On Thu, Aug 24, 2023 at 1:44 AM Carl George <[email protected]> wrote: > > I am performing an incompatible upgrade of the caddy package in EPEL > 9. In accordance with the incompatible upgrade policy [0], I proposed > this upgrade just over a week ago on the epel-devel mailing list [1]. > For reasons detailed in the previous email, it is no longer possible > to update the package at the current version, preventing me from > resolving known CVEs. Today the EPEL Steering Committee voted to > approve this upgrade [2]. > > This upgrade will take the package from version 2.4.6 to 2.6.4. This > includes a few backwards-incompatible changes. I believe these > changes are on the milder side, and most users shouldn't notice a > difference. Here are the most notable removals/changes: > > - Reverse proxy: Incoming X-Forwarded-* headers will no longer be > automatically trusted, to prevent spoofing. > - Logging: Removed the deprecated common_log field from HTTP access > logs, and the single_field encoder. > - Logging: The remote_addr field has been replaced by remote_ip and > remote_port fields in HTTP access logs, which split up the two parts > of the remote address. > - Caddyfile: The reverse_proxy directive's handle_response > subdirective has had its status replacement functionality moved to a > new replace_status subdirective. > > There are also a few additional changes to features labeled as > experimental, and some deprecations (not yet removed). For a full > list, see the upstream release notes [3][4]. > > If you are able, please test and provide karma for the update [5]. > > [0] > https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades/ > [1] > https://lists.fedoraproject.org/archives/list/[email protected]/thread/CDNDAKTIAQTFTNDHOIHKQJ4B2LAV5ZSS/ > [2] > https://meetbot.fedoraproject.org/fedora-meeting/2023-08-23/epel.2023-08-23-20.00.html > [3] https://github.com/caddyserver/caddy/releases/tag/v2.5.0 > [4] https://github.com/caddyserver/caddy/releases/tag/v2.6.0 > [5] https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8849a14e7f > > -- > Carl George > _______________________________________________ > epel-announce mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue
This update has been in the testing repo for the mandatory 1 week period. I am pushing it to stable now. -- Carl George _______________________________________________ epel-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
