Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package apache2 for openSUSE:Factory checked
in at 2021-09-21 21:12:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
and /work/SRC/openSUSE:Factory/.apache2.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2"
Tue Sep 21 21:12:26 2021 rev:185 rq:919684 version:2.4.49
Changes:
--------
--- /work/SRC/openSUSE:Factory/apache2/apache2.changes 2021-08-12
09:02:02.846114529 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.1899/apache2.changes
2021-09-21 21:13:07.814637793 +0200
@@ -1,0 +2,113 @@
+Fri Sep 17 08:37:29 UTC 2021 - pgaj...@suse.com
+
+- version update to 2.4.49
+ *) core/mod_proxy/mod_ssl:
+ Adding `outgoing` flag to conn_rec, indicating a connection is
+ initiated by the server to somewhere, in contrast to incoming
+ connections from clients.
+ Adding 'ap_ssl_bind_outgoing()` function that marks a connection
+ as outgoing and is used by mod_proxy instead of the previous
+ optional function `ssl_engine_set`. This enables other SSL
+ module to secure proxy connections.
+ The optional functions `ssl_engine_set`, `ssl_engine_disable` and
+ `ssl_proxy_enable` are now provided by the core to have backward
+ compatibility with non-httpd modules that might use them. mod_ssl
+ itself no longer registers these functions, but keeps them in its
+ header for backward compatibility.
+ The core provided optional function wrap any registered function
+ like it was done for `ssl_is_ssl`.
+ [Stefan Eissing]
+ *) mod_ssl: Support logging private key material for use with
+ wireshark via log file given by SSLKEYLOGFILE environment
+ variable. Requires OpenSSL 1.1.1. PR 63391. [Joe Orton]
+ *) mod_proxy: Do not canonicalize the proxied URL when both "nocanon" and
+ "ProxyPassInterpolateEnv On" are configured. PR 65549.
+ [Joel Self <joelself gmail.com>]
+ *) mpm_event: Fix children processes possibly not stopped on graceful
+ restart. PR 63169. [Joel Self <joelself gmail.com>]
+ *) mod_proxy: Fix a potential infinite loop when tunneling Upgrade(d)
+ protocols from mod_proxy_http, and a timeout triggering falsely when
+ using mod_proxy_wstunnel, mod_proxy_connect or mod_proxy_http with
+ upgrade= setting. PRs 65521 and 65519. [Yann Ylavic]
+ *) mod_unique_id: Reduce the time window where duplicates may be generated
+ PR 65159
+ [Christophe Jaillet]
+ *) mpm_prefork: Block signals for child_init hooks to prevent potential
+ threads created from there to catch MPM's signals.
+ [Ruediger Pluem, Yann Ylavic]
+ *) Revert "mod_unique_id: Fix potential duplicated ID generation under heavy
load.
+ PR 65159" added in 2.4.47.
+ This causes issue on Windows.
+ [Christophe Jaillet]
+ *) mod_proxy_uwsgi: Fix PATH_INFO setting for generic worker. [Yann Ylavic]
+ *) mod_md: Certificate/keys pairs are verified as matching before a renewal
is accepted
+ as successful or a staged renewal is replacing the existing certificates.
+ This avoid potential mess ups in the md store file system to render the
active
+ certificates non-working. [@mkauf]
+ *) mod_proxy: Faster unix socket path parsing in the "proxy:" URL.
+ [Yann Ylavic]
+ *) mod_ssl: tighten the handling of ALPN for outgoing (proxy)
+ connections. If ALPN protocols are provided and sent to the
+ remote server, the received protocol selected is inspected
+ and checked for a match. Without match, the peer handshake
+ fails.
+ An exception is the proposal of "http/1.1" where it is
+ accepted if the remote server did not answer ALPN with
+ a selected protocol. This accomodates for hosts that do
+ not observe/support ALPN and speak http/1.x be default.
+ *) mod_proxy: Fix possible reuse/merging of Proxy(Pass)Match worker instances
+ with others when their URLs contain a '$' substitution. PR 65419 + 65429.
+ [Yann Ylavic]
+ *) mod_dav: Add method_precondition hook. WebDAV extensions define
+ conditions that must exist before a WebDAV method can be executed.
+ This hook allows a WebDAV extension to verify these preconditions.
+ [Graham Leggett]
+ *) Add hooks deliver_report and gather_reports to mod_dav.h. Allows other
+ modules apart from versioning implementations to handle the REPORT method.
+ [Graham Leggett]
+ *) Add dav_get_provider(), dav_open_lockdb(), dav_close_lockdb() and
+ dav_get_resource() to mod_dav.h. [Graham Leggett]
+ *) core: fix ap_escape_quotes substitution logic. [Eric Covener]
+ *) Easy patches: synch 2.4.x and trunk
+ - mod_auth_basic: Use ap_cstr_casecmp instead of strcasecmp.
+ - mod_ldap: log and abort locking errors.
+ - mod_ldap: style fix for r1831165
+ - mod_ldap: build break fix for r1831165
+ - mod_deflate: Avoid hard-coded "%ld" format strings in mod_deflate's
logging statements
+ - mod_deflate: Use apr_uint64_t instead of uint64_t (follow up to
r1849590)
+ - mod_forensic: Follow up to r1856490: missing one mod_log_forensic
test_char_table case.
+ - mod_rewrite: Save a few cycles.
+ - mod_request: Fix a comment (missing '_' in 'keep_body') and some style
issues
+ - core: remove extra whitespace in HTTP_NOT_IMPLEMENTED
+ [Christophe Jaillet]
+ *) core/mpm: add hook 'child_stopping` that gets called when the MPM is
+ stopping a child process. The additional `graceful` parameter allows
+ registered hooks to free resources early during a graceful shutdown.
+ [Yann Ylavic, Stefan Eissing]
+ *) mod_proxy: Fix icomplete initialization of BalancerMember(s) from the
+ balancer-manager, which can lead to a crash. [Yann Ylavic]
+ *) mpm_event: Fix graceful stop/restart of children processes if connections
+ are in lingering close for too long. [Yann Ylavic]
+ *) mod_md: fixed a potential null pointer dereference if ACME/OCSP
+ server returned 2xx responses without content type. Reported by chuangwen.
+ [chuangwen, Stefan Eissing]
+ *) mod_md:
+ - Domain names in `<MDomain ...>` can now appear in quoted form.
+ - Fixed a failure in ACME challenge selection that aborted further
searches
+ when the tls-alpn-01 method did not seem to be suitable.
+ - Changed the tls-alpn-01 setup to only become unsuitable when none of the
+ dns names showed support for a configured 'Protocols ... acme-tls/1'.
This
+ allows use of tls-alpn-01 for dns names that are not mapped to a
VirtualHost.
+ *) Add CPING to health check logic. [Jean-Frederic Clere]
+ *) core: Split ap_create_request() from ap_read_request(). [Graham Leggett]
+ *) core, h2: common ap_parse_request_line() and ap_check_request_header()
+ code. [Yann Ylavic]
+ *) core: Add StrictHostCheck to allow unconfigured hostnames to be
+ rejected. [Eric Covener]
+ *) htcacheclean: Improve help messages. [Christophe Jaillet]
+- modified patches
+ % apache2-HttpContentLengthHeadZero-HttpExpectStrict.patch (refreshed)
+- modified sources
+ % apache2.keyring
+
+-------------------------------------------------------------------
Old:
----
httpd-2.4.48.tar.bz2
httpd-2.4.48.tar.bz2.asc
New:
----
httpd-2.4.49.tar.bz2
httpd-2.4.49.tar.bz2.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apache2.spec ++++++
--- /var/tmp/diff_new_pack.n9Soh7/_old 2021-09-21 21:13:09.510639710 +0200
+++ /var/tmp/diff_new_pack.n9Soh7/_new 2021-09-21 21:13:09.514639715 +0200
@@ -115,7 +115,7 @@
%endif
Name: apache2%{psuffix}
-Version: 2.4.48
+Version: 2.4.49
Release: 0
Summary: The Apache HTTPD Server
License: Apache-2.0
++++++ apache2-HttpContentLengthHeadZero-HttpExpectStrict.patch ++++++
--- /var/tmp/diff_new_pack.n9Soh7/_old 2021-09-21 21:13:09.578639787 +0200
+++ /var/tmp/diff_new_pack.n9Soh7/_new 2021-09-21 21:13:09.582639792 +0200
@@ -42,11 +42,11 @@
server/protocol.c | 25 +++++++++++++++++--------
6 files changed, 77 insertions(+), 10 deletions(-)
-Index: httpd-2.4.46/modules/http/http_filters.c
+Index: httpd-2.4.49/modules/http/http_filters.c
===================================================================
---- httpd-2.4.46.orig/modules/http/http_filters.c 2020-07-08
13:09:13.000000000 +0200
-+++ httpd-2.4.46/modules/http/http_filters.c 2020-11-10 16:16:44.663449886
+0100
-@@ -1483,10 +1483,17 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_
+--- httpd-2.4.49.orig/modules/http/http_filters.c 2021-05-11
17:21:43.000000000 +0200
++++ httpd-2.4.49/modules/http/http_filters.c 2021-09-17 09:33:49.496853894
+0200
+@@ -1488,10 +1488,17 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_
* zero C-L to the client. We can't just remove the C-L filter,
* because well behaved 2.0 handlers will send their data down the stack,
* and we will compute a real C-L for the head request. RBB
@@ -65,11 +65,11 @@
apr_table_unset(r->headers_out, "Content-Length");
}
-Index: httpd-2.4.46/server/core.c
+Index: httpd-2.4.49/server/core.c
===================================================================
---- httpd-2.4.46.orig/server/core.c 2020-07-03 21:53:37.000000000 +0200
-+++ httpd-2.4.46/server/core.c 2020-11-10 16:16:44.695450065 +0100
-@@ -530,6 +530,12 @@ static void *merge_core_server_configs(a
+--- httpd-2.4.49.orig/server/core.c 2021-05-27 15:08:21.000000000 +0200
++++ httpd-2.4.49/server/core.c 2021-09-17 09:33:49.496853894 +0200
+@@ -551,6 +551,12 @@ static void *merge_core_server_configs(a
if (virt->http_methods != AP_HTTP_METHODS_UNSET)
conf->http_methods = virt->http_methods;
@@ -82,7 +82,7 @@
/* no action for virt->accf_map, not allowed per-vhost */
if (virt->protocol)
-@@ -4034,6 +4040,32 @@ static const char *set_http_method(cmd_p
+@@ -4142,6 +4148,32 @@ static const char *set_http_method(cmd_p
return NULL;
}
@@ -115,7 +115,7 @@
static apr_hash_t *errorlog_hash;
static int log_constant_item(const ap_errorlog_info *info, const char *arg,
-@@ -4567,6 +4599,10 @@ AP_INIT_TAKE1("TraceEnable", set_trace_e
+@@ -4685,6 +4717,10 @@ AP_INIT_TAKE1("TraceEnable", set_trace_e
"'on' (default), 'off' or 'extended' to trace request body
content"),
AP_INIT_FLAG("MergeTrailers", set_merge_trailers, NULL, RSRC_CONF,
"merge request trailers into request headers or not"),
@@ -126,47 +126,27 @@
AP_INIT_ITERATE("Protocols", set_protocols, NULL, RSRC_CONF,
"Controls which protocols are allowed"),
AP_INIT_TAKE1("ProtocolsHonorOrder", set_protocols_honor_order, NULL,
RSRC_CONF,
-Index: httpd-2.4.46/server/protocol.c
+Index: httpd-2.4.49/server/protocol.c
===================================================================
---- httpd-2.4.46.orig/server/protocol.c 2020-07-08 13:09:13.000000000
+0200
-+++ httpd-2.4.46/server/protocol.c 2020-11-10 16:16:44.695450065 +0100
-@@ -1502,14 +1502,23 @@ request_rec *ap_read_request(conn_rec *c
+--- httpd-2.4.49.orig/server/protocol.c 2021-09-17 09:33:49.496853894
+0200
++++ httpd-2.4.49/server/protocol.c 2021-09-17 10:15:28.643596021 +0200
+@@ -1056,6 +1056,11 @@ AP_DECLARE(int) ap_check_request_header(
+ if (ap_cstr_casecmp(expect, "100-continue") == 0) {
r->expecting_100 = 1;
}
++ else if (conf->http_expect_strict == AP_HTTP_EXPECT_STRICT_DISABLE) {
++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02595)
++ "client sent an unrecognized expectation value "
++ "of Expect (not fatal): %s", expect);
++ }
else {
-- r->status = HTTP_EXPECTATION_FAILED;
-- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00570)
-- "client sent an unrecognized expectation value of "
-- "Expect: %s", expect);
-- ap_send_error_response(r, 0);
-- ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
-- ap_run_log_transaction(r);
-- goto traceout;
-+ core_server_config *conf;
-+
-+ conf = ap_get_core_module_config(r->server->module_config);
-+ if (conf->http_expect_strict != AP_HTTP_EXPECT_STRICT_DISABLE) {
-+ r->status = HTTP_EXPECTATION_FAILED;
-+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00570)
-+ "client sent an unrecognized expectation value "
-+ "of Expect: %s", expect);
-+ ap_send_error_response(r, 0);
-+ ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
-+ ap_run_log_transaction(r);
-+ goto traceout;
-+ } else {
-+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00570)
-+ "client sent an unrecognized expectation value "
-+ "of Expect (not fatal): %s", expect);
-+ }
- }
- }
-
-Index: httpd-2.4.46/include/http_core.h
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00570)
+ "client sent an unrecognized expectation value "
+Index: httpd-2.4.49/include/http_core.h
===================================================================
---- httpd-2.4.46.orig/include/http_core.h 2019-03-18 09:49:59.000000000
+0100
-+++ httpd-2.4.46/include/http_core.h 2020-11-10 16:16:44.695450065 +0100
-@@ -723,6 +723,16 @@ typedef struct {
+--- httpd-2.4.49.orig/include/http_core.h 2021-05-27 15:08:21.000000000
+0200
++++ httpd-2.4.49/include/http_core.h 2021-09-17 09:33:49.496853894 +0200
+@@ -733,6 +733,16 @@ typedef struct {
#define AP_MERGE_TRAILERS_DISABLE 2
int merge_trailers;
@@ -183,7 +163,7 @@
apr_array_header_t *protocols;
int protocols_honor_order;
-@@ -762,7 +772,6 @@ apr_status_t ap_core_input_filter(ap_fil
+@@ -776,7 +786,6 @@ apr_status_t ap_core_input_filter(ap_fil
apr_off_t readbytes);
apr_status_t ap_core_output_filter(ap_filter_t *f, apr_bucket_brigade *b);
++++++ apache2.keyring ++++++
--- /var/tmp/diff_new_pack.n9Soh7/_old 2021-09-21 21:13:10.086640362 +0200
+++ /var/tmp/diff_new_pack.n9Soh7/_new 2021-09-21 21:13:10.086640362 +0200
@@ -441,3 +441,64 @@
Ot6BQHeyFl0mtrYT1mI=
=L7j3
-----END PGP PUBLIC KEY BLOCK-----
+
+
+pub rsa4096 2021-09-01 [SC]
+ 26F51EF9A82F4ACB43F1903ED377C9E7D1944C66
+uid [ ultimativ ] Stefan Eissing (icing) <ste...@eissing.org>
+sub rsa4096 2021-09-01 [E]
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBGEvgQMBEADHvUv7G4XclbrRea5S/m0xcV/n4eAOE7UjoDhJurR2NYEA7Ori
+YML3h+Uo0a8Fr7BWdvi9FucaxUbZ7ohbUULBNfFDRpH52ojNnnKaKgtWNbGjz0BJ
+3y9Udlo7jblGXnsO5zDUoQI8t5I3MjrCK3lU5OO0gvMloa8aSl/rQJ4zo5AYx2VN
+Tek0JNcccp5LJaQ31BmoC0ucanBZniQG0CrMKUw6utNoY/6HF2jNVxzBs0VBneA2
+LhIJ/2QKYIEfqTTmmDqeor/Uk3xowEpnAiEe1Y+QKlRkvNs0txekB9XKbW+L6yS8
+yW7VPtAMU4IAA6FKvSOAPWSAuqc0beitZarCw4zCLf5EsluI+r0j4nJ/rCNroiUe
+CNCDx4i5wwV39m0+Dmei3HuXUBqyH1ydDspZdgSGacLqUOsj7M+v+lpWiWEgbEo8
+w1jeQ9mn+Juj73QLR3bmUxjTe8acTl22/FGKndMcNf+pawLh51NvqmOPGOX+w+Ul
+jWIVG6nTCBZB3OACk8to16YMgw8NfK38VHM76YpMOJwgEk+kqljDU0vvI1LIxoT/
+BHyup3Bf2scPPKhe7U47+WBz2f2FC9ZQdlm7VhMYWhGfiilY+SkAHGIto6KEeavv
+O5lo2ziOqsotQeYSN/2nyWLcayC5dQxmZJoo1VvjibRm/GkDGLTmc0wEcwARAQAB
+tCtTdGVmYW4gRWlzc2luZyAoaWNpbmcpIDxzdGVmYW5AZWlzc2luZy5vcmc+iQJO
+BBMBCgA4FiEEJvUe+agvSstD8ZA+03fJ59GUTGYFAmEvgQMCGwMFCwkIBwMFFQoJ
+CAsFFgIDAQACHgECF4AACgkQ03fJ59GUTGaH/g//XHeDFajXzOuebcvVf6iQKUMS
+WYlV/GO2f27ZutNv1nFmD6zvlOZ6yr+JANoMAK9iXK6K/R8fYlL1LzkJvCS4V0i3
+fnbZto3bd2Eiyitvs0ppj1c6GLOU5EtWLHsa3l1/X7EGjY9yOguqk168wLwMOXpy
+YXGOzdqUxrep91kE4Z3y3YflcRm+3Fvi4dARnjAZguiMvbOLaiEHZ4jDDcckxQr3
+9uOWpq7OYY07PvemqCJyczVkzEKxDj7hm62p9HvoJB/KwTFkYW1aLfB8fd834iEc
+6DoF17V8DoPMoU1kLRdcVDEsJPpFFEBF3pn2cmi+oOryRrSK1Rbo+HHQyFqo3D01
+9/svYZHRXnXhRbfBd45/qYaJOeq4tqo572Lv2LFDkuZ6S3rJ1qgVPSvSHL7kkOxh
++/x2zRujXzgdVorjXLYw6LfkCHzaevd/DVycHh6d5ctfiTSEsy3JVp+XKK94r8Rb
+e9ybf6whA7tEnuwr0sX5219eYGWw5/awMn8UfMSdrRYQbRdW7Wr8vA+7UMdlY+VI
+51gFBAod11bSi9uMPToXczwYH3OMRnAn04sIp2BOwCwnIW4h+RD71pnZgDMcxiil
+NxhZJYw8w5dvla2v3zxh+oCa+bdP79wHbphNVVWMfhJcnRbQlDiZgoKXdPhU+mcN
+BlyebrE81USOWMS6XXi5Ag0EYS+BAwEQAJ1jce2bjEpG6RNaXkN03GuzB8EOOW4K
+J7t2ZNhX77okMdcUrXcu8DvvDG7okGDtwB+Ql6yWwbJeCIxhyWeeF+TwcZWvBs00
+3uiiZLfissN4pn9198BtxntUVqoc1NKbAudOyAimlCUlDExEhHQQ6PYP7i6xBf/M
+3MZlYyni2ZnMjbsxuNXTN0TR2J53sKCaQvjQjWQwD9N5/0ZivU/uiCuG1Sbn6Wjt
+Xp511g74m0Rio68i12/QVEfMZWhorWDhDxQSPhVWqFC1sChLDHZ/7L1IhzMX0q3W
+xPCK+rBsMSy/SWw5GotrQATIgJLTGQG7tehDWiVDTxCQSrELQoawJdO99g6C+OEL
+m3Z5CnDYVwD4CLPB+DRROaB8UbauvMJZCHMo3OXUALj89ZRpD20h2RQyIkTl37LS
+J9IYM9SxA792ujNoUbdWS/FNIUpopP94jemyaj6qqEBwUGMvIPE0RdsIPdOEcuS3
+3kW9W/bHlWCe8m0CIPbwZFohNGk9+KBalz1CTNnZxB7rvRyLLhzJws9BqtU7X3dy
+J0ZcYHGQJsvU8ZfAM/EUMLbyvUSbnDdNwDDjduO8ZuOWYjg5f/FwSR25k/yGvfUe
+RyiptHnl5c7BMkNaEtfHFVDPOIts6vDVD3K/np9AK7UY58snaMnqFTtxz1munJSX
+C0IXelr+V6hRABEBAAGJAjYEGAEKACAWIQQm9R75qC9Ky0PxkD7Td8nn0ZRMZgUC
+YS+BAwIbDAAKCRDTd8nn0ZRMZqEoD/49MVe/6bW54eh0CG6B07tY1qlkelSv+xfY
+tgZ3V+vZFtLVjo0RYpeP4Yt0ZtpNqZEPnHqwAvD7TZQayNVgo13uK/0aBlAhVtWZ
+54nuItHcwT90u+3Tj5hnHwPptIxSsfRWEAg5BkegQN76c+yhNHWJ5U2H2pG2+YkP
+dXHS89/nbDEi9kZhgtIer9lhmZSgSO2RYzj/QHgLNEor3IGUGAI3u0M2o+dcoVyH
+NJGPRboBzCm8qNDt/3cctQDzFdDA+3X7KbPKekYs3ewuO1l+JtXtnq3S4tkvMDI1
+ZKX0RBydw5w+bksTk6Z7X7nbYmPCeNNBVQUshwQwDXCHPDXd1MxWJHqTz8lOPo70
+fHH0DWTTOw9rNMacUnz7FE0veDcknOZQ4snbHwZkUC4Mg5wM6KOyWgrTW6XK0TSx
+Su1Qou7xKD/A1zgx9C0eIqicnifDUEY9SGfXaJrsJDJICEP0BtmcfsP0Z8DcmzOv
+atfaF/cmJBtSR6IegJYJCtrlFdpIKQSikZO4QP5B3odc0ipuklkJcPkbQhpx+C5x
+O3yU7Izv+cy+yhF+uq8NtWVQx+WCtt4RWqSn6sxtUvTb5qnRbMQtZJ2vbN8+WqTK
+ZNlXGF7PBgjSTJnHmCvaT4gfVnJ/NAwn4stq+bdPnrBSKaDnYGwWpV9g8u+XSpOF
+ebJKIV3Evw==
+=tHCM
+-----END PGP PUBLIC KEY BLOCK-----
+
++++++ httpd-2.4.48.tar.bz2 -> httpd-2.4.49.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/apache2/httpd-2.4.48.tar.bz2
/work/SRC/openSUSE:Factory/.apache2.new.1899/httpd-2.4.49.tar.bz2 differ: char
11, line 1
