Hello community, here is the log from the commit of package lighttpd for openSUSE:Factory checked in at 2018-07-06 10:47:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lighttpd (Old) and /work/SRC/openSUSE:Factory/.lighttpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lighttpd" Fri Jul 6 10:47:53 2018 rev:38 rq:621111 version:1.4.49 Changes: -------- --- /work/SRC/openSUSE:Factory/lighttpd/lighttpd.changes 2018-04-01 17:27:30.537386000 +0200 +++ /work/SRC/openSUSE:Factory/.lighttpd.new/lighttpd.changes 2018-07-06 10:48:22.306799159 +0200 @@ -1,0 +2,27 @@ +Wed May 2 13:55:55 UTC 2018 - dims...@opensuse.org + +- Revert that pgsql workaround for tumbleweed: pampering over + issues like this is just hiding problems. A real fix was + submitted to the postgresql package instead. + +------------------------------------------------------------------- +Sat Apr 28 07:01:08 UTC 2018 - i...@marguerite.su + +- workaround for tumbleweed + * update-alternatives not expanded in the build VM + due to unknown reasons, thus /usr/bin/pg_config + is meaningless + +------------------------------------------------------------------- +Fri Apr 6 15:00:53 EEST 2018 - mikhail.kasi...@gmail.com + +- Updated 10-ssl.conf (TLSv1.2 only) for lighttpd.conf in + lighttpd_1.4.49-1.1.debian.tar.xz + +------------------------------------------------------------------- +Fri Apr 6 14:26:41 EEST 2018 - mikhail.kasi...@gmail.com + +- Updated 'SSL Support' section in lighttpd.conf: TLSv1.2 only + bsc#1087369 + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lighttpd.spec ++++++ --- /var/tmp/diff_new_pack.s4Ha2e/_old 2018-07-06 10:48:26.210794506 +0200 +++ /var/tmp/diff_new_pack.s4Ha2e/_new 2018-07-06 10:48:26.214794501 +0200 @@ -1,7 +1,7 @@ # # spec file for package lighttpd # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed ++++++ lighttpd_1.4.49-1.1.debian.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/debian/conf-available/10-ssl.conf new/debian/conf-available/10-ssl.conf --- old/debian/conf-available/10-ssl.conf 2017-01-14 22:07:19.000000000 +0100 +++ new/debian/conf-available/10-ssl.conf 2018-04-06 13:43:17.000000000 +0200 @@ -6,4 +6,7 @@ ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" ssl.honor-cipher-order = "enable" + ## Allow TLS version 1.2 only, which is a recommended default these days + ## by international information security standards. + ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2") } ++++++ lighttpd_1.4.49-1.1.dsc ++++++ --- /var/tmp/diff_new_pack.s4Ha2e/_old 2018-07-06 10:48:26.434794239 +0200 +++ /var/tmp/diff_new_pack.s4Ha2e/_new 2018-07-06 10:48:26.434794239 +0200 @@ -30,14 +30,14 @@ lighttpd-mod-vhostdb-pgsql deb httpd optional arch=any lighttpd-mod-webdav deb httpd optional arch=any Checksums-Sha1: - 9e13d061cbae2f377a1a5bb24e13ccd9cba0bba6 710964 lighttpd_1.4.49.orig.tar.xz - 09649373056f16c232f93133a3e85402ea182578 47024 lighttpd_1.4.49-1.1.debian.tar.xz + 242ea14ca1b4c80c72ab4b7964875ac99f53fd81 725188 lighttpd_1.4.49.orig.tar.xz + c16230150405bf6c52960230339ec3ebec2f8296 47400 lighttpd_1.4.49-1.1.debian.tar.xz Checksums-Sha256: - aedf49d7127d9e4c0ea56618e9e945a17674dc46a37ac7990120f87dd939ce09 710964 lighttpd_1.4.49.orig.tar.xz - 7a1f3c82d5e5f16836ca42ba5497f2cd9bad15cf7e3a472bf055a3586798ccc9 47024 lighttpd_1.4.49-1.1.debian.tar.xz + 9e26f417feff34f4d2901328bc273633b6d3a0d42f5d3dcd89d3b7e939384844 725188 lighttpd_1.4.49.orig.tar.xz + a6e69c6d7900fe41e3302efc96ac733c30a1a55eabd82bb4ef5b7d0c90172515 47400 lighttpd_1.4.49-1.1.debian.tar.xz Files: - aaf8165379351c3766e5ad1e5c9dbe8b 710964 lighttpd_1.4.49.orig.tar.xz - c68408a7ce7de7f7f3bbc5e411753d12 47024 lighttpd_1.4.49-1.1.debian.tar.xz + fa1ea87b602d067dac2225c49bdf595f 725188 lighttpd_1.4.49.orig.tar.xz + 9f9738803913c1c0254423fe014de048 47400 lighttpd_1.4.49-1.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- ++++++ lighttpd_1.4.49.orig.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lighttpd-1.4.49/doc/config/lighttpd.conf new/lighttpd-1.4.49/doc/config/lighttpd.conf --- old/lighttpd-1.4.49/doc/config/lighttpd.conf 2018-03-12 01:52:20.000000000 +0100 +++ new/lighttpd-1.4.49/doc/config/lighttpd.conf 2018-04-06 12:41:36.000000000 +0200 @@ -434,6 +434,11 @@ ## # ssl.disable-client-renegotiation = "enable" ## +## Allow TLS version 1.2 only, which is a recommended default these days +## by international information security standards. +## +# ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2") + ## $SERVER["socket"] == "10.0.0.1:443" { ## ssl.engine = "enable" ## ssl.pemfile = "/etc/ssl/private/www.example.com.pem"