File apache2-mod_jk.changes of Package apache2-mod_jk.9478

-------------------------------------------------------------------
Thu Nov 15 12:51:40 UTC 2018 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>

- Security fix: [bsc#1114612, CVE-2018-11759]
  * connector path traversal due to mishandled HTTP requests in httpd
  * Added patches:
    - apache2-mod_jk-1.2.43-lb_retries.patch (to introduce lb_retries)
    - apache2-mod_jk-1.2.43-CVE-2018-11759.patch

-------------------------------------------------------------------
Thu Mar 15 16:13:18 UTC 2018 - pmonrealgonzalez@suse.com

- Update to version 1.2.43 [bsc#1085220, CVE-2018-1323]
  * LB: Propagate load factor changes applied by the status worker
        to a load balancer sub worker correctly to all processes.
  * ISAPI: Align the make files for 32-bit and 64-bit builds.
  * Update config.guess and config.sub
  * Update PCRE bundled with the ISAPI redirector to 8.41.
  * Update the ISAPI redirector installation documentation to
    reflect the currently supported versions of Windows.
  * Align the normalization performed by the ISAPI redirector with
    that implemented by Tomcat.

-------------------------------------------------------------------
Tue Feb 13 14:33:08 UTC 2018 - tchvatal@suse.com

- Disable tests for now as the default profile is not working
  properly to load up and upstream should update the sample

-------------------------------------------------------------------
Thu Feb  1 12:55:38 UTC 2018 - tchvatal@suse.com

- Version update to 1.2.42:
  * Many small fixes
  * Optimalization for new gccs
  * Minor code cleanups

-------------------------------------------------------------------
Sat May 20 19:08:36 UTC 2017 - tchvatal@suse.com

- Just depend on java-devel

-------------------------------------------------------------------
Wed Jan 20 09:38:37 UTC 2016 - tchvatal@suse.com

- Version update to 1.2.41:
  * remove merged patch apache2-mod_jk-CVE-2014-8111.patch
  * many small bugfixes all around:
    + http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

-------------------------------------------------------------------
Wed Sep  9 11:26:17 UTC 2015 - pgajdos@suse.com

- test package with %apache_test_module_load

-------------------------------------------------------------------
Thu Jul 16 07:22:02 UTC 2015 - pgajdos@suse.com

- Requries: %{apache_suse_maintenance_mmn}
  This will pull this module to the update (in released distribution) 
  when apache maintainer thinks it is good (due api/abi changes).

-------------------------------------------------------------------
Thu Jun  4 12:00:03 UTC 2015 - tchvatal@suse.com

- Apply patch to fix bnc#927845 CVE-2014-8111 VUL-1: apache2-mod_jk: Tomcat
  mod_jk information leak due to incorrect JkMount/JkUnmount directives
  processing:
  * apache2-mod_jk-CVE-2014-8111.patch

-------------------------------------------------------------------
Thu Jun  4 11:27:13 UTC 2015 - pgajdos@suse.com

- access configuration conditional in jk.conf example

-------------------------------------------------------------------
Wed Mar 18 10:25:18 UTC 2015 - tchvatal@suse.com

- Drop the asc again to make dimstar happy

-------------------------------------------------------------------
Fri Mar 13 12:12:03 UTC 2015 - tchvatal@suse.com

- Add asc signature file.
- Fix URL for homepage

-------------------------------------------------------------------
Mon Nov 24 15:32:23 UTC 2014 - pgajdos@suse.com

- fix tomcat paths in jk.conf [bnc#742618]

-------------------------------------------------------------------
Mon Nov  3 07:43:17 UTC 2014 - pgajdos@suse.com

- use apache rpm macros

-------------------------------------------------------------------
Mon Jun  2 13:05:55 UTC 2014 - tchvatal@suse.com

- Cleanup with spec-cleaner

-------------------------------------------------------------------
Mon Jun  2 12:56:42 UTC 2014 - tchvatal@suse.com

- Version bump to 1.2.40 fixes bnc#880798:
 * Fix forwarding of chunked requests, which is broken in version 1.2.39. (rjung)
 * 56352: Fix regression in memory release. (mturk)
 * Fix status worker display of worker IP address after name or port was changed. (rjung)
 * 56297: Improve key hash function. Copied from APR. (rjung)
 * 55683: Remove quotes from quoted session cookies. (rjung)
 * 53542: ISAPI: Fix grammar in 503 error page. (rjung)
 * 55696: Crash on Mac OS X 10.9 during config parsing. (rjung)
 * Deprecate nt_service from Tomcat Connectors. (mturk)
 * 56133: Fix possible crash when a request fails during request body transfer to the back end and reply_timeout was set. Patch contributed by Hiroto Shimizu. (rjung)
 * Fix status worker not updating parameters for all members. (mturk)
 * 55853: HTTPD: Use the correct API for setting Content-Length. Patch contributed by areese yahoo-inc.com. (rjung)
 * Add IPV6 support for connection to webserver. New directive prefer_ipv6 has been added to control the hostname resolution and preserve backward compatibility. (mturk)
 * Add --disable-sock-cloexec to configure to disable use of SOCK_CLOEXEC (using FD_CLOEXEC + fnctl instead) so built modules will work with Linux kernels prior to 2.6.27. (timw)
 * Clean up config file parsing. Worker names are now restricted to 60 bytes. (rjung)
 * Allow to set a stickyness cookie in case a web framework breaks Tomcat's adding of the routing ID to the end of the JSESSIONID cookie. (rjung)
 * Use max_packet_size also for request body forwarding. (rjung)
 * Apache 2.4: By default forward logical client address as provided by mod_remoteip. When setting JkOptions ForwardPhysicalAddress mod_jk will instead forward the physical peer address. (rjung)
 * Minor documentation improvements. (rjung)  

-------------------------------------------------------------------
Mon Jan 28 19:37:34 UTC 2013 - dimstar@opensuse.org

- Update to version 1.2.37:
  + Fix compatibility with apache 2.4
- Introduce apxs variable, based on apache_branch. With apache 2.4,
  apxs2 moved from %{_sbindir} to %{_bindir}.

-------------------------------------------------------------------
Sat Sep 17 11:16:45 UTC 2011 - jengelh@medozas.de

- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build

-------------------------------------------------------------------
Tue Jun  7 15:06:47 UTC 2011 - vlado.paskov@gmail.com

- Update of README.SUSE file: now reflects configuration steps for 
  mod_jk with tomcat6 server. It was refering tomcat5 configuration.

-------------------------------------------------------------------
Tue Aug  3 13:01:34 UTC 2010 - gaboo@gaboo.org

- Update to version 1.2.30
  * Apache: Improve compatibility with Apache 2.3. (rjung)
  * AJP: Improve socket shutdown handling. (mturk)
  * AJP: Ensure we never reuse a non reusable socket. (mturk)
  * AJP: Tolerate a single excess packet when waiting for cpong. (mturk)
  * AJP: Check protocol correctness more strictly. (mturk)
  * other bug fixes and improvements
  * http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

-------------------------------------------------------------------
Tue Oct 13 06:52:58 UTC 2009 - mvyskocil@suse.cz

- bnc#493575 - VUL-1: apache2-mod_jk: mod_jk information leak
  added jakarta-tomcat-connectors-4.1.30-src-CVE-2008-5519.patch
  http://svn.eu.apache.org/viewvc?view=rev&revision=702540

-------------------------------------------------------------------
Thu Sep 11 15:23:18 CEST 2008 - skh@suse.de

- update to version 1.2.26
- full changelog at
  http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

-------------------------------------------------------------------
Mon Mar  5 14:57:06 CET 2007 - skh@suse.de

- update to version 1.2.21 (fix CVE-2007-0774: Long URL Stack Overflow
  Vulnerability, b.n.c. #248157)

-------------------------------------------------------------------
Wed Jan 17 13:48:16 CET 2007 - skh@suse.de

- update to newer (sic!) version 1.2.20
- remove apache13 cruft from spec file and patches

-------------------------------------------------------------------
Mon Oct 23 13:47:07 CEST 2006 - poeml@suse.de

- rename from mod_jk (name of source rpm) resp. mod_jk-ap20 (name
  of binary rpm) to apache2-mod_jk

-------------------------------------------------------------------
Tue Feb  7 14:27:23 CET 2006 - poeml@suse.de

- remove apr_sockaddr_port_get() call which is obsolete in libapr 1
- fix missing include
- bzip2 the source tarball

-------------------------------------------------------------------
Mon Jan 30 14:04:04 CET 2006 - poeml@suse.de

- removed libapr-util1-devel from BuildRequires (apache2-devel does
  require it)                                                                                                                                          

-------------------------------------------------------------------
Wed Jan 25 21:38:21 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Mon Jan 23 11:29:47 CET 2006 - poeml@suse.de

- make the package depend on the apache module API version

-------------------------------------------------------------------
Thu Jan 19 13:13:15 CET 2006 - cthiel@suse.de

- removed unneeded sources
  * apr-util-0.9.4.tar.gz 
  * apr_20030819101622.tar.bz2
  * apr_20030819101622-apache2_cflags.patch
  * apr_20030819101622.patch
- fixed build

-------------------------------------------------------------------
Tue Nov  8 14:10:56 CET 2005 - dmueller@suse.de

- don't build as root 

-------------------------------------------------------------------
Wed Sep 29 16:57:44 CEST 2004 - skh@suse.de

- Added better documentation and sample configuration (#46081)

-------------------------------------------------------------------
Mon Sep 13 16:08:02 CEST 2004 - skh@suse.de

- First separate package (no longer a subpackage of tomcat)
- Switch to JPackage package layout, but keep newer version 4.1.30 from
  former package apache2-jakarta-tomcat-connectors