Hello community, here is the log from the commit of package apache2 for openSUSE:Factory checked in at 2019-02-04 21:23:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache2 (Old) and /work/SRC/openSUSE:Factory/.apache2.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2" Mon Feb 4 21:23:25 2019 rev:153 rq:667841 version:2.4.38 Changes: -------- --- /work/SRC/openSUSE:Factory/apache2/apache2.changes 2019-01-15 13:16:21.532358537 +0100 +++ /work/SRC/openSUSE:Factory/.apache2.new.28833/apache2.changes 2019-02-04 21:23:29.131623991 +0100 @@ -1,0 +2,43 @@ +Fri Jan 18 15:12:08 UTC 2019 - Manu Maier <mman...@outlook.de> + +- updated to 2.4.38 + * mod_ssl: Clear retry flag before aborting client-initiated renegotiation. + PR 63052 [Joe Orton] + * mod_negotiation: Treat LanguagePriority as case-insensitive to match + AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet] + * mod_md: incorrect behaviour when synchronizing ongoing ACME challenges + have been fixed. [Michael Kaufmann, Stefan Eissing] + * mod_setenvif: We can have expressions that become true if a regex pattern + in the expression does NOT match. In this case val is NULL + and we should just set the value for the environment variable + like in the pattern case. [Ruediger Pluem] + * mod_session: Always decode session attributes early. [Hank Ibell] + * core: Incorrect values for environment variables are substituted when + multiple environment variables are specified in a directive. [Hank Ibell] + * mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when + this type of map is present in the configuration. PR62311. + [Hank Ibell <hwibell gmail.com>] + * mod_dav: Fix invalid Location header when a resource is created by + passing an absolute URI on the request line [Jim Jagielski] + * mod_session_cookie: avoid duplicate Set-Cookie header in the response. + [Emmanuel Dreyfus <m...@netbsd.org>, Luca Toscano] + * mod_ssl: clear *SSL errors before loading certificates and checking + afterwards. Otherwise errors are reported when other SSL using modules + are in play. Fixes PR 62880. [Michael Kaufmann] + * mod_ssl: Fix the error code returned in an error path of + 'ssl_io_filter_handshake()'. This messes-up error handling performed + in 'ssl_io_filter_error()' [Yann Ylavic] + * mod_ssl: Fix $HTTPS definition for "SSLEngine optional" case, and fix + authz provider so "Require ssl" works correctly in HTTP/2. + PR 61519, 62654. [Joe Orton, Stefan Eissing] + * mod_proxy: If ProxyPassReverse is used for reverse mapping of relative + redirects, subsequent ProxyPassReverse statements, whether they are + relative or absolute, may fail. PR 60408. [Peter Haworth <pmh1wheel gmail.com>] + * mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1] + +------------------------------------------------------------------- +Wed Jan 16 08:56:20 UTC 2019 - Arjen de Korte <suse+bu...@de-korte.org> + +- SSLProtocol use TLSv1.2 or higher + +------------------------------------------------------------------- Old: ---- httpd-2.4.37.tar.bz2 httpd-2.4.37.tar.bz2.asc New: ---- httpd-2.4.38.tar.bz2 httpd-2.4.38.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache2.spec ++++++ --- /var/tmp/diff_new_pack.ZYSp5F/_old 2019-02-04 21:23:31.667623371 +0100 +++ /var/tmp/diff_new_pack.ZYSp5F/_new 2019-02-04 21:23:31.667623371 +0100 @@ -65,7 +65,7 @@ %define build_http2 0 %endif Name: apache2 -Version: 2.4.37 +Version: 2.4.38 Release: 0 Summary: The Apache Web Server Version 2.4 License: Apache-2.0 ++++++ apache2-ssl-global.conf ++++++ --- /var/tmp/diff_new_pack.ZYSp5F/_old 2019-02-04 21:23:32.031623282 +0100 +++ /var/tmp/diff_new_pack.ZYSp5F/_new 2019-02-04 21:23:32.031623282 +0100 @@ -85,16 +85,16 @@ #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomSeed connect file:/dev/urandom 512 - # SSL protocols - # Allow TLS version 1.2 only, which is a recommended default these days - # by international information security standards. - SSLProtocol TLSv1.2 + # SSL protocols + # Allow TLS version 1.2 or higher, which is a recommended default + # these days by international information security standards. + SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. - # The magic string "DEFAULT_SUSE" expands to an openssl defined - # secure list of default ciphers. + # The magic string "DEFAULT_SUSE" expands to an openssl defined + # secure list of default ciphers. SSLCipherSuite DEFAULT_SUSE # SSLHonorCipherOrder ++++++ httpd-2.4.37.tar.bz2 -> httpd-2.4.38.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/apache2/httpd-2.4.37.tar.bz2 /work/SRC/openSUSE:Factory/.apache2.new.28833/httpd-2.4.38.tar.bz2 differ: char 11, line 1