commit lighttpd for openSUSE:Factory

root Fri, 06 Jul 2018 01:48:55 -0700

Hello community,

here is the log from the commit of package lighttpd for openSUSE:Factory 
checked in at 2018-07-06 10:47:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lighttpd (Old)
 and      /work/SRC/openSUSE:Factory/.lighttpd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "lighttpd"

Fri Jul  6 10:47:53 2018 rev:38 rq:621111 version:1.4.49

Changes:
--------
--- /work/SRC/openSUSE:Factory/lighttpd/lighttpd.changes        2018-04-01 
17:27:30.537386000 +0200
+++ /work/SRC/openSUSE:Factory/.lighttpd.new/lighttpd.changes   2018-07-06 
10:48:22.306799159 +0200
@@ -1,0 +2,27 @@
+Wed May  2 13:55:55 UTC 2018 - dims...@opensuse.org
+
+- Revert that pgsql workaround for tumbleweed: pampering over
+  issues like this is just hiding problems. A real fix was
+  submitted to the postgresql package instead.
+
+-------------------------------------------------------------------
+Sat Apr 28 07:01:08 UTC 2018 - i...@marguerite.su
+
+- workaround for tumbleweed
+  * update-alternatives not expanded in the build VM
+    due to unknown reasons, thus /usr/bin/pg_config
+    is meaningless
+
+-------------------------------------------------------------------
+Fri Apr 6 15:00:53 EEST 2018 - mikhail.kasi...@gmail.com
+
+- Updated 10-ssl.conf (TLSv1.2 only) for lighttpd.conf in
+  lighttpd_1.4.49-1.1.debian.tar.xz
+
+-------------------------------------------------------------------
+Fri Apr 6 14:26:41 EEST 2018 - mikhail.kasi...@gmail.com
+
+- Updated 'SSL Support' section in lighttpd.conf: TLSv1.2 only
+  bsc#1087369
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ lighttpd.spec ++++++
--- /var/tmp/diff_new_pack.s4Ha2e/_old  2018-07-06 10:48:26.210794506 +0200
+++ /var/tmp/diff_new_pack.s4Ha2e/_new  2018-07-06 10:48:26.214794501 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package lighttpd
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

++++++ lighttpd_1.4.49-1.1.debian.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/debian/conf-available/10-ssl.conf 
new/debian/conf-available/10-ssl.conf
--- old/debian/conf-available/10-ssl.conf       2017-01-14 22:07:19.000000000 
+0100
+++ new/debian/conf-available/10-ssl.conf       2018-04-06 13:43:17.000000000 
+0200
@@ -6,4 +6,7 @@
 
        ssl.cipher-list = 
"ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
        ssl.honor-cipher-order = "enable"
+       ## Allow TLS version 1.2 only, which is a recommended default these days
+       ## by international information security standards.
+       ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2")
 }

++++++ lighttpd_1.4.49-1.1.dsc ++++++
--- /var/tmp/diff_new_pack.s4Ha2e/_old  2018-07-06 10:48:26.434794239 +0200
+++ /var/tmp/diff_new_pack.s4Ha2e/_new  2018-07-06 10:48:26.434794239 +0200
@@ -30,14 +30,14 @@
  lighttpd-mod-vhostdb-pgsql deb httpd optional arch=any
  lighttpd-mod-webdav deb httpd optional arch=any
 Checksums-Sha1:
- 9e13d061cbae2f377a1a5bb24e13ccd9cba0bba6 710964 lighttpd_1.4.49.orig.tar.xz
- 09649373056f16c232f93133a3e85402ea182578 47024 
lighttpd_1.4.49-1.1.debian.tar.xz
+ 242ea14ca1b4c80c72ab4b7964875ac99f53fd81 725188 lighttpd_1.4.49.orig.tar.xz
+ c16230150405bf6c52960230339ec3ebec2f8296  47400 
lighttpd_1.4.49-1.1.debian.tar.xz
 Checksums-Sha256:
- aedf49d7127d9e4c0ea56618e9e945a17674dc46a37ac7990120f87dd939ce09 710964 
lighttpd_1.4.49.orig.tar.xz
- 7a1f3c82d5e5f16836ca42ba5497f2cd9bad15cf7e3a472bf055a3586798ccc9 47024 
lighttpd_1.4.49-1.1.debian.tar.xz
+ 9e26f417feff34f4d2901328bc273633b6d3a0d42f5d3dcd89d3b7e939384844 725188 
lighttpd_1.4.49.orig.tar.xz
+ a6e69c6d7900fe41e3302efc96ac733c30a1a55eabd82bb4ef5b7d0c90172515  47400 
lighttpd_1.4.49-1.1.debian.tar.xz
 Files:
- aaf8165379351c3766e5ad1e5c9dbe8b 710964 lighttpd_1.4.49.orig.tar.xz
- c68408a7ce7de7f7f3bbc5e411753d12 47024 lighttpd_1.4.49-1.1.debian.tar.xz
+ fa1ea87b602d067dac2225c49bdf595f 725188 lighttpd_1.4.49.orig.tar.xz
+ 9f9738803913c1c0254423fe014de048  47400 lighttpd_1.4.49-1.1.debian.tar.xz
 
 -----BEGIN PGP SIGNATURE-----
 

++++++ lighttpd_1.4.49.orig.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lighttpd-1.4.49/doc/config/lighttpd.conf 
new/lighttpd-1.4.49/doc/config/lighttpd.conf
--- old/lighttpd-1.4.49/doc/config/lighttpd.conf        2018-03-12 
01:52:20.000000000 +0100
+++ new/lighttpd-1.4.49/doc/config/lighttpd.conf        2018-04-06 
12:41:36.000000000 +0200
@@ -434,6 +434,11 @@
 ##
 #   ssl.disable-client-renegotiation = "enable"
 ##
+## Allow TLS version 1.2 only, which is a recommended default these days
+## by international information security standards.
+##
+#   ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2")
+
 ##   $SERVER["socket"] == "10.0.0.1:443" {
 ##     ssl.engine                  = "enable"
 ##     ssl.pemfile                 = "/etc/ssl/private/www.example.com.pem"

commit lighttpd for openSUSE:Factory

Reply via email to