Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package lighttpd for openSUSE:Factory
checked in at 2022-01-23 12:15:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lighttpd (Old)
and /work/SRC/openSUSE:Factory/.lighttpd.new.1938 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lighttpd"
Sun Jan 23 12:15:50 2022 rev:50 rq:948114 version:1.4.64
Changes:
--------
--- /work/SRC/openSUSE:Factory/lighttpd/lighttpd.changes 2021-12-18
20:30:52.486263493 +0100
+++ /work/SRC/openSUSE:Factory/.lighttpd.new.1938/lighttpd.changes
2022-01-23 12:17:02.351926087 +0100
@@ -1,0 +2,13 @@
+Sat Jan 22 13:40:32 UTC 2022 - Andreas Stieger <andreas.stie...@gmx.de>
+
+- update to 1.4.64:
+ * CVE-2022-22707: off-by-one stack overflow in the mod_extforward
+ plugin (boo#1194376)
+ * graceful restart/shutdown timeout changed from 0 (disabled) to
+ 8 seconds. configure an alternative with:
+ server.feature-flags += (???server.graceful-shutdown-timeout??? => 8)
+ * deprecated modules (previously announced) have been removed:
+ mod_authn_mysql, mod_mysql_vhost, mod_cml, mod_flv_streaming,
+ mod_geoip, mod_trigger_b4_dl
+
+-------------------------------------------------------------------
Old:
----
lighttpd-1.4.63.tar.xz
lighttpd-1.4.63.tar.xz.asc
New:
----
lighttpd-1.4.64.tar.xz
lighttpd-1.4.64.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lighttpd.spec ++++++
--- /var/tmp/diff_new_pack.vgDq3E/_old 2022-01-23 12:17:02.811923012 +0100
+++ /var/tmp/diff_new_pack.vgDq3E/_new 2022-01-23 12:17:02.819922959 +0100
@@ -1,7 +1,7 @@
#
# spec file for package lighttpd
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: lighttpd
-Version: 1.4.63
+Version: 1.4.64
Release: 0
#
Summary: A Secure, Fast, Compliant, and Very Flexible Web Server
@@ -44,13 +44,11 @@
BuildRequires: cyrus-sasl-devel
BuildRequires: e2fsprogs-devel
BuildRequires: gamin-devel
-BuildRequires: gdbm-devel
BuildRequires: iputils
BuildRequires: krb5-devel
BuildRequires: libattr-devel
BuildRequires: libbz2-devel
BuildRequires: libdbi-devel
-BuildRequires: libmemcached-devel
BuildRequires: libtool
BuildRequires: libxml2-devel
BuildRequires: lua51-devel
@@ -94,28 +92,6 @@
Output-Compression, URL-Rewriting, and more) makes lighttpd the perfect
Web server software for every server that is suffering load problems.
-%package mod_cml
-Summary: CML (Cache Meta Language) module for Lighttpd
-Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version}
-
-%description mod_cml
-CML is a Meta language to describe the dependencies of a page at one
-side and building a page from its fragments on the oth er side using
-LUA.
-
-CML (Cache Meta Language) wants to solves several problems:
-
-* dynamic content needs caching to perform
-
-* checking if the content is dirty inside of the application is
- usually more expensive than sending out the cached data
-
-* a dynamic page is usually fragmented and the fragments have
- different livetimes
-
-* the different fragements can be cached independently
-
%package mod_magnet
Summary: A module to control the request handling in lighttpd
Group: Productivity/Networking/Web/Servers
@@ -126,15 +102,6 @@
It is the successor of mod_cml.
-%package mod_mysql_vhost
-Summary: MySQL based virtual hosts (vhosts) module for Lighttpd
-Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version}
-
-%description mod_mysql_vhost
-With MySQL based vhosting you can put the information where to look for
-a document-root of a given host into a MySQL database.
-
%package mod_vhostdb_dbi
Summary: DBI based virtual hosts module for Lighttpd
Group: Productivity/Networking/Web/Servers
@@ -171,26 +138,6 @@
With PostgreSQL based vhosting you can put the information where to look
for the document-root of a given host into a PostgreSQL database.
-%package mod_trigger_b4_dl
-Summary: Another anti hot-linking module for Lighttpd
-Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version}
-
-%description mod_trigger_b4_dl
-Anti Hotlinking:
-
-* if user requests download-url directly the request is denied and
- he is redirected to ''deny-url'
-
-* if user visits trigger-url before requesting download-url access
- is granted
-
-* if user visits download-url again after trigger-timeout has run
- down to the request is denied and he is redirected to deny-url
-
-The storage for the trigger information is either stored locally in a
-gdbm file or remotly in memcached.
-
%package mod_rrdtool
Summary: Lighttpd module to feed rrdtool databases
Group: Productivity/Networking/Web/Servers
@@ -249,14 +196,6 @@
%description mod_authn_ldap
A module to provide LDAP authentication in lighttpd.
-%package mod_authn_mysql
-Summary: MySQL authentication in lighttpd
-Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version}
-
-%description mod_authn_mysql
-A module to provide MySQL authentication in lighttpd.
-
%package mod_authn_sasl
Summary: SASL authentication in lighttpd
Group: Productivity/Networking/Web/Servers
@@ -284,7 +223,6 @@
--libdir=%{_libdir}/%{name} \
--enable-lfs \
--enable-ipv6 \
- --with-pcre2 \
--with-ldap \
--with-pam \
--with-dbi \
@@ -292,9 +230,7 @@
--with-mysql \
--with-openssl \
--with-krb5 \
- --with-gdbm \
--with-lua \
- --with-memcached \
--with-bzip2 \
--with-zstd \
--with-brotli \
@@ -330,7 +266,6 @@
perl -p -i.orig -e 's|^(server\.tag = ).*$|$1 "%{name} (%{version}/SuSE)"|'
doc/config/lighttpd.conf
diff -ur doc/config/lighttpd.conf{.orig,} ||:
rm -vf doc/config/lighttpd.conf.orig ||:
-rm -vf doc/config/conf.d/geoip.conf ||:
cp -rv doc/config/* %{buildroot}%{_sysconfdir}/%{name}/
find %{buildroot}%{_sysconfdir}/%{name}/ -name Makefile\* -delete
#
@@ -409,7 +344,6 @@
%{_libdir}/%{name}/mod_expire.so
%{_libdir}/%{name}/mod_extforward.so
%{_libdir}/%{name}/mod_fastcgi.so
-%{_libdir}/%{name}/mod_flv_streaming.so
%{_libdir}/%{name}/mod_indexfile.so
%{_libdir}/%{name}/mod_openssl.so
%{_libdir}/%{name}/mod_proxy.so
@@ -467,21 +401,11 @@
%attr(751,%{name},%{name}) %{_var}/cache/%{name}/
%dir %attr(750,%{name},%{name}) %{_var}/log/%{name}/
-%files mod_cml
-%config(noreplace) %attr(640,root,%{name})
%{_sysconfdir}/%{name}/conf.d/cml.conf
-%{_libdir}/%{name}/mod_cml.so
-%doc doc/outdated/cml.txt
-
%files mod_magnet
%config(noreplace) %attr(640,root,%{name})
%{_sysconfdir}/%{name}/conf.d/magnet.conf
%{_libdir}/%{name}/mod_magnet.so
%doc doc/outdated/magnet.txt
-%files mod_mysql_vhost
-%config(noreplace) %attr(640,root,%{name})
%{_sysconfdir}/%{name}/conf.d/mysql_vhost.conf
-%{_libdir}/%{name}/mod_mysql_vhost.so
-%doc doc/outdated/mysqlvhost.txt
-
%files mod_vhostdb_dbi
%{_libdir}/%{name}/mod_vhostdb_dbi.so
@@ -494,11 +418,6 @@
%files mod_vhostdb_pgsql
%{_libdir}/%{name}/mod_vhostdb_pgsql.so
-%files mod_trigger_b4_dl
-%config(noreplace) %attr(640,root,%{name})
%{_sysconfdir}/%{name}/conf.d/trigger_b4_dl.conf
-%{_libdir}/%{name}/mod_trigger_b4_dl.so
-%doc doc/outdated/trigger_b4_dl.txt
-
%files mod_rrdtool
%config(noreplace) %attr(640,root,%{name})
%{_sysconfdir}/%{name}/conf.d/rrdtool.conf
%doc doc/outdated/rrdtool.txt
@@ -519,9 +438,6 @@
%files mod_authn_ldap
%{_libdir}/%{name}/mod_authn_ldap.so
-%files mod_authn_mysql
-%{_libdir}/%{name}/mod_authn_mysql.so
-
%files mod_authn_sasl
%{_libdir}/%{name}/mod_authn_sasl.so
++++++ lighttpd-1.4.63.tar.xz -> lighttpd-1.4.64.tar.xz ++++++
++++ 13196 lines of diff (skipped)
