* Wed Mar 19 2025 Andreas Stieger <andreas.stieger@gmx.de>
- drop unneeded pcre build requirement
* Mon Oct 21 2024 Gus Kenion <gus.kenion@suse.com>
- Update to version 1.2.50:
* Apache
+ Fix: 68117: Fix typo in new libtool flag introduced in
1.2.49 to reduce symbol visibility. Also improve escaping
of it in the Makefile.
+ Fix: Improve shared memory handling on non-Windows.
* IIS
+ Update: Update PCRE bundled with the ISAPI redirector to
8.45.
* Common
+ Fix: #8: Fix compilation on musl.
+ Update: Update config.guess and config.sub
- Remove apache2-fix-symbol-export-typo.patch - this upstream fix
is included in 1.2.50
* Thu Dec 21 2023 David Anes <david.anes@suse.com>
- Add apache2-fix-symbol-export-typo.patch to fix a typo to restrict
the symbols to export by the module. Fixes bsc#1206261.
* Tue Oct 17 2023 David Anes <david.anes@suse.com>
- Update to version 1.2.49:
Apache
* Retrieve default request id from mod_unique_id. It can also be
taken from an arbitrary environment variable by configuring
"JkRequestIdIndicator".
* Don't delegate the generation of the response body to httpd
when the status code represents an error if the request used
the HEAD method.
* Only export the main module symbol. Visibility of module
internal symbols led to crashes when conflicting with library
symbols. Based on a patch provided by Josef Čejka. (wrong fix
was applied for bsc#1206261)
* Remove support for implicit mapping of requests to workers.
All mappings must now be explicit.
IIS
* Set default request id as a GUID. It can also be taken from an
arbitrary request header by configuring "request_id_header".
* Fix non-empty check for the Translate header.
Common
* Fix compiler warning when initializing and copying fixed
length strings.
* Add a request id to mod_jk log lines.
* Enable configure to find the correct sizes for pid_t and
pthread_t when building on MacOS.
* Fix Clang 15/16 compatibility. Pull request #6 provided by
Sam James.
* Improve XSS hardening in status worker.
* Add additional bounds and error checking when reading AJP
messages.
Docs
* Remove support for the Netscape / Sun ONE / Oracle iPlanet Web
Server as the product has been retired.
* Remove links to the old JK2 documentation. The JK2
documentation is still available, it is just no longer linked
from the current JK documentation.
* Restructure subsections in changelog starting with version
1.2.45.
* Mon May 18 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update jk.conf: [bsc#1167896]
* Specify the location of JkShmFile.
* Update tomcat-webapps paths.
* Mon May 11 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Fix Aliases to be compatible with the tomcat example URLs [bsc#1167896]
* Mon May 11 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Changes for 1.2.47 and 1.2.48 updates:
* Add: Apache: Extend trace level logging of method entry/exit to
aid debugging of request mapping issues.
* Fix: Apache: Fix a bug in the normalization checks that prevented
file based requests, such as SSI file includes, from being processed.
* Fix: Apache: When using JkAutoAlias, ensure that files that include
spaces in their name are accessible.
* Update: Common: Update the documentation to reflect that the source
code for the Apache Tomcat Connectors has moved from Subversion to Git.
* Fix: Common: When using set_session_cookie, ensure that an updated session
cookie is issued if the load-balancer has to failover to a different worker.
* Update: Common: Update config.guess and config.sub from
https://git.savannah.gnu.org/git/config.git.
* Update: Common: Update release script for migration to git.
* Sun Feb 09 2020 pgajdos@suse.com
- remove useless %check section
* Mon Nov 05 2018 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update to version 1.2.46
Fixes:
* Apache: Fix regression in 1.2.44 which resulted in
socket_connect_timeout to be interpreted in units of seconds
instead of milliseconds on platforms that provide poll(). (rjung)
* Security: CVE-2018-11759 Connector path traversal [bsc#1114612]
- Update to version 1.2.45
Fixes:
* Correct regression in 1.2.44 that broke request handling for
OPTIONS * requests. (rjung)
* Improve path parameter parsing so that the session ID specified
by the session_path worker property for load-balanced workers
can be extracted from a path parameter in any segment of the
URI, rather than only from the final segment. (markt)
* Apache: Improve path parameter handling so that JkStripSession
can remove session IDs that are specified on path parameters in any
segment of the URI rather than only the final segment. (markt)
* IIS: Improve path parameter handling so that strip_session can
remove session IDs that are specified on path parameters in any
segment of the URI rather than only the final segment. (markt)
Updates:
* Apache: Update the documentation to note additional
limitations of the JkAutoAlias directive. (markt)
Code:
* Common: Optimize path parameter handling. (rjung)
- Cleaned with spec-cleaner
* Wed Sep 19 2018 pmonrealgonzalez@suse.com
- Update to version 1.2.44
Updates:
* Remove the Novell Netware make files and Netware specific source
code since there has not been a supported version of Netware
available for over five years. (markt)
* Apache: Update the documentation to use httpd 2.4.x style access
control directives. (markt)
* Update PCRE bundled with the ISAPI redirector to 8.42. (rjung)
* Update config.guess and config.sub from
https://git.savannah.gnu.org/git/config.git. (rjung)
Fixes:
* Common: Use Local, rather than Global, mutexs on Windows to
better support multi-user environments. (markt)
* Apache: Use poll rather than select to avoid the limitations of
select triggering an httpd crash. Patch provided by Koen Wilde. (markt)
* ISAPI: Remove the check that rejects requests that contain path
segments that match WEB-INF or META-INF as it duplicates a check
that Tomcat performs and, because ISAPI does not have visibility of
the current context path, it is impossible to implement this check
without valid requests being rejected. (markt)
* Refactor normalisation of request URIs to a common location and align
the normalisation implementation for mod_jk with that implemented by
Tomcat. (markt)
Add:
* Clarify the behvaiour of lb workers when all ajp13 workers fail with
particular reference to the role of the retries attribute. (markt)
* Add the new load-balancer worker property lb_retries to improve the
control over the number of retries. Based on a patch provided by
Frederik Nosi. (markt)
* Add a note to the documentation that the CollapseSlashes options are
now effectively hard-coded to CollpaseSlashesAll due to the changes
made to align normalization with that implemented in Tomcat. (markt)