commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2019-07-04 15:42:57
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new.4615 (New)
Package is "apache2-mod_fcgid"
Thu Jul 4 15:42:57 2019 rev:31 rq:713070 version:2.3.9
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2017-05-20 10:14:27.713112995 +0200
+++
/work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new.4615/apache2-mod_fcgid.changes
2019-07-04 15:42:58.814081906 +0200
@@ -1,0 +2,5 @@
+Tue Jun 25 13:53:57 UTC 2019 - pgaj...@suse.com
+
+- test via apache-rex instead
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.GjbRhu/_old 2019-07-04 15:42:59.738083350 +0200
+++ /var/tmp/diff_new_pack.GjbRhu/_new 2019-07-04 15:42:59.738083350 +0200
@@ -1,7 +1,7 @@
#
# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -20,7 +20,7 @@
Version:2.3.9
Release:0
Summary:Alternative FastCGI module for Apache2
-License:GPL-2.0+
+License:GPL-2.0-or-later
Group: Productivity/Networking/Web/Servers
Url:http://httpd.apache.org/mod_fcgid/
Source:
http://mirror.synyx.de/apache/httpd/mod_fcgid/mod_fcgid-%{version}.tar.bz2
@@ -31,7 +31,8 @@
BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
# for testing
-BuildRequires: curl
+BuildRequires: apache-rex
+%apache_rex_deps
BuildRequires: perl-FastCGI
Requires: %{apache_mmn}
Requires: %{apache_suse_maintenance_mmn}
@@ -67,62 +68,7 @@
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/apache2/fcgid/
%check
-set +x
-mkdir -p %{apache_test_module_dir}
-# create test configuration
-cp %{SOURCE1} %{apache_test_module_dir}/mod_fcgid-test.conf
-cat << EOF > %{apache_test_module_dir}/mod_fcgid-test-access.conf
-LogLevel debug
-
- SetHandler fcgid-script
- Options +ExecCGI
-%if 0%{?apache_access_syntax_version} >= 24
- Require local
-%else
- Allow from localhost
-%endif
-
-EOF
-mkdir -p "%{apache_test_module_dir}%{_localstatedir}/lib/apache2/fcgid/"
-sed -i
"s:%{_localstatedir}/lib:%{apache_test_module_dir}%{_localstatedir}/lib:"
%{apache_test_module_dir}/mod_fcgid-test.conf
-mkdir -p %{apache_test_module_dir}/htdocs/fcgi-bin/
-# create a fcgi script
-cat << 'EOF' > %{apache_test_module_dir}/htdocs/fcgi-bin/showenv.pl
-#!/usr/bin/perl
-use FCGI;
-my $request = FCGI::Request();
-while ($request->Accept() >= 0) {
- print "Content-Type: text/plain\r\n\r\n";
- foreach my $env (keys %ENV) {
-print "env $env = $ENV{$env}\n";
- }
- print STDERR 'request received'
-}
-EOF
-chmod 755 %{apache_test_module_dir}/htdocs/fcgi-bin/showenv.pl
-# start apache
-%apache_test_module_start_apache -m fcgid -i
mod_fcgid-test.conf:mod_fcgid-test-access.conf
-# get the document
-%apache_test_module_curl -d /fcgi-bin/showenv.pl -o
%{apache_test_module_dir}/output.txt
-# check the output
-echo
-echo 'Testing /fcgi-bin/showenv.pl output'
-exit_code=0
-grep 'HTTP_ACCEPT' %{apache_test_module_dir}/output.txt || exit_code=1
-grep 'REQUEST_METHOD'%{apache_test_module_dir}/output.txt || exit_code=1
-echo 'The output from stderr was logged in error_log'
-grep 'request received' %{apache_test_module_dir}/error_log || exit_code=2
-if [ $exit_code -eq 0 ]; then
- echo 'SUCCESS'
-else
- echo 'FAILED, error_log:'
- cat %{apache_test_module_dir}/error_log
-fi
-echo
-# stop apache
-%apache_test_module_stop_apache
-set -x
-exit $exit_code
+%apache_rex_check -m modules/fcgid/.libs mod_fcgid-basic
%files
%defattr(-,root,root)
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2017-05-20 10:14:25
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Sat May 20 10:14:25 2017 rev:30 rq:496536 version:2.3.9
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2017-03-24 02:21:58.577333270 +0100
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2017-05-20 10:14:27.713112995 +0200
@@ -1,0 +2,6 @@
+Fri May 12 08:28:07 UTC 2017 - pgaj...@suse.com
+
+- amend example in %check to see how output to stderr get
+ logged in error_log
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.COXsah/_old 2017-05-20 10:14:28.305029363 +0200
+++ /var/tmp/diff_new_pack.COXsah/_new 2017-05-20 10:14:28.305029363 +0200
@@ -96,6 +96,7 @@
foreach my $env (keys %ENV) {
print "env $env = $ENV{$env}\n";
}
+ print STDERR 'request received'
}
EOF
chmod 755 %{apache_test_module_dir}/htdocs/fcgi-bin/showenv.pl
@@ -109,6 +110,8 @@
exit_code=0
grep 'HTTP_ACCEPT'%{apache_test_module_dir}/output.txt || exit_code=1
grep 'REQUEST_METHOD' %{apache_test_module_dir}/output.txt || exit_code=1
+echo 'The output from stderr was logged in error_log'
+grep 'request received' %{apache_test_module_dir}/error_log || exit_code=2
if [ $exit_code -eq 0 ]; then
echo 'SUCCESS'
else
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2017-03-24 02:21:57
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Fri Mar 24 02:21:57 2017 rev:29 rq:481666 version:2.3.9
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2016-07-30 00:28:27.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2017-03-24 02:21:58.577333270 +0100
@@ -1,0 +2,5 @@
+Mon Mar 13 11:01:22 UTC 2017 - pgaj...@suse.com
+
+- add a true example to %check
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.ffQtws/_old 2017-03-24 02:21:59.145252913 +0100
+++ /var/tmp/diff_new_pack.ffQtws/_new 2017-03-24 02:21:59.149252347 +0100
@@ -1,7 +1,7 @@
#
# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -30,6 +30,9 @@
Patch1: mod_fcgid-2.3.9-CVE-2016-1000104.patch
BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
+# for testing
+BuildRequires: curl
+BuildRequires: perl-FastCGI
Requires: %{apache_mmn}
Requires: %{apache_suse_maintenance_mmn}
Requires: apache2
@@ -66,11 +69,57 @@
%check
set +x
mkdir -p %{apache_test_module_dir}
+# create test configuration
cp %{SOURCE1} %{apache_test_module_dir}/mod_fcgid-test.conf
+cat << EOF > %{apache_test_module_dir}/mod_fcgid-test-access.conf
+LogLevel debug
+
+ SetHandler fcgid-script
+ Options +ExecCGI
+%if 0%{?apache_access_syntax_version} >= 24
+ Require local
+%else
+ Allow from localhost
+%endif
+
+EOF
mkdir -p "%{apache_test_module_dir}%{_localstatedir}/lib/apache2/fcgid/"
sed -i
"s:%{_localstatedir}/lib:%{apache_test_module_dir}%{_localstatedir}/lib:"
%{apache_test_module_dir}/mod_fcgid-test.conf
-%apache_test_module_load -m fcgid -i mod_fcgid-test.conf
+mkdir -p %{apache_test_module_dir}/htdocs/fcgi-bin/
+# create a fcgi script
+cat << 'EOF' > %{apache_test_module_dir}/htdocs/fcgi-bin/showenv.pl
+#!/usr/bin/perl
+use FCGI;
+my $request = FCGI::Request();
+while ($request->Accept() >= 0) {
+ print "Content-Type: text/plain\r\n\r\n";
+ foreach my $env (keys %ENV) {
+print "env $env = $ENV{$env}\n";
+ }
+}
+EOF
+chmod 755 %{apache_test_module_dir}/htdocs/fcgi-bin/showenv.pl
+# start apache
+%apache_test_module_start_apache -m fcgid -i
mod_fcgid-test.conf:mod_fcgid-test-access.conf
+# get the document
+%apache_test_module_curl -d /fcgi-bin/showenv.pl -o
%{apache_test_module_dir}/output.txt
+# check the output
+echo
+echo 'Testing /fcgi-bin/showenv.pl output'
+exit_code=0
+grep 'HTTP_ACCEPT'%{apache_test_module_dir}/output.txt || exit_code=1
+grep 'REQUEST_METHOD' %{apache_test_module_dir}/output.txt || exit_code=1
+if [ $exit_code -eq 0 ]; then
+ echo 'SUCCESS'
+else
+ echo 'FAILED, error_log:'
+ cat %{apache_test_module_dir}/error_log
+fi
+echo
+# stop apache
+%apache_test_module_stop_apache
set -x
+exit $exit_code
%files
%defattr(-,root,root)
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2016-07-30 00:28:26
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2015-09-24 06:14:20.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2016-07-30 00:28:27.0 +0200
@@ -1,0 +2,8 @@
+Wed Jul 27 13:35:31 UTC 2016 - kstreit...@suse.com
+
+- add mod_fcgid-2.3.9-CVE-2016-1000104.patch - don't allow setting
+ the HTTP_PROXY environment variable from a http header
+ [CVE-2016-1000104], [bsc#988492]
+- run spec-cleaner to clean specfile
+
+---
New:
mod_fcgid-2.3.9-CVE-2016-1000104.patch
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.yttzrI/_old 2016-07-30 00:28:28.0 +0200
+++ /var/tmp/diff_new_pack.yttzrI/_new 2016-07-30 00:28:28.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,30 +17,26 @@
Name: apache2-mod_fcgid
-#
Version:2.3.9
Release:0
-#
Summary:Alternative FastCGI module for Apache2
License:GPL-2.0+
Group: Productivity/Networking/Web/Servers
-#
Url:http://httpd.apache.org/mod_fcgid/
Source:
http://mirror.synyx.de/apache/httpd/mod_fcgid/mod_fcgid-%{version}.tar.bz2
Source1:apache2-mod_fcgid.conf
Patch0: mod_fcgid-2.3.5_suse_paths.patch
+# PATCH-FIX-UPSTREAM bsc#988492 kstreit...@suse.com -- don't allow setting the
HTTP_PROXY variable
+Patch1: mod_fcgid-2.3.9-CVE-2016-1000104.patch
BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
Requires: %{apache_mmn}
Requires: %{apache_suse_maintenance_mmn}
Requires: apache2
-#
-#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
-A binary compatibile alternative to the Apache
-module mod_fastcgi.
+A binary compatibile alternative to the Apache module mod_fastcgi.
The module implements an efficient process pool management for external
CGI program invocation. The pool of CGI programs is mapped against the
@@ -56,13 +52,14 @@
%prep
%setup -q -n mod_fcgid-%{version}
%patch0
+%patch1 -p1
%build
APXS="%{apache_apxs}-prefork" ./configure.apxs
make %{?_smp_mflags}
%install
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+make %{?_smp_mflags} DESTDIR=%{buildroot} install
install -D -m 0644 %{SOURCE1}
%{buildroot}%{apache_sysconfdir}/conf.d/mod_fcgid.conf
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/apache2/fcgid/
@@ -70,8 +67,8 @@
set +x
mkdir -p %{apache_test_module_dir}
cp %{SOURCE1} %{apache_test_module_dir}/mod_fcgid-test.conf
-mkdir -p "%{apache_test_module_dir}/var/lib/apache2/fcgid/"
-sed -i "s:/var/lib:%{apache_test_module_dir}/var/lib:"
%{apache_test_module_dir}/mod_fcgid-test.conf
+mkdir -p "%{apache_test_module_dir}%{_localstatedir}/lib/apache2/fcgid/"
+sed -i
"s:%{_localstatedir}/lib:%{apache_test_module_dir}%{_localstatedir}/lib:"
%{apache_test_module_dir}/mod_fcgid-test.conf
%apache_test_module_load -m fcgid -i mod_fcgid-test.conf
set -x
++ mod_fcgid-2.3.9-CVE-2016-1000104.patch ++
Index: mod_fcgid-2.3.9/modules/fcgid/mod_fcgid.c
===
--- mod_fcgid-2.3.9.orig/modules/fcgid/mod_fcgid.c
+++ mod_fcgid-2.3.9/modules/fcgid/mod_fcgid.c
@@ -155,9 +155,15 @@ static void fcgid_add_cgi_vars(request_r
* consistent with legacy mod_fcgid behavior and mod_fastcgi
* prior to 2.4.7
*/
-apr_table_setn(r->subprocess_env, *hdr, val);
-/* standard munging of header name (upcase, HTTP_, etc.) */
-apr_table_setn(r->subprocess_env, http2env(r->pool, *hdr),
val);
+/* boo#988492 httpoxy don't set HTTP_PROXY */
+if ( strcasecmp(*hdr, "HTTP_PROXY") != 0 && strcasecmp(*hdr,
"HTTP-PROXY") != 0) {
+apr_table_setn(r->subprocess_env, *hdr, val);
+}
+/* boo#988492 httpoxy don't set HTTP_PROXY */
+if ( strcasecmp(*hdr, "PROXY") != 0 ) {
+/* standard munging o
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2015-09-24 06:14:19
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2015-07-20 11:21:21.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2015-09-24 06:14:20.0 +0200
@@ -1,0 +2,5 @@
+Thu Sep 3 11:11:14 UTC 2015 - pgaj...@suse.com
+
+- test module with %apache_test_module_load
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.mIU7UV/_old 2015-09-24 06:14:21.0 +0200
+++ /var/tmp/diff_new_pack.mIU7UV/_new 2015-09-24 06:14:21.0 +0200
@@ -66,6 +66,15 @@
install -D -m 0644 %{SOURCE1}
%{buildroot}%{apache_sysconfdir}/conf.d/mod_fcgid.conf
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/apache2/fcgid/
+%check
+set +x
+mkdir -p %{apache_test_module_dir}
+cp %{SOURCE1} %{apache_test_module_dir}/mod_fcgid-test.conf
+mkdir -p "%{apache_test_module_dir}/var/lib/apache2/fcgid/"
+sed -i "s:/var/lib:%{apache_test_module_dir}/var/lib:"
%{apache_test_module_dir}/mod_fcgid-test.conf
+%apache_test_module_load -m fcgid -i mod_fcgid-test.conf
+set -x
+
%files
%defattr(-,root,root)
%{apache_libexecdir}/mod_fcgid.so
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2015-07-20 11:21:19
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2014-11-12 00:22:38.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2015-07-20 11:21:21.0 +0200
@@ -1,0 +2,7 @@
+Thu Jul 16 07:22:02 UTC 2015 - pgaj...@suse.com
+
+- Requries: %{apache_suse_maintenance_mmn}
+ This will pull this module to the update (in released distribution)
+ when apache maintainer thinks it is good (due api/abi changes).
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.6BTVYb/_old 2015-07-20 11:21:22.0 +0200
+++ /var/tmp/diff_new_pack.6BTVYb/_new 2015-07-20 11:21:22.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -32,6 +32,7 @@
BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
Requires: %{apache_mmn}
+Requires: %{apache_suse_maintenance_mmn}
Requires: apache2
#
#
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2014-11-12 00:22:12
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2013-11-07 08:33:57.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2014-11-12 00:22:38.0 +0100
@@ -1,0 +2,6 @@
+Fri Oct 31 09:32:42 UTC 2014 - pgaj...@suse.com
+
+- call spec-cleaner
+- use apache rpm macros
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.4tGonh/_old 2014-11-12 00:22:39.0 +0100
+++ /var/tmp/diff_new_pack.4tGonh/_new 2014-11-12 00:22:39.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,33 +17,25 @@
Name: apache2-mod_fcgid
-%define apache_branch %(rpm -q --qf %%{version} apache2 | grep -E -o
"2\\.[0-9]+")
-%if "%{apache_branch}" == "2.4"
- %define apxs %{_bindir}/apxs2
-%else
- %define apxs %{_sbindir}/apxs2
-%endif
-%defineapache_libexecdir %(%{apxs} -q LIBEXECDIR)
-%defineapache_sysconfdir %(%{apxs} -q SYSCONFDIR)
-%define apache_mmn%(MMN=$(%{apxs} -q LIBEXECDIR)_MMN; test -x $MMN &&
$MMN)
#
Version:2.3.9
Release:0
#
+Summary:Alternative FastCGI module for Apache2
+License:GPL-2.0+
+Group: Productivity/Networking/Web/Servers
#
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+Url:http://httpd.apache.org/mod_fcgid/
+Source:
http://mirror.synyx.de/apache/httpd/mod_fcgid/mod_fcgid-%{version}.tar.bz2
+Source1:apache2-mod_fcgid.conf
+Patch0: mod_fcgid-2.3.5_suse_paths.patch
+BuildRequires: apache-rpm-macros
BuildRequires: apache2-devel
Requires: %{apache_mmn}
Requires: apache2
#
-Url:http://httpd.apache.org/mod_fcgid/
-Source:
http://mirror.synyx.de/apache/httpd/mod_fcgid/mod_fcgid-%{version}.tar.bz2
-Source1:apache2-mod_fcgid.conf
-Patch: mod_fcgid-2.3.5_suse_paths.patch
#
-Summary:Alternative FastCGI module for Apache2
-License:GPL-2.0+
-Group: Productivity/Networking/Web/Servers
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
A binary compatibile alternative to the Apache
@@ -57,21 +49,21 @@
To load the module into Apache, run the command "a2enmod fcgid" as
root.
-See /etc/apache2/conf.d/mod_fcgid.conf and
-/usr/share/doc/packages/apache2-mod_fcgid for configuration.
+See %{_sysconfdir}/apache2/conf.d/mod_fcgid.conf and
+%{_docdir}/apache2-mod_fcgid for configuration.
%prep
-%setup -n mod_fcgid-%{version}
-%patch
+%setup -q -n mod_fcgid-%{version}
+%patch0
%build
-APXS="%{apxs}-prefork" ./configure.apxs
+APXS="%{apache_apxs}-prefork" ./configure.apxs
make %{?_smp_mflags}
%install
-%makeinstall
-%{__install} -D -m 0644 %{S:1}
%{buildroot}%{apache_sysconfdir}/conf.d/mod_fcgid.conf
-%{__install} -d -m 0755 %{buildroot}/var/lib/apache2/fcgid/
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
+install -D -m 0644 %{SOURCE1}
%{buildroot}%{apache_sysconfdir}/conf.d/mod_fcgid.conf
+install -d -m 0755 %{buildroot}%{_localstatedir}/lib/apache2/fcgid/
%files
%defattr(-,root,root)
@@ -81,6 +73,6 @@
%dir %{_datadir}/apache2/manual/
%dir %{_datadir}/apache2/manual/mod/
%{_datadir}/apache2/manual/mod/mod_fcgid*
-%attr(750,wwwrun,www) /var/lib/apache2/fcgid/
+%attr(750,wwwrun,www) %{_localstatedir}/lib/apache2/fcgid/
%changelog
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2013-11-07 08:33:56
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2013-03-12 22:36:29.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2013-11-07 08:33:57.0 +0100
@@ -1,0 +2,23 @@
+Wed Nov 6 14:03:05 CET 2013 - dr...@suse.de
+
+- update to 2.3.9:
+ + obsoletes apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff
+and fixes CVE-2013-4365 [bnc#844935] (heap overflow).
+The heap overflow discovery and fix was done by
+Robert Matthews .
+ + quoting and spaces parsing correction for FcgidWrapper directive
+and commandline options.
+ + logging improvements for access controls
+ + remove redundant processing of Location headers when running in
+FCGI_AUTHORIZER mode
+
+---
+Mon Oct 21 15:05:29 CEST 2013 - dr...@suse.de
+
+- Intermediate fix for openSUSE:Factory eg. openSUSE:13.1:
+ apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff fixes a heap
+ overflow identified by CVE-2013-4365 [bnc#844935].
+ This patch will be obsoleted by the next version update (to
+ 2.3.9 or higher).
+
+---
Old:
mod_fcgid-2.3.7.tar.bz2
New:
mod_fcgid-2.3.9.tar.bz2
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.JRrJbV/_old 2013-11-07 08:33:58.0 +0100
+++ /var/tmp/diff_new_pack.JRrJbV/_new 2013-11-07 08:33:58.0 +0100
@@ -27,7 +27,7 @@
%defineapache_sysconfdir %(%{apxs} -q SYSCONFDIR)
%define apache_mmn%(MMN=$(%{apxs} -q LIBEXECDIR)_MMN; test -x $MMN &&
$MMN)
#
-Version:2.3.7
+Version:2.3.9
Release:0
#
#
@@ -46,12 +46,13 @@
Group: Productivity/Networking/Web/Servers
%description
-What is mod_fcgid? It is a binary compatibility alternative to Apache
+A binary compatibile alternative to the Apache
module mod_fastcgi.
-mod_fcgid has a new process management strategy, which concentrates on
-reducing the number of fastcgi server, and kick out the corrupt fastcgi
-server as soon as possible.
+The module implements an efficient process pool management for external
+CGI program invocation. The pool of CGI programs is mapped against the
+pool of apache workers in such way that there is always a weighted number
+of programs waiting for requests in the pool.
To load the module into Apache, run the command "a2enmod fcgid" as
root.
++ mod_fcgid-2.3.7.tar.bz2 -> mod_fcgid-2.3.9.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mod_fcgid-2.3.7/CHANGES-FCGID
new/mod_fcgid-2.3.9/CHANGES-FCGID
--- old/mod_fcgid-2.3.7/CHANGES-FCGID 2012-04-10 06:27:08.0 +0200
+++ new/mod_fcgid-2.3.9/CHANGES-FCGID 2013-10-04 03:53:35.0 +0200
@@ -1,4 +1,35 @@
-*- coding: utf-8 -*-
+Changes with mod_fcgid 2.3.9
+
+ *) Revert fix for PR 53693, added in 2.3.8 but undocumented. Fix
+ issues with a minor optimization added in 2.3.8. [Jeff Trawick]
+
+Changes with mod_fcgid 2.3.8
+
+ *) SECURITY: CVE-2013-4365 (cve.mitre.org)
+ Fix possible heap buffer overwrite. Reported and solved by:
+ [Robert Matthews ]
+
+ *) Add experimental cmake-based build system for Windows. [Jeff Trawick]
+
+ *) Correctly parse quotation and escaped spaces in FcgidWrapper and the
+ AAA Authenticator/Authorizor/Access directives' command line argument,
+ as currently documented. PR 51194 [William Rowe]
+
+ *) Honor quoted FcgidCmdOptions arguments (notably for InitialEnv
+ assignments). PR 51657 [William Rowe]
+
+ *) Conform script response parsing with mod_cgid and ensure no response
+ body is sent when ap_meets_conditions() determines that request
+ conditions are met. [Chris Darroch]
+
+ *) Improve logging in access control hook functions. [Chris Darroch]
+
+ *) Avoid making internal sub-requests and processing Location headers
+ when in FCGI_AUTHORIZER mode, as the auth hook functions already
+ treat Location headers returned by scripts as an error since
+ redirections are not meaningful in this mode. [Chris Darroch]
+
Changes with mod_fcgid 2.3.7
*) Introduce FcgidWin32PreventOrphans directive on Windows to use OS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2013-03-12 22:36:27
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid", Maintainer is "dr...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2013-01-29 12:01:41.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2013-03-12 22:36:29.0 +0100
@@ -1,0 +2,19 @@
+Tue Mar 12 16:35:46 UTC 2013 - dims...@opensuse.org
+
+- Update to version 2.3.7:
+ + Introduce FcgidWin32PreventOrphans directive on Windows to use
+OS Job Control Objects to terminate all running fcgi's when the
+worker process has been abruptly terminated.
+ + Periodically clean out the brigades which are pulling in the
+request body for handoff to the fcgid child.
+ + Resolve crash during graceful restarts.
+ + Solve latency/cogestion of resolving effective user file access
+rights when no such info is desired, for config related
+filename stats.
+ + Fix regression in 2.3.6 which broke process controls when using
+vhost-specific configuration.
+ + Account for first process in class in the spawn score.
+- Really fix build with apache 2.4: redefining apxs to %{_sbindir}
+ after the branch-check is just wrong.
+
+---
Old:
mod_fcgid-2.3.6.tar.bz2
New:
mod_fcgid-2.3.7.tar.bz2
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.OXUr0D/_old 2013-03-12 22:36:38.0 +0100
+++ /var/tmp/diff_new_pack.OXUr0D/_new 2013-03-12 22:36:38.0 +0100
@@ -23,12 +23,11 @@
%else
%define apxs %{_sbindir}/apxs2
%endif
-%defineapxs/usr/sbin/apxs2
%defineapache_libexecdir %(%{apxs} -q LIBEXECDIR)
%defineapache_sysconfdir %(%{apxs} -q SYSCONFDIR)
%define apache_mmn%(MMN=$(%{apxs} -q LIBEXECDIR)_MMN; test -x $MMN &&
$MMN)
#
-Version:2.3.6
+Version:2.3.7
Release:0
#
#
++ mod_fcgid-2.3.6.tar.bz2 -> mod_fcgid-2.3.7.tar.bz2 ++
2386 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2013-01-29 12:01:39
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid", Maintainer is "dr...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2012-02-21 12:14:43.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2013-01-29 12:01:41.0 +0100
@@ -1,0 +2,6 @@
+Mon Jan 28 19:18:09 UTC 2013 - dims...@opensuse.org
+
+- Fix build with apache 2.4: apxs2 moved from %{_sbindir} to
+ %{_bindir}.
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.WdNBFc/_old 2013-01-29 12:01:42.0 +0100
+++ /var/tmp/diff_new_pack.WdNBFc/_new 2013-01-29 12:01:42.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,6 +17,12 @@
Name: apache2-mod_fcgid
+%define apache_branch %(rpm -q --qf %%{version} apache2 | grep -E -o
"2\\.[0-9]+")
+%if "%{apache_branch}" == "2.4"
+ %define apxs %{_bindir}/apxs2
+%else
+ %define apxs %{_sbindir}/apxs2
+%endif
%defineapxs/usr/sbin/apxs2
%defineapache_libexecdir %(%{apxs} -q LIBEXECDIR)
%defineapache_sysconfdir %(%{apxs} -q SYSCONFDIR)
@@ -28,7 +34,8 @@
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: apache2-devel
-Requires: apache2 %{apache_mmn}
+Requires: %{apache_mmn}
+Requires: apache2
#
Url:http://httpd.apache.org/mod_fcgid/
Source:
http://mirror.synyx.de/apache/httpd/mod_fcgid/mod_fcgid-%{version}.tar.bz2
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit apache2-mod_fcgid for openSUSE:Factory
Hello community,
here is the log from the commit of package apache2-mod_fcgid for
openSUSE:Factory checked in at 2012-02-21 12:14:41
Comparing /work/SRC/openSUSE:Factory/apache2-mod_fcgid (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new (New)
Package is "apache2-mod_fcgid", Maintainer is "dr...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/apache2-mod_fcgid/apache2-mod_fcgid.changes
2011-09-23 01:51:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2-mod_fcgid.new/apache2-mod_fcgid.changes
2012-02-21 12:14:43.0 +0100
@@ -1,0 +2,11 @@
+Mon Feb 13 10:44:06 UTC 2012 - co...@suse.com
+
+- patch license to follow spdx.org standard
+
+---
+Sat Sep 17 11:16:14 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant tags/sections from specfile
+- Use %_smp_mflags for parallel build
+
+---
Other differences:
--
++ apache2-mod_fcgid.spec ++
--- /var/tmp/diff_new_pack.vhVwWx/_old 2012-02-21 12:14:46.0 +0100
+++ /var/tmp/diff_new_pack.vhVwWx/_new 2012-02-21 12:14:46.0 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package apache2-mod_fcgid (Version 2.3.6)
+# spec file for package apache2-mod_fcgid
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,8 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-# norootforbuild
-
Name: apache2-mod_fcgid
%defineapxs/usr/sbin/apxs2
@@ -25,10 +23,8 @@
%define apache_mmn%(MMN=$(%{apxs} -q LIBEXECDIR)_MMN; test -x $MMN &&
$MMN)
#
Version:2.3.6
-Release:1
+Release:0
#
-Group: Productivity/Networking/Web/Servers
-License:GPLv2+
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: apache2-devel
@@ -40,6 +36,8 @@
Patch: mod_fcgid-2.3.5_suse_paths.patch
#
Summary:Alternative FastCGI module for Apache2
+License:GPL-2.0+
+Group: Productivity/Networking/Web/Servers
%description
What is mod_fcgid? It is a binary compatibility alternative to Apache
@@ -55,28 +53,19 @@
See /etc/apache2/conf.d/mod_fcgid.conf and
/usr/share/doc/packages/apache2-mod_fcgid for configuration.
-
-
-Authors:
-
-Pan qingfeng
-
%prep
%setup -n mod_fcgid-%{version}
%patch
%build
APXS="%{apxs}-prefork" ./configure.apxs
-%{__make}
+make %{?_smp_mflags}
%install
%makeinstall
%{__install} -D -m 0644 %{S:1}
%{buildroot}%{apache_sysconfdir}/conf.d/mod_fcgid.conf
%{__install} -d -m 0755 %{buildroot}/var/lib/apache2/fcgid/
-%clean
-%{__rm} -rf %{buildroot}
-
%files
%defattr(-,root,root)
%{apache_libexecdir}/mod_fcgid.so
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
