mod_proxy_html-1:2.4.6-97.sl7_9.5> H HtxHFb< ?*}}8he,<+8ha/%yYvhY.`hٕ,84e31c53a0a7b2aa9469c91c6ab18d78a54089d50%W+Dn1>yDFb< ?*}}bEɣ$&-EEOHFoI.Q2l7я$>7z?zd$ ( `  #>W]dp v |  K P\kz(89 :)BxGyHyIyXy Yy(ZyP[yT\y`]yl^ybydzkezpfzslzuzCmod_proxy_html2.4.697.sl7_9.5HTML and XML content filters for the Apache HTTP ServerThe mod_proxy_html and mod_xml2enc modules provide filters which can transform and modify HTML and XML content.bMMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Scientific Linux Auto Patch Process Luboš Uhliarik - 2.4.6-97.5Luboš Uhliarik - 2.4.6-97.4Luboš Uhliarik - 2.4.6-97.3Luboš Uhliarik - 2.4.6-97.2Luboš Uhliarik - 2.4.6-97.1Lubos Uhliarik - 2.4.6-97Lubos Uhliarik - 2.4.6-95Lubos Uhliarik - 2.4.6-94Lubos Uhliarik - 2.4.6-93Joe Orton - 2.4.6-92Lubos Uhliarik - 2.4.6-91Lubos Uhliarik - 2.4.6-90Joe Orton - 2.4.6-89Luboš Uhliarik - 2.4.6-88Luboš Uhliarik - 2.4.6-87Luboš Uhliarik - 2.4.6-86Luboš Uhliarik - 2.4.6-85Luboš Uhliarik - 2.4.6-84Luboš Uhliarik - 2.4.6-83Luboš Uhliarik - 2.4.6-82Joe Orton - 2.4.6-81Luboš Uhliarik - 2.4.6-80Luboš Uhliarik - 2.4.6-79Luboš Uhliarik - 2.4.6-78Luboš Uhliarik - 2.4.6-77Luboš Uhliarik - 2.4.6-76Luboš Uhliarik - 2.4.6-75Luboš Uhliarik - 2.4.6-74Luboš Uhliarik - 2.4.6-73Luboš Uhliarik - 2.4.6-72Luboš Uhliarik - 2.4.6-71Luboš Uhliarik - 2.4.6-70Luboš Uhliarik - 2.4.6-69Luboš Uhliarik - 2.4.6-68Luboš Uhliarik - 2.4.6-67Luboš Uhliarik - 2.4.6-66Luboš Uhliarik - 2.4.6-65Luboš Uhliarik - 2.4.6-64Luboš Uhliarik - 2.4.6-63Luboš Uhliarik - 2.4.6-62Luboš Uhliarik - 2.4.6-61Luboš Uhliarik - 2.4.6-60Luboš Uhliarik - 2.4.6-59Luboš Uhliarik - 2.4.6-58Luboš Uhliarik - 2.4.6-57Luboš Uhliarik - 2.4.6-56Luboš Uhliarik - 2.4.6-55Luboš Uhliarik - 2.4.6-54Luboš Uhliarik - 2.4.6-53Luboš Uhliarik - 2.4.6-52Luboš Uhliarik - 2.4.6-51Luboš Uhliarik - 2.4.6-50Luboš Uhliarik - 2.4.6-49Luboš Uhliarik - 2.4.6-48Joe Orton - 2.4.6-47Luboš Uhliarik - 2.4.6-46Luboš Uhliarik - 2.4.6-45Joe Orton - 2.4.6-44Joe Orton - 2.4.6-43Joe Orton - 2.4.6-42Jan Kaluza - 2.4.6-41Jan Kaluza - 2.4.6-40Jan Kaluza - 2.4.6-39Jan Kaluza - 2.4.6-38Jan Kaluza - 2.4.6-37Jan Kaluza - 2.4.6-36Jan Kaluza - 2.4.6-35Jan Kaluza - 2.4.6-34Jan Kaluza - 2.4.6-33Jan Kaluza - 2.4.6-32Jan Kaluza - 2.4.6-31Jan Kaluza - 2.4.6-30Jan Kaluza - 2.4.6-29Jan Kaluza - 2.4.6-28Jan Kaluza - 2.4.6-27Jan Kaluza - 2.4.6-26Jan Kaluza - 2.4.6-25Jan Kaluza - 2.4.6-24Jan Kaluza - 2.4.6-23Jan Kaluza - 2.4.6-22Jan Kaluza - 2.4.6-21Jan Kaluza - 2.4.6-20Jan Kaluza - 2.4.6-19Jan Kaluza - 2.4.6-18Jan Kaluza - 2.4.6-17Joe Orton - 2.4.6-16Joe Orton - 2.4.6-15Daniel Mach - 2.4.6-14Joe Orton - 2.4.6-13Joe Orton - 2.4.6-12Joe Orton - 2.4.6-11Joe Orton - 2.4.6-10Daniel Mach - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Jan Kaluza - 2.4.6-6Jan Kaluza - 2.4.6-5Jan Kaluza - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9.1Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3.2Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Added Source: httpd-sl_index.html.sl.patch --> This patch removes TUV branding from the default index.html - Added Source: httpd-spec_sl_index.html.sl7.patch --> The index.html file is outside of the source tarball, so we need to patch it in the install step - Added Source: httpd.ini --> Config file for automated patch script- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input - Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"- Resolves: #1852350 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1785100 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1862499 - Intermittent Segfault in Apache httpd due to pool concurrency issues- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect - Resolves: #1724879 - httpd terminates all SSL connections using an abortive shutdown - Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive - Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service - Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time- htpasswd: add SHA-2 crypt() support (#1486889)- Resolves: #1630886 - scriptlet can fail if hostname is not installed - Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values - Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after failure in reading the HTTP request - Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch directive - Resolves: #1633152 - mod_session missing apr-util-openssl - Resolves: #1649470 - httpd response contains garbage in Content-Type header - Resolves: #1724034 - Unexpected OCSP in proxy SSL connection- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest - Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency- fix per-request leak of bucket brigade structure (#1583218)- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple SIGUSR1- Resolves: #1458364 - RMM list corruption in ldap module results in server hang- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which differ only in case- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number- Resolves: #1548501 - Make OCSP more configurable (like CRL)- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db after close- Resolves: #1533793 - Use Variable with mod_authnz_ldap- don't terminate connections during graceful stop/restart (#1557785)- Related: #1288395 - httpd segfault when logrotate invoked- Resolves: #1274890 - mod_ssl config: tighten defaults- Resolves: #1506392 - Backport: SSLSessionTickets directive support- Resolves: #1440590 - Need an option to disable UTF8-conversion of certificate DN- Resolves: #1464406 - Apache consumes too much memory for CGI output- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD using SetEnv or PassEnv. Needs documentation.- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective when it's defined outside setting- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests with absoluteURI instead of abs_path- Resolves: #1288395 - httpd segfault when logrotate invoked- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass - Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference - Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread - Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread - Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS- Resolves: #1442872 - apache user is not created during httpd installation when apache group already exist with GID other than 48- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Related: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines are broken during buffer resize- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves with mod_proxy_http and mod_proxy_ajp- Resolves: #1324416 - Error 404 when switching language in HTML manual more than once- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi spamming non-errors: AH01075: Error dispatching request to : (passing brigade to output filters)- Resolves: #1371876 - Apache httpd returns "200 OK" for a request exceeding LimitRequestBody when enabling mod_ext_filter- Resolves: #1372692 - Apache httpd does not log status code "413" in access_log when exceeding LimitRequestBody- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple successive graceful reloads- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed worker to be retried before the retry period is over- Resolves: #1389535 - Segmentation fault in SSL_renegotiate- Resolves: #1406184 - stapling_renew_response: abort early (before apr_uri_parse) if ocspuri is empty- prefork: fix delay completing graceful restart (#1327624) - mod_ldap: fix authz regression, failing to rebind (#1415257)- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- RFE: run mod_rewrite external mapping program as non-root (#1316900)- add security fix for CVE-2016-5387- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)- mod_cache: merge r->err_headers_out into r->headers when the response is cached for the first time (#1264989) - mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1298148) - mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038) - fix apache user creation when apache group already exists (#1299889) - fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757) - mod_proxy: fix slow response time for reponses with error status code when using ProxyErrorOverride (#1283653) - mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149) - mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495) - rotatelogs: improve support for localtime (#1244545) - ab: fix read failure when targeting SSL server (#1255331) - mod_log_debug: fix LogMessage example in documentation (#1279465) - mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime of DB lookup entries independently of the selected DB engine (#1287844) - mod_ssl: fix hardware crypto support with custom DH parms (#1291865) - mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)- mod_dav: follow up fix for previous commit (#1263975)- mod_dav: treat dav_resource uri as escaped (#1255480)- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)- core: fix chunk header parsing defect (CVE-2015-3183) - core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185)- Revert fix for #1162152, it is not needed in RHEL7 - mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)- mod_remoteip: correct the trusted proxy match test (#1179306) - mod_dav: send complete response when resource is created (#1235383) - apachectl: correct the apachectl status man page (#1231924)- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328) - do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820) - fix -D[efined] or [d] variables lifetime accross restarts (#1227219) - mod_ssl: do not send NPN extension with not configured (#1226015)- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779) - mod_remoteip: correct the trusted proxy match test (#1179306) - mod_status: honor remote_ip as documented (#1169081) - mod_deflate: fix decompression of files larger than 4GB (#1170214) - core: improve error message for inaccessible DocumentRoot (#1170220) - ab: try all addresses instead of failing on first one when not available (#1125276) - mod_proxy_wstunnel: add support for SSL (#1180745) - mod_proxy_wstunnel: load this module by default (#1180745) - mod_rewrite: add support for WebSockets (#1180745) - mod_rewrite: do not search for directory if a URL will be rewritten (#1210091) - mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1170206) - mod_ssl: fix memory leak on httpd reloads (#1181690) - mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476) - mod_cgi: return error code 408 on timeout (#1162152) - mod_dav_fs: set default value of DAVLockDB (#1176449) - add Documentation= to the httpd.service and htcacheclean.service (#1184118) - do not display "bomb" icon for files ending with "core" (#1170215) - add missing Reason-Phrase in HTTP response headers (#1162159) - fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625) - apachectl: ignore HTTPD variable from sysconfig (#1214401) - apachectl: fix "graceful" documentation (#1214398) - apachectl: fix "graceful" behaviour when httpd is not running (#1214430)- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled instead of hardcoding it (#1168050) - mod_proxy: support Unix Domain Sockets (#1168081)- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)- rebuild against proper version of OpenSSL (#1080125)- set vstring based on /etc/os-release (#1114123)- fix the dependency on openssl-libs to match the fix for #1080125- allow 'es to be seen under virtual hosts (#1131847)- do not use hardcoded curve for ECDHE suites (#1080125)- allow reverse-proxy to be set via SetHandler (#1136290)- fix possible crash in SIGINT handling (#1131006)- ab: fix integer overflow when printing stats with lot of requests (#1092420)- add pre_htaccess so mpm-itk can be build as separate module (#1059143)- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)- fix build on ppc64le by using configure macro (#1125545) - compile httpd with -O3 on ppc64le (#1123490) - mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)- mod_cgid: add security fix for CVE-2014-0231 (#1120608) - mod_proxy: add security fix for CVE-2014-0117 (#1120608) - mod_deflate: add security fix for CVE-2014-0118 (#1120608) - mod_status: add security fix for CVE-2014-0226 (#1120608) - mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)- mod_dav: add security fix for CVE-2013-6438 (#1077907) - mod_log_config: add security fix for CVE-2014-0098 (#1077907)- mod_ssl: improve DH temp key handling (#1057687)- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)- Mass rebuild 2014-01-24- mod_ssl: sanity-check use of "SSLCompression" (#1036666) - mod_proxy_http: fix brigade memory usage (#1040447)- rebuild- build with -O3 on ppc64 (#1051066)- mod_dav: fix locktoken handling (#1004046)- Mass rebuild 2013-12-27- use unambiguous httpd-mmn (#1029360)- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)- systemd: Use {MAINPID} notation in service file (#969972)- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)- expand macros in macros.httpd (#1011393)- fix "LDAPReferrals off" to really disable LDAP Referrals- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- restore "ServerTokens Full-Release" support (#811714)- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- rebuild- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)mod_proxy_html1:2.4.6-97.sl7_9.51:2.4.6-97.sl7_9.51:2.4.1-200-proxyhtml.confmod_proxy_html.somod_xml2enc.so/etc/httpd/conf.modules.d//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnu?7zXZ !X#P] crv(vX0柨R!;a&W20 Y)s"jYI4@_Q(\þytBtwJH[rzy2^tw Z]^y/n;hjt"B1(KP9@OkTyzԝGE) >%IļKN^(CG\+ЊoqVu-7HqQѧfGLy^okd"߬l_7@mAb6U)2maZR2ra_BQ] 7.+ (7dp8^ 0cUB^J;WQ#TY!A:tq#Vly qnY -6з:17he[ my;c:w[;[+jMf5|dJ߄B Ў"e\O zȸC_z'"[&͵ѳ7i?A׵onD򪒤ɠK,v ޝ"`-KvDTKSC)WDh)Ň6 pa'cҟ)}J;hWsZ.vw ?%yDږOʝn9Lfx*OT[ [qa`-|j#k,e ǂD"2T]ڿ{_θ)oPd/ J~Q+A\8vUnەGo!c]jbk7W^JԸm4%u  V"3{agtuc4YjE(Lȯ4N( ՗)K^wYhSU(7-BXlZV5wEbj['gW^lmy {| }b:|",%o J׭VSxq|z|Lr>VS_Du2Kcz&)|7]hCOWs]p$!ȯ].DnB`Kǟ'xzLJ X@A@9&,Iv 7+2ҥ@3qgj&+,) `>M݈ uiYndBXmQ Qc޷cD#zj٥۞!ؒnUmu78=pbmMo%6 )+UqTKϊE{%i7ߕ֑X&gXeׄ#r&~RGA]$ýc;C kb@,Wǚ7w{>cYsVmbW|)HB^Gn~YVvm#-Ak|! ?OPT2b?NsGג`f̹y'<'쮿dgd,aCanZkʇ"DG[s2 \P̈́):MW^I8=#b:: ĦX1ph3#ߡ--yu:"(Ona_8 Tfa$laEF߽,60h>k߶+i rJ!qU0$ƣyكGwTh}B%];l!P6*'MSϱ9]x%%qk#U`rYJ<[&;շ2<ӑW]v*(ibGVB\U+ϽԼwV ~ Lmp|/YZ3|bÉS: WZQW 90c,.52xƅ%N.F~iׄ>5}>]/5[5b\IXDmĶ7|e8M[X|$,۩T*~|ŒUϫ,۩1SB$`34) ~]wy{MJ%Px*rrȍ1iХT:P3\j,=kWA.Vd%Aʀաv맅&ndͶGq뼄5E.80113ݓzA۝/߇C9F ]B s a0˥j% ^/(k| xuΓ6Fu>B7-DeAR1hAIw-Ǔb\˴!Z$m 2Iǭ 1?ʍ=#GW̖!UJwOSSH-|R:i*J:OևnŔ,QnKc;^w3U`%5ep˼ ٸpxfi}-ć; &#*<_5jj]m]?[tsAw^*`.ķS]5>cΨn-Cqxsdur\8H?VK|$FN4\XK,C{;9TYu3 M]ZO) >El{3̾bqEa{`syovuDw~g' a~,Ey`p/ ]bfavbuYh|l2TTʢ\5>97!퇃>:k:g:3X+6tJ;?;тhW-fD.M,7v+2]kf(aRz5OC2H?,ޙ !+=ZfRkdc@ ȆbwCF& 2?8ӲJK^Kj,wIQ5nͩ=`k4=.x'3}e  m`/_%b6εWAzPuoYXhbwΣ~Wbi,Rf& CfdIKè;kuxۯm zHn*_դKdD8NWR"6 5h?ykR ްqg$1O{u3gm3Ua'ZwsA>1vXTn﯇ʦ\MkWIh4rM ySf*2L5p{5̵}Ec6|uwU3(`^ ;nO~v؇ 9ASBxJ}J~8FE4gL.;KLvۘW辧%8VĽl2O2|z_D7WC͵Zaߓ 5ߋouv*yGS(D=yl>s0=.(Hm^Fi_wzM$'OU o:y?3nEJmg yy3qCd^Pէ +e&tV5묟V4!y>&CbyQ}0|. h-wO>YMޝ8}Z6N~RKb!1OB>Q%~A%*ȲL'~$RWf=3Ǜǡzܗݥದ_ (:HƝ`LLˀ߸}5ӳi_UWᎦ?}?:7/k5TvEe@ 1niފ|[GMea yl/2]olv?ǏڨE Ō,>V{ZpQemwUL}S=-p 7L2of~4Ic!N T =) 7d0~b }X|,#}В1Qjhqc "7'0M6ʚz Y@v|tƿ"(d&ۘ]8LdYlkrglw2rPbk:!N\$q+;*TxZ&Y%=)-|1'n4yʌOJc F#~fVtO9 uE#>5? v} [\(`z2N*%8g "DVw$ /m>_{'YM\1$'ᄜ/t纷WpEu;$,!Wqw,;6_HlFھ5A[]J{ZyWkEC`aPѳ.Ht%T$ M_k GJ.88إD[4Xto vђV&i.q-[) xFKn :X.ob/d=g衽4THo$].0}" yL x;WiUmevh̐k2J@#ܲMZȡ14?yo5 4H]M۝F&e`(v}bʁWYnqp$TY(&'0r+ڊ&P`,K͵ l/nCDq㶃$¹܏OgɮXol/ ra1%3W)Lx{̈́@u~x/ Qtب/TȮ='Cu} mW JGp(b͙Me-.s N5ivBӕF0pC-J8䶩)n).9l!r"F CE |P @6)n)2SZz}-g$ <΍"FJ ַF~S?L"$~>U,7x8j<]\}c#SE}(t2܇l.[,ԗ2}>ڥc?xxbzϸ4D6y#OfvgF }qɌ3%^?# vpzn)#tA@[,0M⢤ ..c CQ$t\Ϩ$K#gQ_:<w}jkUӌ_ٺL Lt:dXBsyiWB ]~v6n]X",|s#:+Y+'Y|uwo)1IJLbnVS@fʽrA9l}KlDPZ&RP.'k`3}+P5.h62$e{2{]yNxjv27<@ ă,-# 1)nӫCDH`ҷ+GGAűYs%_u#t] k:@b=v3ab'[ZИm \*p2m~%ރmvhJ;)Y7"P_S&' 5+nYVX@O`MFP$5 +Tq{Ss]x o 13YI}pS-*֯bZũ|~XıMDsb_cVN'S6GP͹ms[CW["Vebݔ?AUlfzUPNb>R1nIQ/EJm QPC0t˕xoO$xâqrx0Ļ_ UC{j,w!ؕ,w@&498a K;ĝǞiA*عhز "M񔾅7ZIXQb_JOO@3啘]i( -:>s/_HƅN3Y9=ߴȌ|nxr!x{Q3kgD! ?zdC،8Bw#j'%߾qJ{f 0ؐ1- ;Hr=WJK5VFq*\8:#=o>d D|k qIx'b݅VE^}!#s?Go3xdP9u̼Rr/CQ3brh.Jc~2n$S( @u$. UR}uWοfK}NՍY ׻R6J܊yp6 . .KA-:׍'!g7YMfRXÏ׻;pcXn;X\Qj65^9CTK&<+CnZtZ4ZJ=5fun5RǾ=I$P$ 0Zb)ڂ@!S0hrZ%il|)Qݔ_B`gKX~ (UgLs(JquS3G@L"#d760>uY5?o` ;UN*2I.&rdaMJcdn=h;2B{*K]7DH63rZ}e,&ESBhO'8G L\AyC9.O5tږj!FAQ9Ul<80elԱ,yT :Yj@ol3PlfKvC1Qan=kvp]*0 0/z*cYflG%0n헒*V1{3TB* JY0?Ds)3~0 Z MD<t^U?\nelqև^2y[f啍{g 7d/֨ʌf7YߺRGn֊;e+ee{qm7o)l::Ͱ.j Լpb wJبi5BOdN}B;@j0d wֱ;-r"rNc/?jŗwڰtW~p9&N'FprkwKq]+^t= B+Ftvv)۫p M !c0XEډyZ?L ۽r}'s0fZJc'lr3#;cze)a>K#;0 FRP_v}9Z߬9E?2? %ÌOZD %pSF:Br׾S.'+xzӍU<kz3#:J\KG5F)% \t$1ƾ!.xun`dZV6k֬s\O%3Lk5&}x iI"RcD X*_pa+ )l虫v9H ?LZe2bۇ ˊ m?ϟ1T- ~/=a8wP,9צd ֽ}{wÜ5aqMvxΡ pI":q.+& |.q,!_p[y߃@G Zi:Pf_o?qsMkYN؊P3:l6k j nRxɨrDiI鸸ǠiH OICś:_B*&f1V"y+߬Xun p@0qWOJG5`(Y܅]/%-!8Cza\=`618mb Xr\?w0>"WB(5̮$xy̖\Is};H gI SG z!Yw5)z"OC>OPYd*ZzaC^MkI\ءʹc[hx]ݩP,xt:H LV%YI).l\YUl>t4۝jk̑6ŭ*L Fa"#&y}A0 _<>DN#a?TM+&h; lv5d~UrwԤ՞Gkd5WX8D0 e}ÔC5LM S/:X,p;q\voI/z*i7^ħ5k"Ƙ+lZ6hH`z_Baxv;:W?F7pl0o cEǝ"+wsjP.<ۼep')#,Q¬*͈Q \6bvL̿\C0+mdh7S (u߸5C55\*ꟃseYJt2oIH DJV:U%Ea6L̗D. !;t[%qs++,4ʹ9a_iU02~O? mP56~Ru}0x@]7۝ĵϪY7r,H<>\K2Cѕ^ikӡ.kw∠0eD lJcڅm)MAڑqq4#os{qDIgV>,*F"<Č{M&n&Cث_l[\}<(K~<=7j.NCSkEFFy( Gԕ%eIh4Q c'?RUp)G}6 uu56 ƨ bc/&QikJCӼ2\+N^v UXL,F^­L[ETP9::-̇QK- ##dZ"@$_XN Y&|SIv5458C)N=g4Y_o{v&8dI)f:s].MީSA{(bN87+*znB]nKp5zCU$X_zڐ-` ` B! (Css) kWm>XrgjFQ*]?(FsD\39>#z"+gާ̖9fn[A]ve$ wNlx3#-vGcTʺY=۪OBՂQ{'P)viԻR\rF#0l󥜾9@ h 2y>@,a _Өcjg)_$Xg+z9˥P(|^g\0_jb%;D'0JwQ}Y??ׄKm. +"JgTû&'-b'm'aـlrO ̨ +2gĒ|j_L#MQ2"[}iKǸUfޔITx OdFw [@_4g`K+7;$%7=::ep)W8D(&pjJ[R Gk@vCOLiQsq޸GƪcNt4e{; *SJ@: Rajy厃\&eC:(6flg *o v1/* u!U?cSΓSHLT NL̃f~B:=z`4"{4Z2oc]䯬/6]F崏7qӨze=,rL oY37~H[&fc5n{hI@hpD~I]FrɺEDO$2Zk;;gQgOe|//[Č&#H$b (O*4֟L,6zAԲXPFpAsBU7v9KDe.ܵ/kL#ܗN` ӧf>%rӇa&rdR_>A)0l> Ĝ-Jo# B14 'e'8j Kșcl(m%a-bi\}#V} O8B5bNpD2P3[G?"nA'䈚1n”(s+f\F_ZįVe8ME%%g5djo~ e!T^{c* hjSI|| #D7Iя%'W cCR5y8*ܿYlgN@GuoN1(s:/ :{hZ )}D/4by8F%jCk%#A loZe(EJvZ68ICmE^% 1(1dNѴ#Z5a %-|{`)0ڪmia$8measr%PQ ܩ'FypʹI 芪$C5I"J^ _fz{l۞C=AքkBLpS^c'HJ_tX<dw!'7/54'gLt#AS{g,>UWhʽ`ց^O{L=+vba]=[ڢL*͎]؅ =ɛ6 zMňU#3ŸbE c%zRŻӉw Y=yo}*UQ_nTx J BI"k=j?/r#i Urv"]_mnFR4D'똒Aw]#yFŅ_#]BOI9TK,Y(ב*Ձ:h ! >SV6ߝҞH-U:\CQuIX.{N MFX2f ? Pm T7 2DuuZyL`(sS~7C%^Ve,bkPlE.dOI;ifӑL#nqlqgJ)#9zވ}sJTy5 j?4xelR-雳|YXr`H)1yo"bz <6 f@4\\_(#x1pð w d4mޅ,&ξ/FSoY,]B`EEpfbж0@ڊgqթ$6[>uگ.UDr6@ nj}9Qfڽo?s]6|T{.| )t#G'^ZUL@{@ՠH1hp] ZRr t>[7Xk4z/m)i @^2j|'eƁnwXmS..!7qXYa!RJ  <3*Rʋ`7{(wW _mG5ڌ^9&?[G^WI4dfz`q ~!3f̳֙(CkZ=jnzc5?y`7it{Ѣ/kOBd4EZeTt)l9ꩱu).{n*y?0 /<MS|§&b^H6>"=a6y)o ͷ c&qYeqy ġĦrBo? 8>3ّi.GLpf+;[Uuɤ92Kԍ84dHٍFyx#KHȐ)R"#8CGG& T(3`J`|jB*HJbSr>`+Hdҫh2A>xfJѺL.t+Wem鼛*_OdhZtɰϢ&{GXy ̟B7AbHTa>˳Mt|HCPy蹄2ѤFlgP_A@)*Ϫ7vo ۞v }8=k(L wSymQ`\#lp:hbEZ6HX{=d?u(Z*KףtvΡZo(*fOi:uGm @dR}|$_r AQ0~Eh,ken}N~{BF*n4I]_39R5z>25rM6 ggAj&rL&Kapl`?o,s%PO4ҷTw0ȏrO.u4BIb䜒kgtvy٪0{ɦ/mKW䡇 6+^f~-t7ZA^S1@5.Mmb1.l'`G^LL O /&DNVaau:C K}SπɜYYFqD&aHǒ]o =G 6✰a%6 <qJ[AY/8pdel+VktƸkxͥۦ$ :u/L/y B-WUcS'_o~& +ne"5JYwa&ۉ^G΂e>tpUj{A0G9֏{M\]:+ȹVE@ MJrlE>bT'̑{B{jE<L.oQ#>;Z|QxCRē=m2IMevy.@ v!化庤Ws>J6>9I|Pv'=0<=ŦRme@4ou tolyj2?琎 v3W;ؖԭ:4OA4ҶJX\$7&nJ2/^Hd/ I2?BlbN+8 ˚bTm8] 2w^íLv~E284D;Җ$@EO' x\7&])s\IⷠµĚ-NԀ!Pju}.dp}oUrrghSm>.k&hb zZ dX`SQW@sal dR+jVV-ZS51.=F/-ddUt#ifCuRxPuKmwTH \kUu9.%nFNDT-Γ9mW/*R*(q.2mpZd;&:L[JO{xj4 CĖdZ?1hlXGq@$ELV:1z3oD$岍/ٔ} %$v%_lՅ?;|) -BqЃwklw5Ie~Ok~#&·6Ju=pBۢ]Q$ 7;H'5*$r}D39/ kYBdzt=spNN\Gג\n𻍭9L8g&t1?L,l}&͋ ʋ/sfXK֔."lnq}Jn0tc*(c^՗6?ݶM0ŌB3~G;$wj FB68NTGi J3%k)5_+K@]p ۦ$&ӬRZ] ,;VЮ4$Υ DT{\ aNhRKY_ [h:\$Lkwx,%:exKXO&#O<-YCnY_Y"[g'2fu#A\hSA{wWܽ:y)=-W^VwS:R1'0>4y.MBN)cBXئd:r %uJK;~tЀ!()W jcEӼcס/օjzUGߐLqEd7>=F#{Gm/K&bڴ ȗzΉ!"\`Y_^a`FqSd/?ʎV?%,:M5g$gsv_q!\Βl0fC; YZ