[ol7_u9_base] mod_session-2.4.6-95.0.1.el7.aarch64

Name:	mod_session
Version:	2.4.6
Release:	95.0.1.el7
Architecture:	aarch64
Group:	System Environment/Daemons
Size:	343767
License:	ASL 2.0
RPM:	mod_session-2.4.6-95.0.1.el7.aarch64.rpm
Source RPM:	httpd-2.4.6-95.0.1.el7.src.rpm
Build Date:	Thu Oct 01 2020
Build Host:	ca-buildarm04.us.oracle.com
Vendor:	Oracle America
URL:	http://httpd.apache.org/
Summary:	Session interface for the Apache HTTP Server
Description:	The mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.

Changelog (Show File list) (Show related packages)

Wed Sep 30 2020 EL Errata <el-errata_ww@oracle.com> - 2.4.6-95.0.1
```
- replace index.html with Oracle's index page oracle_index.html
```

Fri Apr 17 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-95

- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized
  value

Thu Mar 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-94

- Resolves: #1565491 - CVE-2017-15715 httpd: <FilesMatch> bypass with a trailing
  newline in the file name
- Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect
- Resolves: #1724879 - httpd terminates all SSL connections using an abortive
  shutdown
- Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive
- Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in
  mod_cache_socache can allow a remote attacker to cause a denial of service
- Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in 
  mod_session can allow a remote user to modify session data for CGI applications

Tue Oct 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-93

- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect
  expiry time

Thu Aug 22 2019 Joe Orton <jorton@redhat.com> - 2.4.6-92
```
- htpasswd: add SHA-2 crypt() support (#1486889)
```

Wed Jul 31 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-91

- Resolves: #1630886 - scriptlet can fail if hostname is not installed
- Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in
  mod_authnz_ldap when using too small Accept-Language values
- Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after
  failure in reading the HTTP request
- Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch
  directive
- Resolves: #1633152 - mod_session missing apr-util-openssl
- Resolves: #1649470 - httpd response contains garbage in Content-Type header
- Resolves: #1724034 - Unexpected OCSP in proxy SSL connection

Sat Jun 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.6-90

- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation
  in mod_auth_digest
- Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control
  bypass due to race condition
- Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency

Fri Mar 15 2019 Joe Orton <jorton@redhat.com> - 2.4.6-89

- fix per-request leak of bucket brigade structure (#1583218)

Thu Jun 21 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-88

- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple
  SIGUSR1

Thu Jun 21 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-87

- Resolves: #1458364 - RMM list corruption in ldap module results in server hang

Thu Jun 21 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-86

- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which
  differ only in case

Wed Jun 20 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-85

- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number

Mon Jun 18 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-84
```
- Resolves: #1548501 - Make OCSP more configurable (like CRL)
```

Mon Jun 11 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-83

- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db
  after close

Mon Jun 11 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-82
```
- Resolves: #1533793 - Use Variable with mod_authnz_ldap
```

Mon Mar 26 2018 Joe Orton <jorton@redhat.com> - 2.4.6-81

- don't terminate connections during graceful stop/restart (#1557785)

Mon Jan 08 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-80
```
- Related: #1288395 - httpd segfault when logrotate invoked
```
Wed Nov 01 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-79
```
- Resolves: #1274890 - mod_ssl config: tighten defaults
```

Tue Oct 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-78

- Resolves: #1506392 - Backport: SSLSessionTickets directive support

Mon Oct 16 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-77

- Resolves: #1440590 - Need an option to disable UTF8-conversion
  of certificate DN

Thu Oct 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-76

- Resolves: #1464406 - Apache consumes too much memory for CGI output

Thu Oct 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-75

- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD
  using SetEnv or PassEnv. Needs documentation.

Mon Oct 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-74

- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective
  when it's defined outside <Proxy> setting

Fri Oct 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-73

- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests
  with absoluteURI instead of abs_path

Tue Oct 03 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-72
```
- Resolves: #1288395 - httpd segfault when logrotate invoked
```

Tue Oct 03 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-71

- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing

Mon Oct 02 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-70

- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used

Tue Sep 19 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-69

- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting
  unregistered HTTP method

Tue Jul 25 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-68

- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw()
  authentication bypass
- Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
- Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread
- Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread
- Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection
  in mod_auth_digest

Tue May 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-67

- Related: #1332242 - Explicitly disallow the '#' character in allow,deny
  directives

Tue May 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-66

- Related: #1332242 - Explicitly disallow the '#' character in allow,deny
  directives

Thu Apr 27 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-65
```
- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS
```

Tue Apr 18 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-64

- Resolves: #1442872 - apache user is not created during httpd installation
  when apache group already exist with GID other than 48

Wed Mar 22 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-63

- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743
  httpd: various flaws

Wed Mar 15 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-62

- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp:
  patch to set worker secret passed to tomcat

Wed Mar 15 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-61

- Related: #1414258 - Crash during restart or at startup in mod_ssl,
  in certinfo_free() function registered by ssl_stapling_ex_init()

Tue Mar 14 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-60

- Resolves: #1414258 - Crash during restart or at startup in mod_ssl,
  in certinfo_free() function registered by ssl_stapling_ex_init()

Mon Mar 13 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-59

- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines
  are broken during buffer resize

Fri Mar 10 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-58

- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves
  with mod_proxy_http and mod_proxy_ajp

Thu Mar 09 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-57

- Resolves: #1324416 - Error 404 when switching language in HTML manual
  more than once

Wed Mar 08 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-56

- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi
  spamming non-errors: AH01075: Error dispatching request to : (passing
  brigade to output filters)

Wed Mar 08 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-55

- Resolves: #1371876 - Apache httpd returns "200 OK" for a request
  exceeding LimitRequestBody when enabling mod_ext_filter

Tue Mar 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-54

- Resolves: #1372692 - Apache httpd does not log status code "413" in
  access_log when exceeding LimitRequestBody

Tue Mar 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-53

- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple
  successive graceful reloads

Tue Mar 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-52

- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny
  directives

Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-51

- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup
  on backconn

Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-50

- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed
  worker to be retried before the retry period is over

Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-49
```
- Resolves: #1389535 - Segmentation fault in SSL_renegotiate
```

Mon Mar 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-48

- Resolves: #1406184 - stapling_renew_response: abort early
  (before apr_uri_parse) if ocspuri is empty

Tue Feb 07 2017 Joe Orton <jorton@redhat.com> - 2.4.6-47

- prefork: fix delay completing graceful restart (#1327624)
- mod_ldap: fix authz regression, failing to rebind (#1415257)

Thu Jan 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-46

- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743
  httpd: various flaws

Wed Aug 03 2016 Luboš Uhliarik <luhliari@redhat.com> - 2.4.6-45

- RFE: run mod_rewrite external mapping program as non-root (#1316900)

Tue Jul 12 2016 Joe Orton <jorton@redhat.com> - 2.4.6-44
```
- add security fix for CVE-2016-5387
```

Tue Jul 05 2016 Joe Orton <jorton@redhat.com> - 2.4.6-43

- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)

Fri Jun 17 2016 Joe Orton <jorton@redhat.com> - 2.4.6-42

- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)

Wed Feb 24 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-41

- mod_cache: merge r->err_headers_out into r->headers when the response
  is cached for the first time (#1264989)
- mod_ssl: Do not send SSL warning when SNI hostname is not found as per
  RFC 6066 (#1298148)
- mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038)
- fix apache user creation when apache group already exists (#1299889)
- fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757)
- mod_proxy: fix slow response time for reponses with error status code
  when using ProxyErrorOverride (#1283653)
- mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149)
- mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495)
- rotatelogs: improve support for localtime (#1244545)
- ab: fix read failure when targeting SSL server (#1255331)
- mod_log_debug: fix LogMessage example in documentation (#1279465)
- mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime
  of DB lookup entries independently of the selected DB engine (#1287844)
- mod_ssl: fix hardware crypto support with custom DH parms (#1291865)
- mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)

Thu Sep 17 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-40
```
- mod_dav: follow up fix for previous commit (#1263975)
```
Wed Aug 26 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-39
```
- mod_dav: treat dav_resource uri as escaped (#1255480)
```

Wed Aug 19 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-38

- mod_ssl: add support for User Principal Name in SSLUserName  (#1242503)

Mon Aug 10 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-37

- core: fix chunk header parsing defect (CVE-2015-3183)
- core: replace of ap_some_auth_required with ap_some_authn_required
  and ap_force_authn hook (CVE-2015-3185)

Tue Jul 14 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-36

- Revert fix for #1162152, it is not needed in RHEL7
- mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)

Wed Jul 01 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-35

- mod_remoteip: correct the trusted proxy match test (#1179306)
- mod_dav: send complete response when resource is created (#1235383)
- apachectl: correct the apachectl status man page (#1231924)

Wed Jun 03 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-34

- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328)
- do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820)
- fix -D[efined] or <Define>[d] variables lifetime accross restarts (#1227219)
- mod_ssl: do not send NPN extension with not configured (#1226015)

Mon May 18 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-33

- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)

Wed Apr 15 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-32

- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779)
- mod_remoteip: correct the trusted proxy match test (#1179306)
- mod_status: honor remote_ip as documented (#1169081)
- mod_deflate: fix decompression of files larger than 4GB (#1170214)
- core: improve error message for inaccessible DocumentRoot (#1170220)
- ab: try all addresses instead of failing on first one when not available (#1125276)
- mod_proxy_wstunnel: add support for SSL (#1180745)
- mod_proxy_wstunnel: load this module by default (#1180745)
- mod_rewrite: add support for WebSockets (#1180745)
- mod_rewrite: do not search for directory if a URL will be rewritten (#1210091)
- mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache
  are used and SSL session is resumed (#1170206)
- mod_ssl: fix memory leak on httpd reloads (#1181690)
- mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476)
- mod_cgi: return error code 408 on timeout (#1162152)
- mod_dav_fs: set default value of DAVLockDB (#1176449)
- add Documentation= to the httpd.service and htcacheclean.service (#1184118)
- do not display "bomb" icon for files ending with "core" (#1170215)
- add missing Reason-Phrase in HTTP response headers (#1162159)
- fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625)
- apachectl: ignore HTTPD variable from sysconfig (#1214401)
- apachectl: fix "graceful" documentation (#1214398)
- apachectl: fix "graceful" behaviour when httpd is not running (#1214430)

Tue Dec 02 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-31

- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled
  instead of hardcoding it (#1168050)
- mod_proxy: support Unix Domain Sockets (#1168081)

Tue Nov 25 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-30

- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)

Tue Nov 04 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-29
```
- rebuild against proper version of OpenSSL (#1080125)
```
Wed Oct 22 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-28
```
- set vstring based on /etc/os-release (#1114123)
```

Mon Oct 06 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-27

- fix the dependency on openssl-libs to match the fix for #1080125

Mon Sep 22 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-26

- allow <Auth*ProviderAlias>'es to be seen under virtual hosts (#1131847)

Fri Sep 19 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-25
```
- do not use hardcoded curve for ECDHE suites (#1080125)
```
Wed Sep 03 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-24
```
- allow reverse-proxy to be set via SetHandler (#1136290)
```
Thu Aug 21 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-23
```
- fix possible crash in SIGINT handling (#1131006)
```

Mon Aug 18 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-22

- ab: fix integer overflow when printing stats with lot of requests (#1092420)

Mon Aug 11 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-21

- add pre_htaccess so mpm-itk can be build as separate module (#1059143)

Tue Aug 05 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-20

- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)

Mon Aug 04 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-19

- fix build on ppc64le by using configure macro (#1125545)
- compile httpd with -O3 on ppc64le (#1123490)
- mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)

Thu Jul 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-18

- mod_cgid: add security fix for CVE-2014-0231 (#1120608)
- mod_proxy: add security fix for CVE-2014-0117 (#1120608)
- mod_deflate: add security fix for CVE-2014-0118 (#1120608)
- mod_status: add security fix for CVE-2014-0226 (#1120608)
- mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)

Thu Mar 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-17

- mod_dav: add security fix for CVE-2013-6438 (#1077907)
- mod_log_config: add security fix for CVE-2014-0098 (#1077907)

Wed Mar 05 2014 Joe Orton <jorton@redhat.com> - 2.4.6-16
```
- mod_ssl: improve DH temp key handling (#1057687)
```

Wed Mar 05 2014 Joe Orton <jorton@redhat.com> - 2.4.6-15

- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)

Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 2.4.6-14
```
- Mass rebuild 2014-01-24
```

Mon Jan 13 2014 Joe Orton <jorton@redhat.com> - 2.4.6-13

- mod_ssl: sanity-check use of "SSLCompression" (#1036666)
- mod_proxy_http: fix brigade memory usage (#1040447)

Fri Jan 10 2014 Joe Orton <jorton@redhat.com> - 2.4.6-12
```
- rebuild
```
Thu Jan 09 2014 Joe Orton <jorton@redhat.com> - 2.4.6-11
```
- build with -O3 on ppc64 (#1051066)
```
Tue Jan 07 2014 Joe Orton <jorton@redhat.com> - 2.4.6-10
```
- mod_dav: fix locktoken handling (#1004046)
```
Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 2.4.6-9
```
- Mass rebuild 2013-12-27
```
Fri Dec 20 2013 Joe Orton <jorton@redhat.com> - 2.4.6-8
```
- use unambiguous httpd-mmn (#1029360)
```

Fri Nov 01 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-7

- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)

Thu Oct 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-6

- systemd: Use {MAINPID} notation in service file (#969972)

Thu Oct 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-5

- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)

Thu Oct 03 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-4
```
- expand macros in macros.httpd (#1011393)
```

Mon Aug 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-3

- fix "LDAPReferrals off" to really disable LDAP Referrals

Wed Jul 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-2
```
- revert fix for dumping vhosts twice
```

Mon Jul 22 2013 Joe Orton <jorton@redhat.com> - 2.4.6-1

- update to 2.4.6
- mod_ssl: use revised NPN API (r1487772)

Thu Jul 11 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-12

- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)
- apxs: mention -p option in manpage

Tue Jul 02 2013 Joe Orton <jorton@redhat.com> - 2.4.4-11
```
- add patch for aarch64 (Dennis Gilmore, #925558)
```
Mon Jul 01 2013 Joe Orton <jorton@redhat.com> - 2.4.4-10
```
- remove duplicate apxs man page from httpd-tools
```
Mon Jun 17 2013 Joe Orton <jorton@redhat.com> - 2.4.4-9
```
- remove zombie dbmmanage script
```
Fri May 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-8
```
- return 400 Bad Request on malformed Host header
```

Mon May 20 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6

- htpasswd/htdbm: fix hash generation bug (#956344)
- do not dump vhosts twice in httpd -S output (#928761)
- mod_cache: fix potential crash caused by uninitialized variable (#954109)

Thu Apr 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-5

- execute systemctl reload as result of apachectl graceful
- mod_ssl: ignore SNI hints unless required by config
- mod_cache: forward-port CacheMaxExpire "hard" option
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
  is not configured.

Tue Apr 16 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-4

- fix service file to not send SIGTERM after ExecStop (#906321, #912288)

Tue Mar 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-3
```
- protect MIMEMagicFile with IfModule (#893949)
```

Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-2

- really package mod_auth_form in mod_session (#915438)

Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-1

- update to 2.4.4
- fix duplicate ownership of mod_session config (#914901)

Fri Feb 22 2013 Joe Orton <jorton@redhat.com> - 2.4.3-17

- add mod_session subpackage, move mod_auth_form there (#894500)

Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.3-16
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
```
Tue Jan 08 2013 Joe Orton <jorton@redhat.com> - 2.4.3-15
```
- add systemd service for htcacheclean
```
Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-14
```
- drop patch for r1344712
```

Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-13

- filter mod_*.so auto-provides (thanks to rcollet)
- pull in syslog logging fix from upstream (r1344712)

Fri Oct 26 2012 Joe Orton <jorton@redhat.com> - 2.4.3-12
```
- rebuild to pick up new apr-util-ldap
```
Tue Oct 23 2012 Joe Orton <jorton@redhat.com> - 2.4.3-11
```
- rebuild
```
Wed Oct 03 2012 Joe Orton <jorton@redhat.com> - 2.4.3-10
```
- pull upstream patch r1392850 in addition to r1387633
```
Mon Oct 01 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9.1
```
- restore "ServerTokens Full-Release" support (#811714)
```
Mon Oct 01 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9
```
- define PLATFORM in os.h using vendor string
```
Mon Oct 01 2012 Joe Orton <jorton@redhat.com> - 2.4.3-8
```
- use systemd script unconditionally (#850149)
```

Mon Oct 01 2012 Joe Orton <jorton@redhat.com> - 2.4.3-7

- use systemd scriptlets if available (#850149)
- don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists

Mon Oct 01 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-6
```
- use systemctl from apachectl (#842736)
```

Wed Sep 19 2012 Joe Orton <jorton@redhat.com> - 2.4.3-5

- fix some error log spam with graceful-stop (r1387633)
- minor mod_systemd tweaks

Thu Sep 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-4
```
- use IncludeOptional for conf.d/*.conf inclusion
```
Fri Sep 07 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-3
```
- adding mod_systemd to integrate with systemd better
```

Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-2

- mod_ssl: add check for proxy keypair match (upstream r1374214)

Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-1

- update to 2.4.3 (#849883)
- own the docroot (#848121)

Mon Aug 06 2012 Joe Orton <jorton@redhat.com> - 2.4.2-23

- add mod_proxy fixes from upstream (r1366693, r1365604)

Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-22
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
```
Fri Jul 06 2012 Joe Orton <jorton@redhat.com> - 2.4.2-21
```
- drop explicit version requirement on initscripts
```
Thu Jul 05 2012 Joe Orton <jorton@redhat.com> - 2.4.2-20
```
- mod_ext_filter: fix error_log warnings
```

Mon Jul 02 2012 Joe Orton <jorton@redhat.com> - 2.4.2-19

- support "configtest" and "graceful" as initscripts "legacy actions"

Fri Jun 08 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18

- avoid use of "core" GIF for a "core" directory (#168776)
- drop use of "syslog.target" in systemd unit file

Thu Jun 07 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17

- use _unitdir for systemd unit file
- use /run in unit file, ssl.conf

Thu Jun 07 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
```
- mod_ssl: fix NPN patch merge
```

Wed Jun 06 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15

- move tmpfiles.d fragment into /usr/lib per new guidelines
- package /run/httpd not /var/run/httpd
- set runtimedir to /run/httpd likewise

Wed Jun 06 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
```
- fix htdbm/htpasswd crash on crypt() failure (#818684)
```
Wed Jun 06 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
```
- pull fix for NPN patch from upstream (r1345599)
```
Thu May 31 2012 Joe Orton <jorton@redhat.com> - 2.4.2-12
```
- update suexec patch to use LOG_AUTHPRIV facility
```
Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-11
```
- really fix autoindex.conf (thanks to remi@)
```
Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-10
```
- fix autoindex.conf to allow symlink to poweredby.png
```

Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-9

- suexec: use upstream version of patch for capability bit support

Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-8

- suexec: use syslog rather than suexec.log, drop dac_override capability

Tue May 01 2012 Joe Orton <jorton@redhat.com> - 2.4.2-7
```
- mod_ssl: add TLS NPN support (r1332643, #809599)
```
Tue May 01 2012 Joe Orton <jorton@redhat.com> - 2.4.2-6
```
- add BR on APR >= 1.4.0
```
Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-5
```
- use systemctl from logrotate (#221073)
```

Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-4

- pull from upstream:
  * use TLS close_notify alert for dummy_connection (r1326980+)
  * cleanup symbol exports (r1327036+)

Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3.2
```
- rebuild
```
Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3
```
- really fix restart
```

Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-2

- tweak default ssl.conf
- fix restart handling (#814645)
- use graceful restart by default

Wed Apr 18 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.2-1
```
- update to 2.4.2
```
Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-6
```
- fix macros
```
Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-5
```
- add _httpd_moddir to macros
```
Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-4
```
- fix symlink for poweredby.png
- fix manual.conf
```

Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-3

- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)
- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage

Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-2

- clean docroot better
- ship proxy, ssl directories within /var/cache/httpd
- default config:
 * unrestricted access to (only) /var/www
 * remove (commented) Mutex, MaxRanges, ScriptSock
 * split autoindex config to conf.d/autoindex.conf
- ship additional example configs in docdir

Tue Mar 06 2012 Joe Orton <jorton@redhat.com> - 2.4.1-1

- update to 2.4.1
- adopt upstream default httpd.conf (almost verbatim)
- split all LoadModules to conf.modules.d/*.conf
- include conf.d/*.conf at end of httpd.conf
- trim %changelog

Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-2
```
- fix build against PCRE 8.30
```
Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-1
```
- update to 2.2.22
```
Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 2.2.21-8
```
- Rebuild against PCRE 8.30
```
Mon Jan 23 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-7
```
- fix #783629 - start httpd after named
```

Mon Jan 16 2012 Joe Orton <jorton@redhat.com> - 2.2.21-6

- complete conversion to systemd, drop init script (#770311)
- fix comments in /etc/sysconfig/httpd (#771024)
- enable PrivateTmp in service file (#781440)
- set LANG=C in /etc/sysconfig/httpd

Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.21-5
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
```
Tue Dec 06 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-4
```
- fix #751591 - start httpd after remote-fs
```

Mon Oct 24 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-3

- allow change state of BalancerMember in mod_proxy_balancer web interface

Thu Sep 22 2011 Ville Skyttä <ville.skytta@iki.fi> - 2.2.21-2

- Make mmn available as %{_httpd_mmn}.
- Add .svgz to AddEncoding x-gzip example in httpd.conf.

Tue Sep 13 2011 Joe Orton <jorton@redhat.com> - 2.2.21-1
```
- update to 2.2.21
```
Mon Sep 05 2011 Joe Orton <jorton@redhat.com> - 2.2.20-1
```
- update to 2.2.20
- fix MPM stub man page generation
```

Wed Aug 10 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-5

- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd

Fri Jul 22 2011 Iain Arnell <iarnell@gmail.com> 1:2.2.19-4

- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided
  directory names

Wed Jul 20 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-3
```
- fix #716621 - suexec now works without setuid bit
```

Thu Jul 14 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-2

- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve

Fri Jul 01 2011 Joe Orton <jorton@redhat.com> - 2.2.19-1

- update to 2.2.19
- enable dbd, authn_dbd in default config

Thu Apr 14 2011 Joe Orton <jorton@redhat.com> - 2.2.17-13
```
- fix path expansion in service files
```

Tue Apr 12 2011 Joe Orton <jorton@redhat.com> - 2.2.17-12

- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)

Wed Mar 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-11
```
- minor updates to httpd.conf
- drop old patches
```
Wed Mar 02 2011 Joe Orton <jorton@redhat.com> - 2.2.17-10
```
- rebuild
```
Wed Feb 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-9
```
- use arch-specific mmn
```
Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.17-8
```
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
```

Mon Jan 31 2011 Joe Orton <jorton@redhat.com> - 2.2.17-7

- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)
- add man page stubs for httpd.event, httpd.worker
- drop distcache support
- add STOP_TIMEOUT support to init script

Sat Jan 08 2011 Joe Orton <jorton@redhat.com> - 2.2.17-6
```
- update default SSLCipherSuite per upstream trunk
```
Wed Jan 05 2011 Joe Orton <jorton@redhat.com> - 2.2.17-5
```
- fix requires (#667397)
```
Wed Jan 05 2011 Joe Orton <jorton@redhat.com> - 2.2.17-4
```
- de-ghost /var/run/httpd
```

Tue Jan 04 2011 Joe Orton <jorton@redhat.com> - 2.2.17-3

- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)

Sat Nov 20 2010 Joe Orton <jorton@redhat.com> - 2.2.17-2
```
- drop setuid bit, use capabilities for suexec binary
```
Wed Oct 27 2010 Joe Orton <jorton@redhat.com> - 2.2.17-1
```
- update to 2.2.17
```
Fri Sep 10 2010 Joe Orton <jorton@redhat.com> - 2.2.16-2
```
- link everything using -z relro and -z now
```
Mon Jul 26 2010 Joe Orton <jorton@redhat.com> - 2.2.16-1
```
- update to 2.2.16
```

Fri Jul 09 2010 Joe Orton <jorton@redhat.com> - 2.2.15-3

- default config tweaks:
 * harden httpd.conf w.r.t. .htaccess restriction (#591293)
 * load mod_substitute, mod_version by default
 * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
 * add commented list of shipped-but-unloaded modules
 * bump up worker defaults a little
 * drop KeepAliveTimeout to 5 secs per upstream
- fix LSB compliance in init script (#522074)
- bundle NOTICE in -tools
- use init script in logrotate postrotate to pick up PIDFILE
- drop some old Obsoletes/Conflicts

Sun Apr 04 2010 Robert Scheck <robert@fedoraproject.org> - 2.2.15-1
```
- update to 2.2.15 (#572404, #579311)
```