Package Release Info

apache2-mod_fcgid-2.3.9-bp150.2.3

Update Info: Base Release
Available in Package Hub : 15

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

apache2-mod_fcgid

Change Logs

Version: 2.3.9-2.2
* Wed Jul 27 2016 kstreitova@suse.com
- add mod_fcgid-2.3.9-CVE-2016-1000104.patch - don't allow setting
  the HTTP_PROXY environment variable from a http header
  [CVE-2016-1000104], [bsc#988492]
- run spec-cleaner to clean specfile
* Thu Sep 03 2015 pgajdos@suse.com
- test module with %apache_test_module_load
* Thu Jul 16 2015 pgajdos@suse.com
- Requries: %{apache_suse_maintenance_mmn}
  This will pull this module to the update (in released distribution)
  when apache maintainer thinks it is good (due api/abi changes).
* Fri Oct 31 2014 pgajdos@suse.com
- call spec-cleaner
- use apache rpm macros
* Wed Nov 06 2013 draht@suse.de
- update to 2.3.9:
  + obsoletes apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff
    and fixes CVE-2013-4365 [bnc#844935] (heap overflow).
    The heap overflow discovery and fix was done by
    Robert Matthews <rob tigertech.com>.
  + quoting and spaces parsing correction for FcgidWrapper directive
    and commandline options.
  + logging improvements for access controls
  + remove redundant processing of Location headers when running in
    FCGI_AUTHORIZER mode
* Mon Oct 21 2013 draht@suse.de
- Intermediate fix for openSUSE:Factory eg. openSUSE:13.1:
  apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff fixes a heap
  overflow identified by CVE-2013-4365 [bnc#844935].
  This patch will be obsoleted by the next version update (to
  2.3.9 or higher).
* Tue Mar 12 2013 dimstar@opensuse.org
- Update to version 2.3.7:
  + Introduce FcgidWin32PreventOrphans directive on Windows to use
    OS Job Control Objects to terminate all running fcgi's when the
    worker process has been abruptly terminated.
  + Periodically clean out the brigades which are pulling in the
    request body for handoff to the fcgid child.
  + Resolve crash during graceful restarts.
  + Solve latency/cogestion of resolving effective user file access
    rights when no such info is desired, for config related
    filename stats.
  + Fix regression in 2.3.6 which broke process controls when using
    vhost-specific configuration.
  + Account for first process in class in the spawn score.
- Really fix build with apache 2.4: redefining apxs to %{_sbindir}
  after the branch-check is just wrong.
* Mon Jan 28 2013 dimstar@opensuse.org
- Fix build with apache 2.4: apxs2 moved from %{_sbindir} to
  %{_bindir}.
* Mon Feb 13 2012 coolo@suse.com
- patch license to follow spdx.org standard
* Sat Sep 17 2011 jengelh@medozas.de
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build
* Sat Dec 04 2010 poeml@cmdline.net
- update to 2.3.6
  * ) SECURITY: CVE-2010-3872 (cve.mitre.org)
    Fix possible stack buffer overwrite.
  * ) Change the default for FcgidMaxRequestLen from 1GB to 128K.
    Administrators should change this to an appropriate value based on
    site requirements.
  * ) Allow FastCGI apps more time to exit at shutdown before being
    forcefully killed.
  ...and more fixes, see
  http://svn.apache.org/viewvc/httpd/mod_fcgid/tags/2.3.6/CHANGES-FCGID?view=markup
- adjust the somewhat outdated example config file
* Thu Aug 05 2010 mrueckert@suse.de
- update to version 2.3.5
  mod_fcgid is now an official apache project. During the migration
  the name of the configuration directives has changed. Please see
  /usr/share/doc/packages/apache2-mod_fcgid/CHANGES-FCGID
  to update your config to the new version.
- adapted config to the new directives
* Fri Mar 07 2008 mrueckert@suse.de
- added directory for the sharedmemory path and the sockets
  (bnc#365113)
* Tue Oct 30 2007 mrueckert@suse.de
- update to version 2.2
  - Support configuration "PassHeader". Thank Hans Christian
    Saustrup for the suggestion.
  - Support apr_shm_remove() in httpd.2.0.X. Thank Hans Christian
    Saustrup for bug report.
  - Support configuration "TimeScore". Thank Tim Jensen for the
    patch.
  - Support new configurations "MaxRequestInMem" and
    "MaxRequestLen"
  - If the length of http request longer than "MaxRequestInMem",
    it will store in tmp file.
  - It the length of http request longer than "MaxRequestLen", it
    will return internal server error.
    Thank Gabriel Barazer(gabriel at oxeva.fr) for the bug report.
    Thank Steffen(info at apachelounge.com) for the help on this
    issue.
  - Fix miner Sanity check bug. Thank Yuya Tanaka for bug report
- added SharememPath to the config (#337566)
* Tue Aug 07 2007 poeml@suse.de
- remove "Provides: apache2-mod_fastcgi", since the package is
  revived
* Tue Jul 31 2007 mrueckert@suse.de
- don't package INSTALL.txt
- ran dos2unix on the documentation tarball to avoid warnings from
  rpmlint
* Mon Apr 16 2007 mrueckert@suse.de
- update to version 2.1
  - Add missing config.m4 and Makefile.in for static linking
    Thank Mark Drago for notice
  - FCGIWrapper disallowed in .htaccess
    Thank Balinares for patch
  - Bug fix. Authoritative flag reversed
    Thank Chris Darroch for the patch
  - Support arguments in FCGIWrapper
    Thank Andre Nathan for suggestion and great help on testing it.
  - Support new config "SharememPath", which specifies the location
    of share memory path.
  - Check running user is root or not, while suexec is enabled.
    Thank Chris Holleman for the bug report.
  - Bug fix. Should not pass respond to auth checkers.
    Thank Szabolcs Hock for bug report.
- rediffed patches:
  mod_fcgid.2.0-warnings.patch => mod_fcgid.2.1-warnings.patch
- synced docs from the website
* Wed Nov 29 2006 mrueckert@suse.de
- update to version 2.0
  o Support FastCGI Authorizer protocols now.
  o Add apxs compile instruction in INSTALL.txt.
    Thank Hans Christian Saustrup, hc at saustrup.net for the suggestion.
  o Bug fix. (Win32 only) PHP script can not create socket on Win32.
    Thank bbscool at zjip.com for the bug report and the help.
  o GREAT patchs from Robert L Mathews, rob at tigertech.com
    Fix compile warnings
    Adds a MaxRequestsPerProcess parameter that allows mod_fcgid
    to exit after handling a certain number of requests
    Close socket before fork
    avoid the 1-second sleep the first time a process is spawned
  o Print warning log while read data error from FastCGI process.
  o Apply patch from Scott Lamb, Fix mod_fcgid 1.10 warnings on x86_64
- removed mod_fcgid.1.07-printf_warnings.patch
- rediffed patches:
  mod_fcgid.1.10-warnings.patch => mod_fcgid.2.0-warnings.patch
  mod_fcgid.1.07-suse_paths.patch => mod_fcgid.2.0-suse_paths.patch
* Thu Oct 19 2006 poeml@suse.de
- fix missing return value of is_kill_allowed()
* Tue Oct 17 2006 poeml@suse.de
- build the module for all MPMs, not only for prefork
Version: 2.3.9-bp150.2.2
* Fri May 12 2017 pgajdos@suse.com
- amend example in %check to see how output to stderr get
  logged in error_log
* Mon Mar 13 2017 pgajdos@suse.com
- add a true example to %check