Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

lighttpd-mod_magnet-1.4.31-4.8.1 RPM for i586

From OpenSuSE 12.2 updates for i586

Name: lighttpd-mod_magnet Distribution: openSUSE 12.2
Version: 1.4.31 Vendor: openSUSE
Release: 4.8.1 Build date: Fri Nov 23 13:46:08 2012
Group: Productivity/Networking/Web/Servers Build host: build24
Size: 38911 Source RPM: lighttpd-1.4.31-4.8.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.lighttpd.net/
Summary: A module to control the request handling in lighttpd
A module to control the request handling in lighttpd.

It is the successor of mod_cml.



Authors:
--------
    Jan Kneschke <jan@kneschke.de>

Provides

Requires

License

BSD-3-Clause

Changelog

* Wed Nov 21 2012 mrueckert@suse.de
  - Fixing bnc#790258 CVE-2012-5533:
    Denial of Service via specially-crafted HTTP header. Added
    patches:
    0001-Fix-DoS-in-header-value-split-reported-by-Jesse-Sipp.patch
    0001-remove-whitespace-at-end-of-header-keys.patch
* Wed Jun 13 2012 mrueckert@suse.de
  - dropped the perl line that mangled configure.ac
  - moved automake patch into the geoip conditional
  - move lua conditional out of the _repository block
* Mon Jun 11 2012 mrueckert@suse.de
  - Fix the previous change:
    We only need that patch on 12.2
* Thu Jun 07 2012 pgajdos@suse.com
  - fixed build (automake)
    * automake.patch
* Thu May 31 2012 mrueckert@suse.de
  - update to 1.4.31
    - [ssl] fix segfault in counting renegotiations for openssl
      versions without TLSEXT/SNI (thx carpii for reporting)
    - Move fdevent subsystem includes to implementation files to
      reduce conflicts (fixes #2373)
    - [mod_compress] fix handling if etags are disabled but cache-dir
      is set - may lead to double response
    - disable mmap by default (fixes #2391)
    - buffer_caseless_compare: always convert letters to lowercase to
      get transitive results, fixing array lookups (fixes #2405)
    - Fix handling of empty header list entries in
      http_request_split_value, fixing invalid read in valgrind
      (fixes #2413)
    - Fix access log escaping of " and \\ (fixes #1551)
    - [mod_auth] Fix digest "md5-sess" implementation (Errata ID
      1649, RFC 2617) (fixes #2410)
    - [auth] Add "AUTH_TYPE" environment (for *cgi), remove fastcgi
      specific workaround, add fastcgi test case (fixes #889)
    - [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes
      [#2333], thx simoncpu)
    - Detect multiple -f options: show error message instead of
      assert (fixes #2416)
    - [mod_extforward] Support ipv6 addresses (fixes #1889)
    - [mod_redirect] Support url.redirect-code option (fixes #2247)
    - Fix --enable-mmap handling in configure.ac
* Tue Mar 20 2012 mrueckert@suse.de
  - fix build on factory:
    do not use lua 5.2, use 5.1 instead
* Mon Feb 13 2012 coolo@suse.com
  - patch license to follow spdx.org standard
* Wed Dec 21 2011 mrueckert@suse.de
  - added the debian.tar.gz to the file list of the spec file to pass
    the check in factory
* Sun Dec 18 2011 mrueckert@suse.de
  - update to 1.4.30
    - Always use our ‘own’ md5 implementation, fixes linking issues
      on MacOS (fixes #2331)
    - Limit amount of bytes we send in one go; fixes stalling in one
      connection and timeouts on slow systems.
    - [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is
      disabled
    - Add static-file.disable-pathinfo option to prevent handling of
      urls like …/secret.php/image.jpg as static file
    - Don’t overwrite 401 (auth required) with 501 (unknown method)
      (fixes #2341)
    - Fix mod_status bug: always showed “0/0” in the “Read” column
      for uploads (fixes #2351)
    - [mod_auth] Fix signedness error in http_auth
      (fixes #2370, CVE-2011-4362)
    - [ssl] count renegotiations to prevent client renegotiations
    - [ssl] add option to honor server cipher order
      (fixes #2364, BEAST attack)
    - [core] accept dots in ipv6 addresses in host header
      (fixes #2359)
    - [ssl] fix ssl connection aborts if files are larger than the
      MAX_WRITE_LIMIT (256kb)
    - [libev/cgi] fix waitpid ECHILD errors in cgi with libev
      (fixes #2324)
* Fri Dec 02 2011 coolo@suse.com
  - add automake as buildrequire to avoid implicit dependency
* Sun Oct 02 2011 coolo@suse.com
  - avoid endless loop in tests by using the right php path for 12.1
* Mon Jul 11 2011 mrueckert@suse.de
  - update to 1.4.29
    - Fix mod_proxy waiting for response even if content-length is 0
      (fixes #2259)
    - Silence annoying "connection closed: poll() -> ERR" error.log
      message (fixes #2257)
    - mod_cgi: make read buffer as big as incoming data block
    - [build] Fix detection of libev (fixes #2300)
    - ssl: Support for Diffie-Hellman and Elliptic-Curve
      Diffie-Hellman key exchange (fixes #2301)
      add ssl.use-sslv3 (fixes #2246)
      load all algorithms (fixes #2239)
    - [ssl/md5] prefix our own md5 implementation with li_ so it
      doesn't conflict with the openssl one (fixes #2269)
    - [ssl/build] some minor fixes; fix compile without ssl, cleanup
      ssl config buffers
    - [proc,include_shell] log error if exec shell fails (fixes
      [#2280])
    - [*cgi] Use physical base dir (alias, userdir) as DOCUMENT_ROOT
      in cgi environments (fixes #2216)
    - [doc] Move docs to outdated/ subdir and refer to wiki instead
      (fixes #2248)
    - fdevent: add solaris eventports (fixes #2171)
* Sun Sep 19 2010 jengelh@medozas.de
  - Do not specify -TERM signal for killproc. This causes killproc
    to not wait until the daemon actually terminated, which would
    result in a subsequent startproc call (as done by the "restart"
    action) to not do anything.
* Sun Aug 22 2010 stbuehler@web.de
  - update 1.4.28
    - Rename fdevent_event_add to _set to reflect what the function
      does. Fix some handlers. (fixes #2249)
    - Fix buffer.h to include stdio.h as it is needer for SEGFAULT
      (fixes #2250)
* Mon Aug 16 2010 mrueckert@suse.de
  - fix building on sles9
    - disable ustar
    - use find | xargs instead of -delete
* Mon Aug 16 2010 mrueckert@suse.de
  - update 1.4.27
    - Fix handling return value of SSL_CTX_set_options
      (fixes #2157, thx mlcreech)
    - Fix mod_proxy HUP handling (send final chunk, fix usage
      counter)
    - mod_proxy: close connection on write error (fixes #2114)
    - Check uri instead of physical path for directory redirect
    - Fix detecting git repository (fixes #2173, thx ncopa)
    - [mod_compress] Fix segfault when etags are disabled
      (fixes #2169)
    - Reset uri.authority before TLS servername handling, reset all
      "keep-alive" data in connection_del (fixes #2125)
    - Print double quotes properly when dumping config file
      (fixes #1806)
    - Include IP addresses on error log on password failures
      (fixes #2191)
    - Fix stalls while reading from ssl sockets (fixes #2197)
    - Fix etag formatting on boxes with 32-bit longs
    - Fix two compiler warnings
    - mod_accesslog: fix %p for ipv6 sockets
      (fixes #2228, thx jo.henke)
    - mod_fastcgi: Send 502 "Bad Gateway" if we couldn't open the
      file for X-Sendfile (fixes #2226)
    - mod_staticfile: add debug output if we ignore a file with
      static-file.exclude-extensions (fixes #2215)
    - mod_cgi: fix race condition leaving response not forwarded to
      client (fixes #2217)
    - mod_accesslog: Fix var declarations mixed in source
      (fixes #2233)
    - mod_status: Add version to status page (fixes #2219)
    - mod_accesslog: optimize accesslog_append_escaped
      (fixes #2236, thx crypt)
    - openssl: silence annoying error messages for errno==0
      (fixes #2213)
    - array.c: improve array_get_unused_element to check data type;
      fix mem leak if unused_element didn't find a matching entry
      (fixes #2145)
    - add check to stop loading plugins twice
    - cleanup fdevent code, removed linux-rtsig handler, replaced
      some fprintf calls
    - only require FDEVENT_IN bit to be set for listening connections
      (fixes #2227)
    - add libev fdevent handler: server.event-handler = "libev"
    - mod_proxy: return response as soon as it is available
      (fixes #2196)
    - don't overwrite global server.force-lowercase-filenames setting
      (fixes #2042)
    - bind to IPV6-only if ipv6 address was specified
      (http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config)
  - drop lighttpd-ssl-retval-fix.patch: included in the release
  - drop config.tar.bz2, our config is now the upstream config!:)
* Thu Apr 22 2010 mrueckert@suse.de
  - use the pid file for killing the lighttpd to avoid killing other
    services which are using the lighttpd binary. (bnc#559534)
* Thu Apr 15 2010 mt@suse.de
  - added lighttpd-ssl-retval-fix.patch:
    Applied patch fixing start failure with enabled SSL because
    of not properly checked SSL_CTX_set_options() return value
    (http://redmine.lighttpd.net/issues/2157).
* Thu Feb 11 2010 mrueckert@suse.de
  - update 1.4.26
    - Fix request parser to handle packets with splitted \r\n\r\n
      (fixes #2105)
    - Remove dependency on automake >= 1.11 with m4_ifdef check
    - mod_accesslog: support %e (fixes #2113, thx presbrey)
    - Fix mod_cgi cgi.execute-x-only option in global block
    - mod_fastcgi: x-sendfile2 parse error debugging
    - Fix mod_proxy dead host detection if connect() fails
    - Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures,
      found by Rodrigo, fixes #2158, #2159)
    - Fix segfault with broken rewrite/redirect patterns (fixes
      [#2140], found by crypt)
    - Append to previous buffer in con read, fix DoS/OOM
      vulnerability (fixes #2147, found by liming, CVE-2010-0295)
    - Fix HUP detection in close-state if event-backend doesn't
      support FDEVENT_HUP (like select or poll on FreeBSD)
  - dropping fix-slow-request-dos-in-1.4.x.patch:
    included in release
* Mon Feb 01 2010 mrueckert@suse.de
  - added fix-slow-request-dos-in-1.4.x.patch:
    fix a bug that makes lighttpd allocate too much memory
    for handling a request.  (bnc#573948) CVE-2010-0295
* Sun Nov 22 2009 stbuehler@web.de
  - update 1.4.25
    - mod_magnet: fix pairs() for normal tables and strings (fixes
      [#1307])
    - mod_magnet: add traceback for printing lua errors
    - mod_rewrite: fix compile error if compiled without pcre
    - disable warning "CLOSE-read" (fixes #2091)
    - mod_rrdtool: fix creating file if it doesn't exist (#1788)
    - reset tlsext_server_name in connection_reset - fixes random
      hostnames in the $HTTP["host"] conditional
    - export some SSL_CLIENT_* vars for client cert validation
      (fixes #1288, thx presbrey)
    - mod_fastcgi: fix mod_fastcgi packet parsing
    - mod_fastcgi: Don't reconnect after connect() succeeded
      (fixes #2096)
    - Fix configure.ac to allow autoreconf, also enables make V=0
  - dropped lighttpd-1.4.24_mod_magnet_regression.patch:
    included in update
  - added lighttpd-configure_ac.patch:
    - remove fancy options which are not supported in older
      autoconf versions
  - drop '-fi' option from autoreconf, so the libtool script
    isn't overwritten (as the overwritten one was broken).
    autoreconf is still needed for mod_geoip
  - drop --with-webdav from ./configure (not an option)
  - remove spawn-fcgi handling as it is removed from the source now
  - remove ChangeLog from %docs (has been removed upstream)
  - man page was moved from section 1 to 8
* Mon Oct 26 2009 mrueckert@suse.de
  - update 1.4.24
    - Add T_CONFIG_INT for bigger integers from the config
      (needed for #1966)
    - Use unsigned int (and T_CONFIG_INT) for max_request_size
    - Use unsigned int for secdownload.timeout (fixes #1966)
    - Keep url/host values from connection to display information
      while keep-alive in mod_status (fixes #1202)
    - Add server.breakagelog, a "special" stderr (fixes #1863)
    - Fix config evaluation for debug.log-timeouts option (#1529)
    - Add "cgi.execute-x-only" to mod_cgi, requires +x for cgi
      scripts (fixes #2013)
    - Fix FD_SETSIZE comparision warnings
    - Add "lua-5.1" to searched pkg-config names for lua
    - Fix unused function webdav_lockdiscovery in mod_webdav
    - cmake: Fix crypt lib check
    - cmake: Add -export-dynamic to link flags, fixes build on
      FreeBSD
    - Set FD_CLOEXEC for bound sockets before pipe-logger forks
      (fixes #2026)
    - Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi
      (fixes #2029)
    - Show "no uri specified -> 400" error only when
      "debug.log-request-header-on-error" is enabled (fixes #2030)
    - Fix hanging connection in mod_scgi (fixes #2024)
    - Allow digits in hostnames in more places (fixes #1148)
    - Use connection_reset instead of handle_request_done for cleanup
      callbacks
    - Change mod_expire to append Cache-Control instead of
      overwriting it (fixes #1997)
    - Allow all comparisons for $SERVER["socket"] - only bind for
      "=="
    - Remove strptime failed message (fixes #2031)
    - Fix issues found with clang analyzer
    - Try to fix server.tag issue with localized svnversion
    - Fix handling network-write return values (#2024)
    - Use disable-time in fastcgi for all disables after errors,
      default is 1sec (fixes #2040)
    - Remove adaptive spawning code from fastcgi (was disabled for a
      long time)
    - Allow mod_mysql_vhost to use stored procedures (fixes #2011,
      thx Ben Brown)
    - Fix ipv6 in mod_proxy (fixes #2043)
    - Print errors from include_shell to stderr
    - Set tm.tm_isdst = 0 before mktime() (fixes #2047)
    - Use linux-epoll by default if available (fixes #2021, thx Olaf
      van der Spek)
    - Print an error if you use too many captures in a regex pattern
      (fixes #2059)
    - Combine Cache-Control header value in mod_expire to existing
      HTTP header if header already added by other modules
      (fixes #2068)
    - Remember keep-alive-idle in separate variable (fixes #1988)
    - Fix header inclusion order, always include "config.h" before
      any system header
    - mod_webdav: Patch to skip login information for domain part of
      Destination field (fixes #1793)
    - mod_webdav: Delete old properties before updating new for MOVE
      (fixes #1317)
    - Read hostname from absolute uris in the request line
      (fixes #1937)
    - mod_fastcgi: don't disable backend if disable-time is 0
      (fixes #1825)
    - mod_compress: match partial+full content-type (fixes #1552)
    - mod_fastcgi: fix is_local detection, respawn backends if
      bin-path is set (fixes #897)
    - Fix linger-on-close behaviour to avoid rare failure conditions
      (was r2636, fixes #657)
    - mod_fastcgi: restart local procs immediately after they
      terminated, fix local procs handling
    - Fix segfault on invalid config "duplicate else conditions"
      (fixes #2065)
    - mod_usertrack: Use T_CONFIG_INT for max-age, solves range
      problem (#1455)
    - mod_accesslog: configurable timestamp logging (fixes #1479)
    - always define _GNU_SOURCE
    - Add some iterators for mod_magnet (fixes #1307)
    - Fix close_timeout_ts trigger (should finally fix lingering
      close)
    - mod_rewrite: add url.rewrite-[repeat-]if-not-file to rewrite if
      file doesn't exist or is not a regular file (fixes #985, thx
      lucas aerbeydt)
    - Add TLS servername indication (SNI) support (fixes #386, thx
      Peter Colberg <peter@colberg.org>)
    - Add SSL Client Certificate verification (#1288)
    - mod_fastcgi: Fix host->active_procs counter, return 503 if
      connect wasn't successful after 5 tries (fixes #1825)
    - mod_accesslog: escape special characters (fixes #1551, thx icy)
    - fix mod_webdav crash from #1793 (fixes #2084, thx hiroya)
    - Don't print ssl error if client didn't support TLS SNI
    - Fix linger close timeout handling, drop timeout to 5 seconds
      (fixes #2086)
    - Fix broken return values from int to enum in mod_fastcgi
  - added lighttpd-1.4.24_mod_magnet_regression.patch:
    * mod_magnet: fix pairs() for normal tables and strings
      (fixes #1307)
    * mod_magnet: add traceback for printing lua errors
* Wed Jun 24 2009 mrueckert@suse.de
  - update to 1.4.23
    - Added some extra warning options in cmake and fix the resulting
      warnings (unused/static functions)
    - New lighttpd man page (moved it to section 8) (fixes #1875)
    - Create rrd file for empty rrdfile in mod_rrdtool (#1788)
    - Fix workaround for incorrect path info/scriptname if fastcgi
      prefix is "/" (fixes #729)
    - Finally removed spawn-fcgi
    - Allow xattr to overwrite mime type (fixes #1929)
    - Remove link from errormsg about fastcgi apps (fixes #1942)
    - Strip trailing dot from "Host:" header
    - Remove the optional port info from SERVER_NAME (thx Mr_Bond)
    - Fix mod_proxy RoundRobin (off by one problem if only one
      backend is up)
    - Rename configure.in to configure.ac, with small cleanups (fixes
      [#1932])
    - Add proper SUID bit detection (fixes #416)
    - Check for regular file in mod_cgi, so we don't try to start
      directories
    - Include mmap.h from chunk.h to fix some problems with #define
      mmap mmap64 (fixes #1923)
    - Add support for pipe logging for server.errorlog (fixes #296)
    - Add revision number to package version for svn/git checkouts
    - Use server.tag for SERVER_SOFTWARE if configured (fixes #357)
    - Fix trailing zero char in REQUEST_URI after "strip-request-uri"
      in mod_fastcgi
    - mod_magnet: Add env["request.remote-ip"] (fixes #1740)
    - mod_magnet: Add env["request.path-info"]
    - Change name/version separator back to "/" (affects every place
      where the version is printed)
    - Fix bug with FastCGI request id overflow under high load; just
      use always id 1 as we don't use multiplexing. (thx jgray)
    - Add some dirlisting enhancements (fixes #1458)
    - Add option to enable TCP_DEFER_ACCEPT (fixes #1447)
    - Limit amount of bytes read for one read-event (fixes #1070)
    - Add evasive.silent option (fixes #1438)
    - Make mod_extforward headers configurable (fixes #1545)
    - Add '%_' pattern for complete hostname in mod_evhost (fixes
      [#1737])
    - Add IPv6 support to mod_proxy (fixes #1537)
    - mod_ssi printenv: print cgi env, add environment vars to cgi
      env (fixes #1713)
    - Fix error message if no auth backend was set
    - Fix SERVER_NAME port stripping (fixes #1968)
    - Fix x-sendfile 2gb limiting (fixes #1970)
    - Fix mod_cgi environment keys mangling (fixes #1969)
    - Fix workaround for incorrect path info/scriptname if scgi
      prefix is "/" (fixes #729)
    - Fix max-age value in mod_expire for 'modification' (fixes
      [#1978])
    - Fix evasive.silent option (#1438)
    - Fix mod-fastcgi counters
    - Modify fastcgi error message
    - Backup errno for later usage (reported by Guido Reina via
      mailinglist)
    - Improve FastCGI performance (fixes #1999)
    - Workaround broken operating systems: check for trailing '/' in
      filenames (fixes #1989)
    - Allow using pcre with cross-compiling (pcre-config got fixed;
      fixes #1986)
    - Add "lighty.req_env" table to mod_magnet for setting/getting
      environment values for cgi (fixes #1967, thx presbrey)
    - Fix segfault in mod_expire after failed config parsing (fixes
      [#1992])
    - Add ssi.content-type option (default text/html, fixes #615)
    - Add support for "real" entropy from /dev/[u]random (fixes
      [#1977])
    - Adding support for additional chars in LDAP usernames (fixes
      [#1941])
    - Ignore multiple "If-None-Match" headers (only use first one,
      fixes #753)
    - Fix 100% cpu usage if time() < 0 (thx to gaspa and cate, fixes
      [#1964])
    - Allow max-keep-alive-requests to depend on conditional (fixes
      [#1881])
    - Make dependency on svnversion/git optional (for devel
      versionstamp, fixes #2009)
* Mon Mar 09 2009 mrueckert@suse.de
  - update to 1.4.22
    - Fix wrong lua type for CACHE_MISS/CACHE_HIT in mod_cml (fixes
      [#533])
    - Fix default vhost in mod_simple_vhost (fixes #1905)
    - Handle EINTR in mod_rrdtool (fixes #604)
    - Fix rrd error after graceful restart (fixes #419)
    - Fix EAGAIN handling for freebsd sendfile (fixes #1913, thx
      AnMaster for spotting the problem)
    - Fix segfault in mod_scgi (fixes #1911)
    - Treat EPIPE as connection-closed error in
      network_freebsd_sendfile.c (another fix from #1913)
    - Fix useless redirection of stderr in mod_rrdtool, as it gets
      redirected to /dev/null later. (fixes #1922)
    - Fix some problems with more strict compilers (#1923)
    - Fix segfault if siginfo_t* is NULL in sigaction handler (fixes
      [#1926])
  - dropped lighttpd-1.4.x_fix_mod_simple_vhost_mod_cml.patch:
    included in update

Files

/etc/lighttpd/conf.d/magnet.conf
/usr/lib/lighttpd/mod_magnet.so
/usr/share/doc/packages/lighttpd-mod_magnet
/usr/share/doc/packages/lighttpd-mod_magnet/magnet.txt


Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Sep 15 23:09:45 2014