the ACME protocol to communicate with the Let's Encrypt server.dkQobs-power9-13SUSE Linux Enterprise 15 SP5openSUSEGPL-2.0-onlyhttps://bugs.opensuse.orgProductivity/Networking/Web/Servershttp://www.hiawatha-webserver.orglinuxppc64le%A-9'(xzAA큤큤dkQdkQ]g\]4\\!ZqdkQ]g]gRZqZqdkQ\f1216470cca35fbadd27e2b6ef4f000734dc5472a4aed5c84ba6b1bc20266c634abcc13a76e6eb7970cf5f17d169f771d1e4a6d3710cdf0f1725aa0f870520e36a0358d86dcf332b7124cad12622f32c983ba75138ed39a8801bd0f83a8c9baec3866e5778e93605b87ec0f3d8ff321b99ac92a68d06a01f2bd76dc6538240eb5898e6fee3cdd7e5f36b89240efa516c9e3b65febf228497a388a783d10a09ed8409546ea594cc3cfec1203a681d68208e0cdb3668ed20d424a481e42d3bbabbb1d102c562ca3f935057202639698507063331799b11f4b79d5424fadf63270d8b9f621806dfadf4dfeee2f0d851b6ae99f4cf994ff053b173adf21616c13b271b8e6d85d48dde7a3fa5f782c1bbd29e3714f4e1579a6c52a3a9c929d951d74429747b193fb516b7b4e28216ee4777a644b89898303b0a08afa0f852050a1f290484788488b7bfa098fa57ba8b4b1d80799ea98e564249002f5e02a5e6e62673f8dfebeab97ed3e28c7afb05223c4d0e2b3abbea1f61a7a26fb529b8e82bd4b49rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroothiawatha-10.11-bp155.3.11.src.rpmhiawatha-letsencrypthiawatha-letsencrypt(ppc-64)@    /usr/bin/phphiawathaphp-clirpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3bOaK_=@_A@]8H@\}@[tZ@ZZZZ@Y+@YEX*WWUUU~@T Tи@TeT*@TVJohannes Segitz Johannes Segitz Callum Farmer Mariusz Fik matthias.gerstner@suse.comMariusz Fik fisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgmpluskal@suse.comfisiu@opensuse.orgmpluskal@suse.commpluskal@suse.comfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.org- Allow read only access with ProtectHome=read-only to enable UserWebsites=yes Modified harden_hiawatha.service.patch and hiawatha.service- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_hiawatha.service.patch Modified: * hiawatha.service- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)- Update to version 10.11: * Default value of MinTLSversion set to 1.2. * Small bugfixes. - Changes from 10.10: * Removed several build options. Functionalities are now always enabled. * Updated Let's Encrypt script due to changes in the API. * Bugfix: AlterMode not working correctly.- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html- Update to version 10.9: * Let's Encrypt script installed via CMake. * Bugfix: Directory traversal when AllowDotFiles is enabled. * Small improvements.- Update to version 10.8.3: * Several fixes in build system * Added build system for nghttp2 * New style for directory index * uri_depth added to XML for directory index- Update to version 10.8.1.: * Removed support for secp192r1 and secp192k1 curves, to make it PCI DSS compliant out of the box. * Small improvements to Let's Encrypt ACMEv2 script.- Ship Let's Encrypt script within subpackage.- Add firewalld config files for Leap/SLE >= 15 and TW.- Update to version 10.8: * New Let's Encrypt script that supports ACME v2. * Added Syslog option. * Added GZipExtensions option. * AllowDotFiles now used to show hidden files in directory listings. * Removed support for static RSA ciphers. * Hiawatha log format changed. * Small improvements. * Bugfix: certain characters in filenames disrupted directory index output. * Bugfix: requesting non-regular files now results in a 403 instead of blocking that thread.- Fix build with mbedtls 2.7.0.- Update to version 10.7: * Connect to a Unix socket via a reverse proxy. * Added BlockExtensions setting. * Small improvements. * Bugfix: error in handling renewal scripts in Let's Encrypt script.- Update to version 10.6: * Added PublicKeyPins option. * Added renewal-scripts to Let's Encrypt script. * Small changes to CMake build system. * Added CustomHeaderBackend option. * Renamed CustomHeader option to CustomHeaderClient. Old name still works. * Hiawatha ignores FileHashes and ReverseProxy for Let's Encrypt authentication requests. * Small improvements and bugfixes.- Update to version 10.4: * SkipCacheCookie option added. * Added Systemd init script to Debian package. * Small improvements and bugfixes. - Small packaging changes and requirements update- Build fails with mbedtls < 2.- Update to version 10.3: * PreventCSRF, PreventSQLi and PreventXSS improved. * Prevention of MySQL data mining via SQL injection. * Added revoke option to Let's Encrypt script. * Hiawatha ignores RequireTLS for Let's Encrypt authentication requests. * Small bugfixes and improvements. * Bugfix: possible HTTP request pipelining error after CSRF prevented. - Changes for version 10.2: * Added Let's Encrypt script (see extra/letsencrypt). * Added support for requesting Let's Encrypt certificates (see AccessList and PasswordFile settings in manual page). * Small improvements. * Bugfix: HideProxy not working for Forwarded header. - Changes for 10.1: * Added Extensions setting. * Added support for X-Sendfile header. * mbed TLS updated to 2.2.1. * Improved SQL injection detection. * Small bugfixes and improvements. - Changes for 10.0: * Usage of Directory sections changed. * Added support for RFC 5785. * Added support for GZip compression. Removed the UseGZfile option. * Added ECDSA support for TLS 1.0 and TLS 1.1. * Replaced UrlToolkit Expire option with ExpirePeriod in Directory section. * Replaced IgnoreDotHiawatha option with UseLocalConfig. * Removed the VolatileObject option. * Improved SQL injection detection. * mbed TLS updated to 2.2.0. * Small improvements. - Changes for 9.15: * Support for WebSockets via reverse proxy. * UNIX socket support for connections to WebSockets. * Responsive design for directory index and error message. * mbed TLS updated to 2.1.2. * Fixed mbed TLS linking in CMake configuration. * ListenBacklog option added. * Small bugfixes. - Changes for 9.14: * mbed TLS updated to 2.0.0. * Small bugfixes. * Bugfix: crash when sending very large request to FastCGI server.- Fix rpmlint warnings * add rcsymlink * fix log directory permissions- Update to 9.13: * Renamed SSLcertFile to TLScertFile. * Renamed RequireSSL to RequireTLS. * Renamed SSL_* CGI environment variables to TLS_*. * Renamed UrlToolkit option UseSSL to UseTLS. * Replaced MinSSLversion by MinTLSversion. * LogTimeouts option added. * Added 'skip directories' parameter to reverse proxy. * Failed logins sent to Hiawatha Monitor. * Small bugfix and improvements.- Update to 9.12: * Bugfix: memory leak in SSL library. * Small bugfix.- Update to 9.11: * ChallengeClient option added. * UrlToolkit options TotalConnections and OmitRequestLog added. * Improvements to UrlToolkit and reverse proxy swap. * UrlToolkit rules are also applied to PUT and DELETE. * Small improvements.- Update to 9.10: * Support for banning bad clients who connect via a proxy. * UrlToolkit option Do added. Changed how Call and Skip should be called. * General UrlToolkit improvements. See config/toolkit.conf for syntax. * Hiawatha now prefers reverse proxies with a scheme matching the one of the client connection. See config/toolkit.conf for syntax. * Hiawatha will now first process UrlToolkit rules before using ReverseProxy. * Small bugfixes and improvements.- Update to 9.9: * HTTPAuthToCGI option added. * BanByCGI option added. * Improved SSL ciphersuite selections. * CAcertificates options added. * Dropped support for SSL3.0. * Small bugfixes and improvements.- Update to 9.8: * Added support for websockets. WebSocket option added. * SSL key and certificate checks added to wigwam. * Small bugfixes and improvements.obs-power9-13 1684754706 10.11-bp155.3.1110.11-bp155.3.11hiawathaletsencryptacmev2.phpconfig.phphiawatha_config.phphttp.phphttps.phpletsencrypt.confletsencrypt.phplogfile.phpopenssl.confrsa.phplefhlefh.1.gz/usr/lib64//usr/lib64/hiawatha//usr/lib64/hiawatha/letsencrypt//usr/sbin//usr/share/man/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Backports:SLE-15-SP5/standard/4ab8f3ebf1a36418a9b58978291da57c-hiawathacpioxz5ppc64le-suse-linuxdirectoryPHP script, ASCII textASCII texta /usr/bin/php script, ASCII text executabletroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)R,oz/1\utf-86ba44ad1468f90ca4759ef85f22e829c0cdde140f36d58df111991c89b37ea85? 7zXZ !t/1] crt:bLL ؝.EdQy\De@0[m6L"0 T; ~=lQk#<:^xp(OHSWe{%*& KgGC,dC ‡57A-ՀwR⍉+f;xwapv穆O~~5(8wҗօ2meOi$5 dP*~>M3' U%.yyœhh*+(2ҹ|%{/<:XwMOQQ͡"X7 0<Єb Al!D2}U!$8mv+G#ǥ,#$VDml\'NS ۵(:p(Q[,ňh8J! jaXK7g89ɿe\ٹM& |_ HoΌm'U;k3z&V0vjZeȨ(^NSe} ^<ճi\.tG@cjkcݮVҚa[ ss95O,@LvvkۺảO,~FSa pK@E=҃7!ZI As5O6$6R+RӸ|bv3Fn4(=<(4L&1UXJ6#ր';sdo3\ ?\౑Qm >>>.~L3Z8͸5zIR׌/!W]6*J.(AӰe1%0 瑾 6VPZ'Pô nviv">US "z(`FX-NE \^m Ј0R0:Z2THV,38{i'rUICH?`T| 8:L/oKb,kZ9Rx0MsPbMdS/e/* ;3_Dr pvZpWC.?-r%yfZm@&U<]gȲItKڱZ(d7t~@CA ˮKQ)$_voD^3}"SF06wyɄ5-;ڸN6Xٌ$Ȱme +=1T7èu$mPIQø3_HҚlI-E)@7xdJQE;(eEʓ̯DdY)> {t +5N݁SN LUtHn@J`C?dK0)v)!QߩCgT)*#o ڿЫƳ@X{)`ON␚iJRG$xp\7mkoGWSو9s0vYk4&gt2ԏzUHYW?I*AN9gl^DU{=ǁjt+%_y8% Y_-s *ZF%14{< kOC#}Sr Vx:  5bsBLP'i}ǦnX&Sj2dlП;*ƿ[YM]CQIE<Pô G3İWlob[@+8T{;MT^A1Lqb7@7uKTLsj=z2Rr{a'wc;C )ZHMT(Ʋsl+CJ|aLi9)Ki$J֕[ I:fAhǻh|!TvuAД 6.MY1h8z Cr9&ZIÞVFV)dO~; ]ٮ_46׈~˔[k4˫F#3.fj,G23Ϥ(m%zhRk5g8eo7{e%)qY1~A.ボ\G!\!5N-%7mI=yXstWY,hM[r읊es_es>sYvﻥB}X(] guHOK0<$]O2f/z=flU )lF8ݠ@_$lw@c.Ը; 1~@ 1{iyu1(zn=$VUJ~UM#/f#VEw&7Vm /ArspD |]<\yڂuM #\'ox0Z{#~~ 8!vLU +*#{j6poxdך?';Ry,}&L;t`y M:֒ |9iJcQ-(v.99DO-`f/HOlfE_/g4o)giw3e97vj.7˵}iP_wNO(WBчCDGJ)aر,GD_Rr#=L#9'Gǣ߲/'YZZM*/?_EV"_$(V l_pi1%pڈ5&uL_[YPw㰼%3;B[' k @d;4{AU׹EB5c\t8ia􀒃H۴:,/;ǶJ|ni wkX1n ~n1gjy8ilj;Gܡ@HϞm>>+_@92#Ʌ @"$s ꄳu~zxYrK)""st'c=,aJm0~ͣ+u|>mOWQBvX=&VFar8'*GT2R(OyֆB?ej&˯iYZi%2Ow/(!Ȇ$d?cwFa[`ڔ(Ez*:́Ӷ v@$;jZctFn, ,vۨ55J }z2 zT^ *$)ep [ZM(TӸnԎ}v:ÜT=6ZyPvOua>z!q<1{*$u2/ï !zeOn$,bL&pVeaJ#L3v.rp.YhwuW'<\&2L ϊvA߭tEOZb^^.׹80y_V+`(D Lѻ$sDB=m.T4_r˯cjZœ~?c3ؤvw##Tk2)EQAq)&@VWa04Wt_b;HʭF{_ux ;hxtlt&iGg{T$YbQP2;$Uvw\ZqE,{<3%92vʈmZYQԃ}/~UA_Fh5ډTqVY:T[&9`p(FO{UU<~RqLQfWVV~\UB(ֈ_$ ik{.R;O2xL:u|'P>Jhn5*:搆EO\b7w̥7U%C]sW3=0!K3lr5yJjyo`5W/42@. G7 hTsy lV-g!U[&4NC&7a]7]AM,8 Tm1ݮVL\N[!^|Ʃ&ȩSp1#TSqGu&dQ&+X2tMI8[S]^:%ݓ@ag,MAؙp-:3~R vqC /7c{q[_G-ćL]͍BjrjnKQBL)T[Lwim:=U:ŘJ#"t#*ϗtA+p#Y>ݵzp6D#XBq{;MI#șNWȌ7,-ePvC8qc3÷gnY 'Ϊc]!6YT( m1~iXa$⵵T9QsrǑ臁o ľh_ *„L˿^\8:S& ΉxێՉu2z99 _̧ɟ@qNDwjz{^'Vd؈3ЊPKH{[=hNTO31(L[+6&5Ȗ90<4jfE(#Sʉ5։9/եi1^IP>רV*湢jSl}#+MJYzĉ4&dο0A|}?.TK!ḧ<Ao2k.Lمdօ&ؘ\ D(\ ,S cöDoܰAV/uUt3O*$WAߋaԟ> U艑4ZȖ֟y%M(ԔzcdjJwHIV~%NRVHR)9$o(E$4BJg>s/1͑] Zxb<ꠚN7430d: VAhs秉CM_@?r nT˫{|8T =lV`PYYq<~Y~Wf#dؤ{ZsCkcY:.`ܒ־=Vt3KlݶPpi$Ø݃Ned}C/1wIVz#'t|xruupFh9kI+fbݳDa:7 mj'bqvT{iEP>t$(_ ة\jzwM4 "uZlfYk=vp2S,'Fǻơ]^&K KNt? *x׊B$q 4;T^B^  4yjYwG$(5O%/Mï<#p:6|F1u"A0ۙ(PGAP*=@><6Dt 1,2n+yˉ17"E ~8VmDϷBu *hWcv%{  PoN?ܔ~;zi`N\5'W^UB%B .^t$AF9:>T}[z;!t:,P;baq"NBByKGC[(U'[E7y=ѼCzQD|@?A@ C`>%@}WnrXLޙKoRdr ԤV#:mt\K `,k3]CVo\yh $W ͐0;+ɂG\~(}-`\?@79E]ư- Rs_ M @NI0b"GnAh Wv}zA+yA^[~73O63­p2HUO0,ffJ$3:Tѕk)%a/լ(eHan n^{] %"6jh *wLIFT9VUWeLk.X|3%m+U8(2C0?伝;C#q5RX=z92Pa&=CQ{[DIOyrk%z~,# ֥!Fm rtc'Z88b3nZ>׽yNT٩^JI`yR]% ۵Imm\Odqn'E^%jf- hs|'~R˩o^Jqu9}́?c,c Ўjq lC78)e0rErQ(i箣<`8Mt2 [ IU:3;||ǘȠs_ ;6:.gcЮ@ pv)tXrX/i2o{N#^`\rf䱠MCħmC:Y'&( U/5vkRntXL2S⻏&ýWe*^&̝tQlʼF(MW/nsBiP0^X6F;9ΕA r"18ZŠQN%օjXNa \Bl@߆{m{JseJ%y_2IJc4aA;CFLrU(ex[\lEh\A>oa B>on f%83h^unsB Y68*"v¢mu"d Slq P|-bxȭ`w4MpIO|>)X_yiEQ-${NY"$$ݪzߏ26$7 ɈN*;zUִ'հ'NX۴pRI8xq6/V8rU\%-YBHx/LFW"}p*^BH$~Q?Y(+] //4= ;U˩ |`n 0?Xz1wt=8[p/0q}N*" hOD#L7` +{:ZEtSa0^8~#)TxkxJ5U:k=\Lg`m>/t%` R䱆q%ϓQENE#)pe h+*7+X_n{ 0-]UhLõE|[cc^gBئ"PL4auk~$NO$1ʁ%+5~6 >Q%,B54 e$쥸ϟ@q](+қF-!țV=A2\Z ^6]kc3lU63 KKkw}jwS@ p^1{XPS 4x3 V'JS$j+cݞwi|TŲ"iڜW&=;3t q&#ԭ%zjS}{\F{0ddJO.w2x T)f,-iZK$63kDuZa1:B+̴f0-Xm_U~.8DMH|U|32LԊ3ؠ^Sk| X&hn0{OK5KrVB`8P2 _H"f܊ELqZM58y-G}$zc>zdcTrVӘ#:`KYm6QNc|~F"?5UWbZ k:SO!NJHhYNe ')R#wgj"~r'=KV ˤ }D|J3ׁ0mKPn0Nq uHIzgJt@\[b==2f<1z??0ܱ8 UFt䏼;Y(WF̊,;MxU* nEbOjFvm. >JX-8s\LΣW`lg9EiHqY/ǣ"+Z3ciNM߱9f-ѢAi$ջTB>bxBcB+}{> G睫]\ a`{FQYq$VchЯcyWƍ "ÓQ8 !=5co|ZF MQfcs~M}[X+{e후(uWzlJܢQXp/4fUMP,~cT_UwGqbWtQɔGeé-G.j+7(B}?5嬂{iLhZc>:BmKvZb>&bbɔN7Uv}]M~:[[Y~T@uaÅ z*EU]]*R&h4hHHdKq1q 鄆`@vLtqk֒ ^L}ʽ}ht4hp Fr@%=ۈ[hm ws' 8vWjXlkVս랭 Ǥ?Ԛx\pHEMoBյ-KV-~.5]:mȇ:&HZʖ#iic`,H.} OW?30ܷWr+|r aO,2( 9sYkILV8酓j|m#Y"6a||49Ql7!0x^" jab\YhS0ZڹcRƯ-@@]ܔWʮ,>t C`sq!BYfȊ/6t_;cgo7_jw1 {ɧu[@mLZD?D\vq0% sUgېz+{_|`c)oiN3DF9?/Joj[Rߪ_tZiGHFD]i.tš;}3TlG}|$-dl^ѐ 9&j 2:Zӑ㛇HXVm ٫@vÒq4'&avGhI?a ON ,hf8HDi!\-Xr[WGM.?am!G*W0C|ۧzlR`oKθSa1ِ1JdgK!63*UHE45)y0hA%'Tdr5SOA;a/`,$8Qs+x9\6E%n.MM Yr*y.#b@/ t\-zG$!B>cҪ9Ӊҍ((bw-6"eg/cK~ߗ.Ć' `M(@t\ӯLV] %x ~D-}aeHP!'|kVk3p ielQffFTV{HT qf&f_&7p3'!~୎К(ڄxՔ.ܩ&G>v1uxnn0")XLW`uLbTdTV:^fX^]X*tkOcgw5z ct5AvX6!I/l~g~̛8"D S!;S [ég#;!y @VL&oMe Kʦg#p4;a!5C-ģ(^|1e^ω12Lёu7Q2j/AꛖsoNO5+#g #} >dhАE,8ƕǁ_E\@VgA ǏL?|v9pH S{\ ӓ>=pus8eH.5v_ h7QWmBbQ41Mv`!@3:EbH _1Ѿ(y>JJ 3{U$H*8dЯ7 YZ