Overview Repositories Revisions Requests Users Attributes Meta

Revisions of apache2

Elisei Roca's avatar Elisei Roca (eroca) committed (revision 5) 
- Add patches to improve FIPS compatibility (bsc#1220681):
  * apache2-fips-compatibility-01.patch
  * apache2-fips-compatibility-02.patch
  * apache2-fips-compatibility-03.patch
Marcus Rueckert's avatar Marcus Rueckert (darix) committed (revision 4) 
- SLE-only: forward-port compatibility symlinks (e.g. httpd2-prefork,
  apache2ctl, htpasswd2) change, including the relative
  manpages (bsc#1221880)
Ruediger Oertel's avatar Ruediger Oertel (oertel) committed (revision 3) 
Update apache2 to 2.4.58 (jsc#PED-6739, bsc#1220681)


The changelog has been synced with Factory's to ease updates.


The changelog sync drops the following patch references:
* httpd-OpenSSL-3.patch (bsc#1217722, jsc#PED-6570, not needed in the Factory version)
* apache2-CVE-2023-31122.patch (CVE-2023-31122, bsc#1216424, fixed in 2.4.58)
* apache2-bsc1214357-mod_proxy_http2_apply-standard-content-type.patch (bsc#1214357, fixed in 2.4.55)
* apache2-core-mpm-add-hook-child_stopped-that-gets-called-whe.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-core-prefork-run-new-hook-child_stopped-only-on-clea.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-mod_watchdog-add-assertions-to-cleanup-code.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-mod_watchdog-do-not-call-a-watchdog-instance-for.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-mod_watchdog-replace-the-new-volatile-with-atomic-ac.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-mod_watchdog-use-hook-child_stopping-to-signal-watch.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-mod_watchdog-use-the-child_stopping-and-child_stoppe.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-mpm-winnt-add-running-the-child_stopping-hook.patch (SG#65054, bsc#1207399, fixed in 2.4.49)
* apache2-CVE-2023-27522.patch (CVE-2023-27522, bsc#1209049, fixed in 2.4.56)
* apache2-CVE-2023-25690.patch (CVE-2023-25690, bsc#1209047, fixed in 2.4.56)
* bsc1207327-fix-mod_proxy-handling-long-urls.patch (bsc#1207327, fixed in 2.4.53)
* apache2-bsc1207327-fix-mod_proxy-handling-long-urls.patch (bsc#1207327, fixed in 2.4.53)
* apache2-bsc1208708-fix-passing-health-check-recover-worker-from-error-state.patch (bsc#1208708, fixed in 2.4.55)
* apache2-CVE-2022-37436.patch (CVE-2022-37436, bsc#1207251, fixed in 2.4.55)
* apache2-CVE-2022-36760.patch (CVE-2022-36760, bsc#1207250, fixed in 2.4.55)
* apache2-CVE-2006-20001.patch (CVE-2006-20001, bsc#1207247, fixed in 2.4.55)
* apache2-CVE-2022-26377.patch (CVE-2022-26377, bsc#1200338, fixed in 2.4.54)
* apache2-CVE-2022-28614.patch (CVE-2022-28614, bsc#1200340, fixed in 2.4.54)
* apache2-CVE-2022-28615.patch (CVE-2022-28615, bsc#1200341, fixed in 2.4.54)
* apache2-CVE-2022-29404.patch (CVE-2022-29404, bsc#1200345, fixed in 2.4.54)
* apache2-CVE-2022-30556.patch (CVE-2022-30556, bsc#1200350, fixed in 2.4.54)
* apache2-CVE-2022-30522.patch (CVE-2022-30522, bsc#1200352, fixed in 2.4.54)
* apache2-CVE-2022-31813.patch (CVE-2022-31813, bsc#1200348, fixed in 2.4.54)
* apache2-CVE-2022-23943.patch (CVE-2022-23943, bsc#1197098, bsc#1197095, fixed in 2.4.53)
* apache2-CVE-2022-22720.patch (CVE-2022-22720, bsc#1197095, fixed in 2.4.53)
* apache2-CVE-2022-22719.patch (CVE-2022-22719, bsc#1197091, fixed in 2.4.53)
* apache2-CVE-2022-22721.patch (CVE-2022-22721, bsc#1197096, fixed in 2.4.53)
* apache2-CVE-2021-44224.patch (CVE-2021-44224, boo#1193943, fixed in 2.4.52)
* apache2-CVE-2021-44790.patch (CVE-2021-44790, boo#1193942, fixed in 2.4.52)
* apache2-CVE-2020-11984.patch (CVE-2020-11984, bsc#1175074, upstreamed, fixed in 2.4.50)
* apache2-CVE-2020-13950.patch (CVE-2020-13950, bsc#1187040, upstreamed, fixed in 2.4.50)
* apache2-CVE-2020-35452.patch (CVE-2020-35452, bsc#1186922, upstreamed, fixed in 2.4.50)
* apache2-CVE-2021-26690.patch (bsc#1186923, upstreamed, fixed in 2.4.50)
* apache2-CVE-2021-26691.patch (bsc#1187017, upstreamed, fixed in 2.4.50)
* apache2-CVE-2021-30641.patch (bsc#1187174, upstreamed, fixed in 2.4.50)
* apache2-CVE-2021-31618.patch (bsc#1186924, upstreamed, fixed in 2.4.50)
* apache2-CVE-2021-33193.patch (bsc#1189387, upstreamed, fixed in 2.4.50)
* apache2-mod_proxy_uwsgi-fix-crash.patch (upstreamed, fixed in 2.4.50)
* apache2-mod_http2-1.15.14.patch (CVE-2020-11993, CVE-2020-9490, bsc#1175070, bsc#1175071, upstreamed, fixed in 2.4.50)


The following bug references have been dropped:
* bsc#1164820, SLE-7472 (already fixed in the Factory version)

The following CVE references have been dropped:
* CVE-2021-34798 (fixed in 2.4.50)
* CVE-2021-36160 (fixed in 2.4.50)
* CVE-2021-39275 (fixe
Ruediger Oertel's avatar Ruediger Oertel (oertel) committed (revision 2) 
bsc#1217722 jsc#PED-6570 Fix for the OpenSSL 3.2 series to be tested in SUSE:SLE-15-SP6:GA:Staging:E
Ruediger Oertel's avatar Ruediger Oertel (oertel) committed (revision 1) 
initialize package
Displaying all 5 revisions
openSUSE Build Service is sponsored by
Places