Hello community, here is the log from the commit of package apache2 for openSUSE:Factory checked in at 2017-10-10 11:37:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache2 (Old) and /work/SRC/openSUSE:Factory/.apache2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2" Tue Oct 10 11:37:47 2017 rev:136 rq:532105 version:2.4.28 Changes: -------- --- /work/SRC/openSUSE:Factory/apache2/apache2.changes 2017-07-30 11:22:09.829557508 +0200 +++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-10-10 11:37:51.104994283 +0200 @@ -1,0 +2,57 @@ +Fri Oct 6 07:45:55 UTC 2017 - [email protected] + +- updated to 2.4.28: + *) SECURITY: CVE-2017-9798 (cve.mitre.org) + Corrupted or freed memory access. <Limit[Except]> must now be used in the + main configuration file (httpd.conf) to register HTTP methods before the + .htaccess files. [Yann Ylavic] + *) event: Avoid possible blocking in the listener thread when shutting down + connections. PR 60956. [Yann Ylavic] + *) mod_speling: Don't embed referer data in a link in error page. + PR 38923 [Nick Kew] + *) htdigest: prevent a buffer overflow when a string exceeds the allowed max + length in a password file. + [Luca Toscano, Hanno Böck <hanno hboeck de>] + *) mod_proxy: loadfactor parameter can now be a decimal number (eg: 1.25). + [Jim Jagielski] + *) mod_proxy_wstunnel: Allow upgrade to any protocol dynamically. + PR 61142. + *) mod_watchdog/mod_proxy_hcheck: Time intervals can now be spefified + down to the millisecond. Supports 'mi' (minute), 'ms' (millisecond), + 's' (second) and 'hr' (hour!) time suffixes. [Jim Jagielski] + *) mod_http2: Fix for stalling when more than 32KB are written to a + suspended stream. [Stefan Eissing] + *) build: allow configuration without APR sources. [Jacob Champion] + *) mod_ssl, ab: Fix compatibility with LibreSSL. PR 61184. + [Bernard Spil <brnrd freebsd.org>, Michael Schlenker <msc contact.de>, + Yann Ylavic] + *) core/log: Support use of optional "tag" in syslog entries. + PR 60525. [Ben Rubson <ben.rubson gmail.com>, Jim Jagielski] + *) mod_proxy: Fix ProxyAddHeaders merging. [Joe Orton] + *) core: Disallow multiple Listen on the same IP:port when listener buckets + are configured (ListenCoresBucketsRatio > 0), consistently with the single + bucket case (default), thus avoiding the leak of the corresponding socket + descriptors on graceful restart. [Yann Ylavic] + *) event: Avoid listener periodic wake ups by using the pollset wake-ability + when available. PR 57399. [Yann Ylavic, Luca Toscano] + *) mod_proxy_wstunnel: Fix detection of unresponded request which could have + led to spurious HTTP 502 error messages sent on upgrade connections. + PR 61283. [Yann Ylavic] + +------------------------------------------------------------------- +Thu Oct 5 12:57:56 UTC 2017 - [email protected] + +- suexec binary moved to main package [bsc#1054741] + +------------------------------------------------------------------- +Tue Oct 3 16:13:13 UTC 2017 - [email protected] + +- do not call and do not ship apache-22-24-upgrade [bsc#1042037] + +------------------------------------------------------------------- +Mon Jul 24 15:25:09 UTC 2017 - [email protected] + +- make the package runable on non systemd systems + + deprecated-scripts-arch.patch + +------------------------------------------------------------------- Old: ---- apache-22-24-upgrade httpd-2.4.27.tar.bz2 httpd-2.4.27.tar.bz2.asc New: ---- apache2-init.logrotate deprecated-scripts-arch.patch httpd-2.4.28.tar.bz2 httpd-2.4.28.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache2.spec ++++++ --- /var/tmp/diff_new_pack.d8wYIL/_old 2017-10-10 11:37:53.084907388 +0200 +++ /var/tmp/diff_new_pack.d8wYIL/_new 2017-10-10 11:37:53.088907211 +0200 @@ -53,7 +53,7 @@ %define mods_static unixd %endif Name: apache2 -Version: 2.4.27 +Version: 2.4.28 Release: 0 Summary: The Apache Web Server Version 2.4 License: Apache-2.0 @@ -107,7 +107,6 @@ Source130: apache2-vhost.template Source131: apache2-vhost-ssl.template Source140: apache2-check_forensic -Source141: apache-22-24-upgrade Source142: start_apache2 Source143: apache2-systemd-ask-pass Source144: apache2.service @@ -115,6 +114,7 @@ Source146: [email protected] Source147: apache2-script-helpers Source148: apache2.target +Source149: %{name}-init.logrotate Patch2: httpd-2.1.3alpha-layout.dif Patch23: httpd-apachectl.patch Patch66: httpd-2.0.54-envvars.dif @@ -127,6 +127,7 @@ Patch111: httpd-visibility.patch # PATCH-FEATURE-UPSTREAM [email protected] -- backport of HttpContentLengthHeadZero and HttpExpectStrict Patch115: httpd-2.4.x-fate317766-config-control-two-protocol-options.diff +Patch116: deprecated-scripts-arch.patch BuildRequires: apache-rpm-macros-control BuildRequires: apr-util-devel BuildRequires: automake @@ -315,6 +316,9 @@ %endif %patch111 -p1 %patch115 -p1 +%if 0%{?suse_version} == 1110 +%patch116 -p1 +%endif cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE # install READMEs a=$(basename %{SOURCE22}) @@ -523,6 +527,9 @@ install -m 755 support/logresolve.pl %{buildroot}/%{_sbindir}/ mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d install -m 644 $RPM_SOURCE_DIR/%{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name} +%if 0%{?suse_version} == 1110 +install -m 644 $RPM_SOURCE_DIR/%{name}-init.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name} +%endif install -m 755 $RPM_SOURCE_DIR/apache2-check_forensic %{buildroot}/%{_bindir}/check_forensic install -m 755 $RPM_SOURCE_DIR/apache2-find-directives %{buildroot}/%{_bindir}/ # @@ -533,6 +540,7 @@ # init script and friends install -m 644 $RPM_SOURCE_DIR/apache2-script-helpers %{buildroot}/%{_datadir}/%{name}/script-helpers install -m 744 $RPM_SOURCE_DIR/start_apache2 %{buildroot}%{_sbindir}/ +cp -r deprecated-scripts %{buildroot}/%{_datadir}/%{name}/ %if 0%{?suse_version} >= 1210 mkdir -p %{buildroot}%{_unitdir}/ install -m 700 $RPM_SOURCE_DIR/apache2-systemd-ask-pass %{buildroot}%{_sbindir}/ @@ -542,11 +550,19 @@ ln -sf service %{buildroot}/%{_sbindir}/rcapache2 %else mkdir -p %{buildroot}%{_sysconfdir}/init.d +mkdir -p %{buildroot}%{_sysconfdir}/%{name}/sysconfig.d + install -m 744 $RPM_SOURCE_DIR/rc.%{name} %{buildroot}%{_initddir}/%{name} ln -sf ../..%{_initddir}/%{name} %{buildroot}/%{_sbindir}/rcapache2 +for file in find_mpm \ + get_includes \ + get_module_list \ + load_configuration +do + ln -sf deprecated-scripts/$file %{buildroot}/%{_datadir}/%{name}/$file + chmod +x %{buildroot}/%{_datadir}/%{name}/$file +done %endif -cp -r deprecated-scripts %{buildroot}/%{_datadir}/%{name}/ -install -m 755 $RPM_SOURCE_DIR/apache-22-24-upgrade %{buildroot}/%{_datadir}/%{name}/ install -m 755 $RPM_SOURCE_DIR/sysconf_addword %{buildroot}/%{_datadir}/%{name}/ install -m 755 $RPM_SOURCE_DIR/a2enflag %{buildroot}/%{_sbindir} ln -s a2enflag %{buildroot}/%{_sbindir}/a2disflag @@ -769,6 +785,8 @@ %{_mandir}/man?/httpd2.?.* %{_mandir}/man?/apxs.?.* %{_mandir}/man?/apxs2.?.* +%{_mandir}/man?/suexec.?.* +%{_mandir}/man?/suexec2.?.* %doc robots.txt %doc printenv %doc test-cgi @@ -799,6 +817,7 @@ %{_sbindir}/apache2-systemd-ask-pass %else %{_initddir}/%{name} +%dir %{_sysconfdir}/%{name}/sysconfig.d %endif %{_sbindir}/rcapache2 %{_sbindir}/apachectl @@ -813,6 +832,8 @@ %{_sbindir}/start_apache2 %{_bindir}/log_server_status %{_bindir}/log_server_status2 +%verify(not mode) %attr(0755,root,root) %{_sbindir}/suexec +%{_sbindir}/suexec2 %{iconsdir} %{errordir} %{_var}/adm/fillup-templates/sysconfig.%{name} @@ -821,12 +842,17 @@ %{_libdir}/%{name}/mod_*.so %dir %{installbuilddir} %dir %{_datadir}/%{name} -%{_datadir}/%{name}/apache-22-24-upgrade %{_datadir}/%{name}/deprecated-scripts %{_datadir}/%{name}/script-helpers %{_datadir}/%{name}/sysconf_addword %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl +%if 0%{?suse_version} == 1110 +/usr/share/apache2/find_mpm +/usr/share/apache2/get_includes +/usr/share/apache2/get_module_list +/usr/share/apache2/load_configuration +%endif %if %{prefork} %files prefork @@ -1243,8 +1269,6 @@ %{_mandir}/man?/logresolve2.?.* %{_mandir}/man?/rotatelogs.?.* %{_mandir}/man?/rotatelogs2.?.* -%{_mandir}/man?/suexec.?.* -%{_mandir}/man?/suexec2.?.* %{_sbindir}/fcgistarter %{_mandir}/man8/fcgistarter.8.* %{_bindir}/check_forensic @@ -1270,8 +1294,6 @@ %{_bindir}/logresolve2 %{_sbindir}/rotatelogs %{_sbindir}/rotatelogs2 -%verify(not mode) %attr(0755,root,root) %{_sbindir}/suexec -%{_sbindir}/suexec2 %if %{prefork} # @@ -1421,10 +1443,9 @@ exit 0 %posttrans -%{_datadir}/%{name}/apache-22-24-upgrade +%apache_restart_if_needed %verifyscript %verify_permissions -e %{_sbindir}/suexec -%apache_restart_if_needed %changelog ++++++ apache2-init.logrotate ++++++ /var/log/apache2/access_log { compress dateext maxage 365 rotate 99 size=+4096k notifempty missingok create 644 root root prerotate /etc/init.d/apache2 check-reload endscript postrotate /etc/init.d/apache2 reload endscript } /var/log/apache2/error_log { compress dateext maxage 365 rotate 99 size=+1024k notifempty missingok create 644 root root prerotate /etc/init.d/apache2 check-reload endscript postrotate /etc/init.d/apache2 reload endscript } /var/log/apache2/suexec.log { compress dateext maxage 365 rotate 99 size=+1024k notifempty missingok create 644 root root prerotate /etc/init.d/apache2 check-reload endscript postrotate /etc/init.d/apache2 reload endscript } /var/log/apache2/ssl_request_log { compress dateext maxage 365 rotate 99 size=+4096k notifempty missingok create 644 root root prerotate /etc/init.d/apache2 check-reload endscript postrotate /etc/init.d/apache2 reload endscript } /var/log/apache2/ssl_engine_log { compress dateext maxage 365 rotate 99 size=+1024k notifempty missingok create 644 root root prerotate /etc/init.d/apache2 check-reload endscript postrotate /etc/init.d/apache2 reload endscript } ++++++ deprecated-scripts-arch.patch ++++++ --- deprecated-scripts/get_module_list | 56 +++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 26 deletions(-) Index: httpd-2.4.27/deprecated-scripts/get_module_list =================================================================== --- httpd-2.4.27.orig/deprecated-scripts/get_module_list +++ httpd-2.4.27/deprecated-scripts/get_module_list @@ -4,6 +4,10 @@ pname=apache2 : ${sysconfdir:=/etc/$pname} : ${sysconfig_apache:=/etc/sysconfig/$pname} default_APACHE_DOCUMENT_ROOT=/srv/www/htdocs +modpath=/usr/lib +if [ `/bin/arch` == "x86_64" ]; then + modpath=/usr/lib64 +fi test -z "$APACHE_MODULES" && . /usr/share/$pname/load_configuration apache_bin=$(/usr/share/$pname/find_mpm 2>/dev/null) @@ -61,26 +65,26 @@ for i in ${APACHE_MODULES[*]}; do module_path=$i ;; *) - for j in /usr/lib/$pname-$APACHE_MPM/mod_$i.so \ - /usr/lib/$pname-$APACHE_MPM/$i.so \ - /usr/lib/$pname-$APACHE_MPM/mod_$i \ - /usr/lib/$pname-$APACHE_MPM/$i \ - /usr/lib/$pname-$APACHE_MPM/${i/mod_}.so \ - /usr/lib/$pname-$APACHE_MPM/${i/mod_} \ - /usr/lib/$pname-$APACHE_MPM/lib${i/mod_}.so \ - /usr/lib/$pname-$APACHE_MPM/lib${i/mod_} \ - /usr/lib/$pname-$APACHE_MPM/lib$i.so \ - /usr/lib/$pname-$APACHE_MPM/lib$i \ - /usr/lib/$pname/mod_$i.so \ - /usr/lib/$pname/$i.so \ - /usr/lib/$pname/mod_$i \ - /usr/lib/$pname/$i \ - /usr/lib/$pname/${i/mod_}.so \ - /usr/lib/$pname/${i/mod_} \ - /usr/lib/$pname/lib${i/mod_}.so \ - /usr/lib/$pname/lib${i/mod_} \ - /usr/lib/$pname/lib$i.so \ - /usr/lib/$pname/lib$i + for j in $modpath/$pname-$APACHE_MPM/mod_$i.so \ + $modpath/$pname-$APACHE_MPM/$i.so \ + $modpath/$pname-$APACHE_MPM/mod_$i \ + $modpath/$pname-$APACHE_MPM/$i \ + $modpath/$pname-$APACHE_MPM/${i/mod_}.so \ + $modpath/$pname-$APACHE_MPM/${i/mod_} \ + $modpath/$pname-$APACHE_MPM/lib${i/mod_}.so \ + $modpath/$pname-$APACHE_MPM/lib${i/mod_} \ + $modpath/$pname-$APACHE_MPM/lib$i.so \ + $modpath/$pname-$APACHE_MPM/lib$i \ + $modpath/$pname/mod_$i.so \ + $modpath/$pname/$i.so \ + $modpath/$pname/mod_$i \ + $modpath/$pname/$i \ + $modpath/$pname/${i/mod_}.so \ + $modpath/$pname/${i/mod_} \ + $modpath/$pname/lib${i/mod_}.so \ + $modpath/$pname/lib${i/mod_} \ + $modpath/$pname/lib$i.so \ + $modpath/$pname/lib$i do if [ -f $j ]; then module_path=$j @@ -105,12 +109,12 @@ done echo >&3 -e "#\n" exec 3<&- chmod 644 $TMPFILE -if ! mv -Z $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf 2>/dev/null; then - mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf - if selinuxenabled; then - restorecon $sysconfdir/sysconfig.d/loadmodule.conf - fi -fi +if ! mv -Z $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf 2>/dev/null; then + mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf +# if selinuxenabled; then +# restorecon $sysconfdir/sysconfig.d/loadmodule.conf +# fi +fi #echo -n ". " ++++++ httpd-2.4.27.tar.bz2 -> httpd-2.4.28.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/apache2/httpd-2.4.27.tar.bz2 /work/SRC/openSUSE:Factory/.apache2.new/httpd-2.4.28.tar.bz2 differ: char 11, line 1 ++++++ rc.apache2 ++++++ --- /var/tmp/diff_new_pack.d8wYIL/_old 2017-10-10 11:37:54.136861218 +0200 +++ /var/tmp/diff_new_pack.d8wYIL/_new 2017-10-10 11:37:54.136861218 +0200 @@ -86,6 +86,7 @@ *) server_flags="$server_flags -D$i";; esac done + server_flags="$server_flags -DSYSCONFIG -C 'Include /etc/apache2/sysconfig.d/'" } action="$1"
