diff --git a/httpd.conf b/httpd.conf index 507e2cc..667160a 100644 --- a/httpd.conf +++ b/httpd.conf @@ -346,7 +346,7 @@ DocumentRoot "/var/www/html" # Disable autoindex for the root directory, and present a # default Welcome page if no other index page is present. # - + Options -Indexes ErrorDocument 403 /error/noindex.html diff --git a/httpd.spec b/httpd.spec index 1c4c955..f4fb495 100644 --- a/httpd.spec +++ b/httpd.spec @@ -7,12 +7,10 @@ %define debug_package %{nil} %endif -ExcludeArch: s390x - Summary: Apache HTTP Server Name: httpd Version: 2.0.40 -Release: 21.5 +Release: 21.7 URL: http://httpd.apache.org/ Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz Source1: index.html @@ -45,6 +43,8 @@ Patch28: httpd-2.0.40-stream.patch Patch29: httpd-2.0.40-subreq.patch Patch30: httpd-2.0.40-sslexcl.patch Patch31: httpd-2.0.40-include.patch +Patch32: httpd-2.0.46-graceful.patch +Patch33: httpd-2.0.40-rand.patch # features/functional changes Patch40: httpd-2.0.36-cnfdir.patch Patch41: httpd-2.0.36-redhat.patch @@ -65,6 +65,8 @@ Patch68: httpd-2.0.40-CAN-2003-0192.patch Patch69: httpd-2.0.40-CAN-2003-0253.patch Patch70: httpd-2.0.40-CAN-2003-0254.patch Patch71: httpd-2.0.40-VU379828.patch +Patch72: httpd-2.0.40-CAN-2003-0542.patch +Patch73: httpd-2.0.40-CAN-2003-0789.patch License: Apache Software License Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-root @@ -137,6 +139,8 @@ Security (TLS) protocols. %patch29 -p1 -b .subreq %patch30 -p1 -b .sslexcl %patch31 -p1 -b .include +%patch32 -p1 -b .graceful +%patch33 -p1 -b .rand %patch40 -p0 -b .cnfdir %patch41 -p0 -b .redhat @@ -158,6 +162,8 @@ Security (TLS) protocols. %patch69 -p1 -b .can0253 %patch70 -p1 -b .can0254 %patch71 -p1 -b .vu379828 +%patch72 -p1 -b .can0542 +%patch73 -p1 -b .can0789 # Safety check: prevent build if defined MMN does not equal upstream MMN. vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include \`pwd\`/include/ap_mmn.h | grep -v '#'` @@ -183,16 +189,15 @@ fi xmlto --skip-validation -x $RPM_SOURCE_DIR/html.xsl html-nochunks $RPM_SOURCE_DIR/migration.xml cp $RPM_SOURCE_DIR/migration.css . # make %%doc happy +CFLAGS="$RPM_OPT_FLAGS -DSSL_EXPERIMENTAL_ENGINE" if pkg-config openssl ; then # configure -C barfs with trailing spaces in CFLAGS - CFLAGS="$RPM_OPT_FLAGS `pkg-config --cflags openssl | sed 's/ *$//'`" + CFLAGS="$CFLAGS `pkg-config --cflags openssl | sed 's/ *$//'`" AP_LIBS="$AP_LIBS `pkg-config --libs openssl`" else - CFLAGS="$RPM_OPT_FLAGS" AP_LIBS="-lssl -lcrypto" fi -export CFLAGS -export AP_LIBS +export CFLAGS AP_LIBS function mpmbuild() { @@ -220,6 +225,7 @@ EOF --with-suexec-logfile=%{_localstatedir}/log/httpd/suexec.log \ --with-suexec-bin=%{_sbindir}/suexec \ --with-suexec-uidmin=500 --with-suexec-gidmin=500 \ + --with-devrandom=/dev/urandom \ $* make %{?_smp_mflags} @@ -503,6 +509,15 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/httpd/build/libtool %changelog +* Tue Oct 28 2003 Joe Orton 2.0.40-21.7 +- add security fixes for CVE CAN-2003-0542, CAN-2003-0789 +- return test page for "/+" in default httpd.conf +- add bug fixes for #103049, #105725, #106454, #106858 +- further fixes for CGI regressions in -21.5 (#103744) + +* Thu Sep 11 2003 Joe Orton 2.0.40-21.6 +- fix for streaming CGIs (#103744) + * Thu Jul 31 2003 Joe Orton 2.0.40-21.5 - fix EXTRA_INCLUDES for #92313 - add mod_include fixes from upstream