Re: [RESULT] [VOTE] Release httpd-2.4.32

Reading backwards... +1 - deferring the announcement would be fine. We simply can't make 2.4.32 "disappear" as unreleased. On Fri, Mar 16, 2018 at 8:03 AM, Jim Jagielski wrote: > Just because it is released, doesn't mean we need to announce it. We > can easily release a quick

Re: Poll: increase OpenSSL version requirement for trunk?

For trunk/next only I support Yann's thoughts here. Within the ecosystem, do we actually worry about pairing 1.0.0 OpenSSL, pcre 6.x etc with 2.6.0 httpd? Is there any expectation that running SLES 11 will let you build modern packages? Or RHEL 5.x ... while in "extended" pseduo-support, RedHat

[NOTICE] Intent to T httpd-2.4.33 in the next few days

Hi, all; As the title says, I would like to T 2.4.33 as a quick followup to the error discovered in 2.4.32. Looking at STATUS, we have a few items with only one vote left. Depending on my own time this evening, I may be able to get them reviewed/voted/merged... but welcome anyone to do so.

Re: [RESULT] [VOTE] Release httpd-2.4.32

On 2018-03-16 08:03, Jim Jagielski wrote: Just because it is released, doesn't mean we need to announce it. We can easily release a quick 2.4.33 and announce *that*. 2.4.32 was/is just an un-announced release. Personally, I prefer this approach. I've been holding off on sending the

Re: Poll: increase OpenSSL version requirement for trunk?

Yann Ylavic in gmane.comp.apache.devel (Fri, 16 Mar 2018 13:34:55 +0100): >As already said on the other thread... > >On Fri, Mar 16, 2018 at 1:07 PM, Rainer Jung wrote: >> >> Do we have more data points? Opinions about increasing to 1.0.1? > >+1, and while at it I think I

Re: 2.4.17-dev crash libapr-1.dll

Below is written : We could now easily blame mod_security2 on this and case closed :-p This regression from 2015 is now solved with r1826556, was not a third-party module. Added it to the AL 2.4.32 builds.  Have reports that all is running now more stable. Thanks! On 23-9-2015 14:43,

Re: Trunk, 2.5/2.6 and 2.4 back ports (Re: svn commit: r1826862 - /httpd/httpd/branches/2.4.x/STATUS)

On Fri, Mar 16, 2018 at 9:01 AM, Jim Jagielski wrote: > > >> On Mar 15, 2018, at 4:39 PM, yla...@apache.org wrote: >> >> Author: ylavic >> Date: Thu Mar 15 20:39:42 2018 >> New Revision: 1826862 >> >> URL: http://svn.apache.org/viewvc?rev=1826862=rev >> Log: >> Makes sense,

Re: Poll: increase OpenSSL version requirement for trunk?

On Fri, Mar 16, 2018 at 8:50 AM, Rainer Jung wrote: > Am 16.03.2018 um 13:20 schrieb Eric Covener: >> >> On Fri, Mar 16, 2018 at 8:07 AM, Rainer Jung >> wrote: >>> >>> Last time we had the discussion was 2010/2011. >>> >>> We might increase

Re: [RESULT] [VOTE] Release httpd-2.4.32

Just because it is released, doesn't mean we need to announce it. We can easily release a quick 2.4.33 and announce *that*. 2.4.32 was/is just an un-announced release. > On Mar 15, 2018, at 2:51 PM, Christophe Jaillet > wrote: > > Le 15/03/2018 à 17:34, Yann

Trunk, 2.5/2.6 and 2.4 back ports (Re: svn commit: r1826862 - /httpd/httpd/branches/2.4.x/STATUS)

> On Mar 15, 2018, at 4:39 PM, yla...@apache.org wrote: > > Author: ylavic > Date: Thu Mar 15 20:39:42 2018 > New Revision: 1826862 > > URL: http://svn.apache.org/viewvc?rev=1826862=rev > Log: > Makes sense, withdrawing. > > Modified: >httpd/httpd/branches/2.4.x/STATUS > When we run

Re: Poll: increase OpenSSL version requirement for trunk?

Am 16.03.2018 um 13:20 schrieb Eric Covener: On Fri, Mar 16, 2018 at 8:07 AM, Rainer Jung wrote: Last time we had the discussion was 2010/2011. We might increase minimum OpenSSL version for everything newer than 2.4.x to OpenSSL 1.0.1. I think RHEL 6 and SLES11 both

Re: Poll: increase OpenSSL version requirement for trunk?

> I found this page > > https://www.suse.com/documentation/suse-best-practices/singlehtml/securitymodule/securitymodule.html > > which mentions >>the “SUSE Linux Enterprise 11 Security Module”, providing > enhancements to SUSE Linux Enterprise 11 SP3, and later SP4.<< > > The packages are in a

Re: Poll: increase OpenSSL version requirement for trunk?

On Fri, Mar 16, 2018 at 8:36 AM, Yann Ylavic wrote: > On Fri, Mar 16, 2018 at 1:34 PM, Yann Ylavic wrote: >> As already said on the other thread... >> >> On Fri, Mar 16, 2018 at 1:07 PM, Rainer Jung wrote: >>> >>> Do we have

Re: Poll: increase OpenSSL version requirement for trunk?

On Fri, Mar 16, 2018 at 1:34 PM, Yann Ylavic wrote: > As already said on the other thread... > > On Fri, Mar 16, 2018 at 1:07 PM, Rainer Jung wrote: >> >> Do we have more data points? Opinions about increasing to 1.0.1? > > +1, and while at it I

Re: mod_md OpenSSL version requirement 1.0.0

> Am 16.03.2018 um 13:33 schrieb Yann Ylavic : > > On Fri, Mar 16, 2018 at 1:11 PM, Eric Covener wrote: >> On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing >> wrote: >>> Hi Rainer, >>> >>> thanks for solving this issue.

Re: Poll: increase OpenSSL version requirement for trunk?

As already said on the other thread... On Fri, Mar 16, 2018 at 1:07 PM, Rainer Jung wrote: > > Do we have more data points? Opinions about increasing to 1.0.1? +1, and while at it I think I think we should even require 1.0.2 (if possible) since 1.0.1 in no longer

Re: mod_md OpenSSL version requirement 1.0.0

On Fri, Mar 16, 2018 at 1:11 PM, Eric Covener wrote: > On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing > wrote: >> Hi Rainer, >> >> thanks for solving this issue. The version check indeed was missing. I do >> not think supporting ACME on servers

Re: Poll: increase OpenSSL version requirement for trunk?

Am 16.03.2018 um 13:20 schrieb Eric Covener: On Fri, Mar 16, 2018 at 8:07 AM, Rainer Jung wrote: Last time we had the discussion was 2010/2011. We might increase minimum OpenSSL version for everything newer than 2.4.x to OpenSSL 1.0.1. I think RHEL 6 and SLES11 both

Re: Poll: increase OpenSSL version requirement for trunk?

On Fri, Mar 16, 2018 at 8:07 AM, Rainer Jung wrote: > Last time we had the discussion was 2010/2011. > > We might increase minimum OpenSSL version for everything newer than 2.4.x to > OpenSSL 1.0.1. > > I think RHEL 6 and SLES11 both provide OpenSSL 1.0.1 at least as an >

Re: mod_md OpenSSL version requirement 1.0.0

On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing wrote: > Hi Rainer, > > thanks for solving this issue. The version check indeed was missing. I do not > think supporting ACME on servers with such old OpenSSL is really something to > strive for. I'd have settled for

Poll: increase OpenSSL version requirement for trunk?

Last time we had the discussion was 2010/2011. We might increase minimum OpenSSL version for everything newer than 2.4.x to OpenSSL 1.0.1. I think RHEL 6 and SLES11 both provide OpenSSL 1.0.1 at least as an alternative. RHEL 7 and SLES 12 still seems to be at 1.0.1 (at least without service

Re: mod_md OpenSSL version requirement 1.0.0

Hi Rainer, thanks for solving this issue. The version check indeed was missing. I do not think supporting ACME on servers with such old OpenSSL is really something to strive for. I'd have settled for a check von 1.0.2 even. If your changed check makes it working for 1.0.1 also, that's fine.

Re: mod_md OpenSSL version requirement 1.0.0

Am 16.03.2018 um 12:21 schrieb Rainer Jung: It seems mod_md (trunk and 2.4, currently identical) needs OpenSSL 1.0.2 (for ASN1_TIME_diff), but with a small change (using the already existing LIBRESSL alternative code) it only needs 1.0.0. Since we still support 0.9.8a+ for 2.4.x and trunk, I

mod_md OpenSSL version requirement 1.0.0

It seems mod_md (trunk and 2.4, currently identical) needs OpenSSL 1.0.2 (for ASN1_TIME_diff), but with a small change (using the already existing LIBRESSL alternative code) it only needs 1.0.0. Since we still support 0.9.8a+ for 2.4.x and trunk, I think we need to add a version check to

Re: svn commit: r1826279 - /httpd/httpd/branches/2.4.x/STATUS

Hi Joe, 2018-03-16 10:38 GMT+01:00 Joe Orton : > On Thu, Mar 08, 2018 at 11:05:29PM +0100, Yann Ylavic wrote: > > On Thu, Mar 8, 2018 at 11:00 PM, wrote: > > > > > >*) mod_access_compat, mod_authz_host: Prevent access control > misconfiguration > > >

Re: svn commit: r1826279 - /httpd/httpd/branches/2.4.x/STATUS

On Thu, Mar 08, 2018 at 11:05:29PM +0100, Yann Ylavic wrote: > On Thu, Mar 8, 2018 at 11:00 PM, wrote: > > > >*) mod_access_compat, mod_authz_host: Prevent access control > > misconfiguration > > due to interpretation of #comments in Require host or Allow/Deny > >

Re: [RESULT] [VOTE] Release httpd-2.4.32

William A Rowe Jr in gmane.comp.apache.devel (Fri, 16 Mar 2018 00:17:45 -0500): >That still leaves the headache of fallback-to-release when a candidate on >these many projects isn't present (actually, the smart election between >candidate and release if both exist!) But great pointer, TY! The