Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: varnish | Distribution: SUSE Linux Enterprise 15 SP6 |
Version: 7.4.1 | Vendor: openSUSE |
Release: bp156.1.3 | Build date: Tue May 14 06:10:48 2024 |
Group: Productivity/Networking/Web/Proxy | Build host: s390zl21 |
Size: 3163410 | Source RPM: varnish-7.4.1-bp156.1.3.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://varnish-cache.org/ | |
Summary: Accelerator for HTTP services |
Varnish is an HTTP accelerator. Often called Reverse Proxy, it is an application that stores (caches) documents that have been requested over the HTTP protocol. Based on certain criteria, the next client requesting the document is either given the cached document, or a "fresh" document requested from a backend server. The purpose of this is to minimize the requests going to the backend server(s) by serving the same document to potentially many users.
BSD-2-Clause
* Thu Sep 21 2023 Jan Engelhardt <jengelh@inai.de> - Update to release 7.4.1 * Response status codes other than 200 and 204 are now considered errors for ESI fragments. * Support for abstract AF_LOCAL sockets. * HTTP/2 header field validation is now more strict with respect to allowed characters. * VCL tracing now needs to be explicitly activated by setting the req.trace or bereq.trace VCL variables. * Wed Nov 09 2022 Jan Engelhardt <jengelh@inai.de> - Update to release 7.2.1 * Attempts to mark well-known headers like Content-Length and Host hop-by-hop through a Connection-header will now cause a 400 "Bad request" response. (VSV00010, CVE-2022-45059, boo#1205243) * Apply the same character set rules to HTTP/2 pseudo-headers as is done on the corresponding HTTP/1 request-line field parsing. (VSV00011, CVE-2022-45060, boo#1205242) * Sat Oct 29 2022 Dirk Müller <dmueller@suse.com> - update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semicolon at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure. * New "B" string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The new ``vcc_feature`` bits parameter replaces previous ``vcc_*`` boolean parameters. The latter still exist as deprecated aliases. * The ``-k`` option from ``varnishlog`` is now supported by ``varnishncsa``. * New functions ``std.now()`` and ``std.timed_call()`` in vmod_std. * New ``MAIN.shm_bytes`` counter. * A ``req.http.via`` header is set before entering ``vcl_recv``. Via headers are generated using the ``server.identity`` value. It defaults to the host name and can be turned into a pseudonym with the ``varnishd -i`` option. Via headers are appended in both directions, to work with other hops that may advertise themselves. * A ``resp.http.via`` header is no longer overwritten by varnish, but rather appended to. * The ``server.identity`` syntax is now limited to a "token" as defined in the HTTP grammar to be suitable for Via headers. * In ``varnishtest`` a Varnish instance will use its VTC instance name as its instance name (``varnishd -i``) by default for predictable Via headers in test cases. * VMOD and VEXT authors can use functions from ``vnum.h``. * Do not filter pseudo-headers as regular headers. * The termination rules for ``WRK_BgThread()`` were relaxed to allow VMODs to use it. * ``(struct worker).handling`` has been moved to the newly introduced ``struct wrk_vpi`` and replaced by a pointer to it, as well as ``(struct vrt_ctx).handling`` has been replaced by that pointer. ``struct wrk_vpi`` is for state at the interface between VRT and VGC and, in particular, is not const as ``struct vrt_ctx`` aka ``VRT_CTX``. * Panics now contain information about VCL source files and lines. * The ``Begin`` log record has a 4th field for subtasks like ESI sub-requests. * The ``-E`` option for log utilities now works as documented, with any type of sub-task based on the ``Begin[4]`` field. This covers ESI like before, and sub-tasks spawned by VMODs (provided that they log the new field). * No more ``req.http.transfer-encoding`` for ESI sub-requests. * The thread pool reserve is now limited to tasks that can be queued. A backend background fetch is no longer eligible for queueing. It would otherwise slow a grace hit down significantly when thread pools are saturated. * The unused ``fetch_no_thread`` counter was renamed to ``bgfetch_no_thread`` because regular backend fetch tasks are always scheduled. * The macros ``FEATURE()``, ``EXPERIMENT()``, ``DO_DEBUG()``, ``MGT_FEATURE()``, ``MGT_EXPERIMENT()``, ``MGT_DO_DEBUG()`` and ``MGT_VCC_FEATURE()`` now return a boolean value (``0`` or ``1``) instead of the (private) flag value. * A regression in the transport code led MAIN.client_req to be incremented for requests coming back from the waiting list, it was fixed. - Delete varnish-5.1.2-add-fallthrough-comments.patch * Wed Sep 21 2022 Bernhard Wiedemann <bwiedemann@suse.com> - Make reload fail nicely on vcl syntax error - Set TasksMax=16384 because default thread_pool_max is 5000 * Mon Sep 19 2022 Bernhard Wiedemann <bwiedemann@suse.com> - Fix varnish.service stop * Sun Sep 18 2022 Bernhard Wiedemann <bwiedemann@suse.com> - Fix logrotate - Add service reload * Fri Aug 12 2022 Jan Engelhardt <jengelh@inai.de> - Update to release 7.1.1 [boo#1202350] [CVE-2022-38150] * Resolve a denial of service attack involving reason phrases. * Mon May 16 2022 Jan Engelhardt <jengelh@inai.de> - Update to release 7.1.0 [boo#1195188] [CVE-2022-23959] * VCL: It is now possible to assign a BLOB value to a BODY variable, in addition to STRING as before. * VMOD: New STRING strftime(TIME time, STRING format) function for UTC formatting. * Wed Dec 01 2021 Johannes Segitz <jsegitz@suse.com> - Added hardening to systemd service(s) (bsc#1181400). Modified: * varnish.service * varnishlog.service * Fri Aug 06 2021 Jan Engelhardt <jengelh@inai.de> - Update to release 6.6.1 * Fix an HTTP/2.0 request smuggling vulnerability. [bnc#1188470] * Sun Jul 04 2021 Dirk Müller <dmueller@suse.com> - update to 6.6.0: * The ban_cutoff parameter now refers to the overall length of the ban list, including completed bans, where before only non-completed (“active”) bans were counted towards ban_cutoff. * Body bytes accounting has been fixed to always represent the number of body bytes moved on the wire, exclusive of protocol-specific overhead like HTTP/1 chunked encoding or HTTP/2 framing. * The connection close reason has been fixed to properly report SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported. * Unless the new validate_headers feature is disabled, all newly set headers are now validated to contain only characters allowed by RFC7230. * The filter_re, keep_re and get_re functions from the bundled cookie vmod have been changed to take the VCL_REGEX type. This implies that their regular expression arguments now need to be literal, not e.g. string. * The interface for private pointers in VMODs has been changed, the VRT backend interface has been changed, many filter (VDP/VFP) related signatures have been changed, and the stevedore API has been changed. (Details thereto, see online changelog.) * Fri Oct 02 2020 Jan Engelhardt <jengelh@inai.de> - Update to release 6.5.1 * Bump the VRT_MAJOR_VERSION number defined in the vrt.h * Thu Sep 17 2020 Jan Engelhardt <jengelh@inai.de> - Update to release 6.5.0 * `PRIV_TOP` is now thread-safe to support parallel ESI implementations. * varnishstat's JSON output format (-j option) has been changed. * Behavior for 304-type responses was changed not to update the Content-Encoding response header of the stored object. * Tue Jun 23 2020 Jan Engelhardt <jengelh@inai.de> - Disable LTO, this randomly fails during link stage. * Tue Jun 09 2020 Jan Engelhardt <jengelh@inai.de> - Update Git-Web repository link - Set CFLAGS+=-fcommon. * Tue Mar 17 2020 Jan Engelhardt <jengelh@inai.de> - Update to release 6.4.0 * The MAIN.sess_drop counter is gone. * backend "none" was added for "no backend". * The hash algorithm of the hash director was changed, so backend selection will change once only when upgrading. * It is now possible for VMOD authors to customize the connection pooling of a dynamic backend. * For more, see changes.rst. * Tue Feb 25 2020 Jan Engelhardt <jengelh@inai.de> - Update to release 6.3.2 * Fix a denial of service vulnerability when using the proxy protocol version 2. * Tue Sep 17 2019 Jan Engelhardt <jengelh@inai.de> - Update to release 6.3.0 * The Host: header is folded to lower-case in the builtin_vcl. * Improved performance of shared memory statistics counters. * Synthetic objects created from vcl_backend_error {} now replace existing stale objects as ordinary backend fetches would (for details see changes.rst) * Wed Sep 04 2019 Jan Engelhardt <jengelh@inai.de> - Update to release 6.2.1 * Bugfix for CVE-2019-15892 [boo#1149382] * Mon Aug 26 2019 Jan Engelhardt <jengelh@inai.de> - Add uninit.patch. * Wed Mar 27 2019 Samu Voutilainen <smar@smar.fi> - Updated to 6.2.0 * Added a thread pool watchdog which will restart the worker process if scheduling tasks onto worker threads appears stuck. The new parameter "thread_pool_watchdog" configures it. - Disabled error for clobbering, which caused bogus error in varnishtest * Wed May 02 2018 jengelh@inai.de - Put %fillup back into %post * Mon Mar 19 2018 jengelh@inai.de - Update to new upstream release 6.0.0 * Added support for Unix Domain Sockets, both for clients and for backend servers. This brings a new level of the VCL language, version 4.1. * Always use HTTP/1.1 on backend connections for pass fetch. * Thu Nov 23 2017 rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) * Fri Jun 23 2017 antoine.belvire@opensuse.org - Update to version 5.1.2: * Fix an endless loop in Backend Polling (#2295) * Fix a Chunked bug in tight workspaces (#2207, #2275) * Fix a bug relating to req.body when on waitinglist (#2266) * Handle EPIPE on broken TCP connections (#2267) * Work around the x86 arch's turbo-double FP format in parameter setup code. (#1875) * Fix race related to backend probe with proxy header (#2278) * Keep VCL temperature consistent between mgt/worker also when worker protests. * A lot of HTTP/2 fixes. - Changes introduced by version 5.1.1: * Fix bug introduced by stubborn old bugger right before release 5.1.0 was cut. - Changes introduced by version 5.1.0: * Added varnishd command-line options -I, -x and -?, and tightened restrictions on permitted combinations of options. * More progress on support for HTTP/2. * Add ``return(fail)`` to almost all VCL subroutines. * Restored the old hit-for-pass, invoked with ``return(pass(DURATION))`` from ``vcl_backend_response``. hit-for-miss remains the default. Added the cache_hitmiss stat, and cache_hitpass only counts the new/old hit-for-pass cases. Restored HitPass to the Varnish log, and added HitMiss. Added the HFP prefix to TTL log entries to log a hit-for-pass duration. * Rolled back the fix for #1206. Client delivery decides solely whether to send a 304 client response, based on client request and response headers. * Added vtest.sh. * Added vxid as a lefthand side for VSL queries. * Added the setenv and write_body commands for Varnish test cases (VTCs). err_shell is deprecated. Also added the operators - cliexpect, -match and -hdrlen, and -reason replaces -msg. Added the ${bad_backend} macro. * varnishtest can be stopped with the TERM, INT and KILL signals, but not with HUP. * The fallback director has now an extra, optional parameter to keep using the current backend until it falls sick. * VMOD shared libraries are now copied to the workdir, to avoid problems when VMODs are updated via packaging systems. * Bump the VRT version to 6.0. * Export more symbols from libvarnishapi.so. * The size of the VSL log is limited to 4G-1b, placing upper bounds on the -l option and the vsl_space and vsm_space parameters. * Added parameters clock_step, thread_pool_reserve and ban_cutoff. * Parameters vcl_dir and vmod_dir are deprecated, use vcl_path and vmod_path instead. * All parameters are defined, even on platforms that don't support them. An unsupported parameter is documented as such in param.show. Setting such a parameter is not an error, but has no effect. * Clarified the interpretations of the + and - operators in VCL with operands of the various data types. * DURATION types may be used in boolean contexts. * INT, DURATION and REAL values can now be negative. * Response codes 1000 or greater may now be set in VCL internally. resp.status is delivered modulo 1000 in client responses. * IP addresses can be compared for equality in VCL. * Introduce the STEVEDORE data type, and the objects storage.SNAME in VCL. Added req.storage and beresp.storage; beresp.storage_hint is deprecated. * Retired the umem stevedore. * req.ttl is deprecated. * Added std.getenv() and std.late_100_continue(). * The fetch_failed stat is incremented for any kind of fetch failure. * Added the stats n_test_gunzip and bans_lurker_obj_killed_cutoff. * Clarified the meanings of the %r, %{X}i and %{X}o formatters in varnishncsa. - Add varnish-5.1.2-add-fallthrough-comments.patch to fix build with GCC 7 (boo#1041259). * Tue May 16 2017 dimstar@opensuse.org - BuildRequire python3-docutils instead of python-docutils. * Sun Sep 25 2016 jengelh@inai.de - Update to new upstream release 5.0.0 - The varnishd "-u NNN" option, which may be remaining in /etc/sysconfig/varnish, has been replaced with "-j unix,user=NNN". * Varnish 5.0 changes some (mostly) internal APIs and adds some major new features over Varnish 4.1. * 5.0 supports jumping from the active VCL's vcl_recv{} to another VCL via a VCL label. * Very Experimental HTTP/2 support * We have added to the "directors" VMOD — an overhauled version of a director which was available as an out-of-tree VMOD under the name VSLP for a couple of years. It is basically a better hash director which uses consistent hashing to provide improved stability of backend node selection when the configuration and/or health state of backends changes. * Hit-For-Pass is now actually Hit-For-Miss * We have made the ban lurker even more efficient by example of some real live situations with tens of thousands of bans using inefficient regular expressions. * The waitinglist logic for ESI subrequests now uses condition variables to trigger immediate continuation of ESI processing when an object being waited for becomes available. * Backend PROXY protocol requests are now supported through the .proxy_header attribute of the backend definition. * VCL files are now also being searched for in /usr/share/varnish/vcl if not found in /etc/varnish. * The basic device detection vcl is now bundled with varnish. * Thu Aug 18 2016 dimstar@opensuse.org - Add "-ffloat-store -fexcess-precision=standard" to CFLAGS when building for ix86, working around bug gcc#323. See also gh#varnish/Varnish-Cache#88. * Fri Apr 22 2016 jengelh@inai.de - Update to new upstream release 4.1.2 * vmods: Passing VCL ACL to a vmod is now possible. * vmods: VRT_MINOR_VERSION increase due to new function: VRT_acl_match() * Be stricter when parsing a HTTP request to avoid potential HTTP smuggling attacks against vulnerable backends. * Tue Mar 08 2016 jengelh@inai.de - Report testsuite failure to build log and make testsuite nonfatal as there seems to be one swaying test, tests/r01478.vtc. * Tue Feb 16 2016 eshmarnev@suse.com - disable silent rules in spec file. - enable testsuite for varnish. * Tue Feb 16 2016 eshmarnev@suse.com - Update to new upstream release 4.1.1 * Improved security features (jails). * Support for PROXY protocol. * Warm and cold VCL states. * Backends defined through VMODs. * A lot of bugs were fixed. - Delete 0001-Fail-fetch-on-malformed-Content-Length-header.patch, this issue was fixed in upstream. - Add 'su varnish varnish' line to varnish.logrotate file. - Cleanup with spec-cleaner. * Fri Mar 27 2015 jengelh@inai.de - Update to new upstream release 4.0.3 * Full support for streaming objects through from the backend on a cache miss. Bytes will be sent to 1..n requesting clients as they come in from the backend server. * Background (re)fetch of expired objects. On a cache miss where a stale copy is available, serve the client the stale copy while fetching an updated copy from the backend in the background. * New varnishlog query language, allowing automatic grouping of requests when debugging ESI or a failed backend request. * Comprehensive request timestamp and byte counters. - Add 0001-Fail-fetch-on-malformed-Content-Length-header.patch [bnc#921316]
/etc/logrotate.d/varnish /etc/varnish /etc/varnish/vcl.conf /usr/lib/systemd/system/varnish.service /usr/lib/systemd/system/varnishlog.service /usr/lib64/varnish /usr/lib64/varnish/vmods /usr/lib64/varnish/vmods/libvmod_blob.so /usr/lib64/varnish/vmods/libvmod_cookie.so /usr/lib64/varnish/vmods/libvmod_debug.so /usr/lib64/varnish/vmods/libvmod_directors.so /usr/lib64/varnish/vmods/libvmod_proxy.so /usr/lib64/varnish/vmods/libvmod_purge.so /usr/lib64/varnish/vmods/libvmod_std.so /usr/lib64/varnish/vmods/libvmod_unix.so /usr/lib64/varnish/vmods/libvmod_vtc.so /usr/sbin/rcvarnish /usr/sbin/rcvarnishlog /usr/sbin/varnish_reload_vcl /usr/sbin/varnishadm /usr/sbin/varnishd /usr/sbin/varnishhist /usr/sbin/varnishlog /usr/sbin/varnishncsa /usr/sbin/varnishstat /usr/sbin/varnishstat_help_gen /usr/sbin/varnishtest /usr/sbin/varnishtop /usr/share/doc/packages/varnish /usr/share/doc/packages/varnish/LICENSE /usr/share/doc/packages/varnish/README.rst /usr/share/doc/packages/varnish/builtin.vcl /usr/share/doc/packages/varnish/changes.rst /usr/share/doc/packages/varnish/example.vcl /usr/share/fillup-templates/sysconfig.varnish /usr/share/man/man1/varnishadm.1.gz /usr/share/man/man1/varnishd.1.gz /usr/share/man/man1/varnishhist.1.gz /usr/share/man/man1/varnishlog.1.gz /usr/share/man/man1/varnishncsa.1.gz /usr/share/man/man1/varnishstat.1.gz /usr/share/man/man1/varnishtest.1.gz /usr/share/man/man1/varnishtop.1.gz /usr/share/man/man3/vmod_blob.3.gz /usr/share/man/man3/vmod_cookie.3.gz /usr/share/man/man3/vmod_directors.3.gz /usr/share/man/man3/vmod_proxy.3.gz /usr/share/man/man3/vmod_purge.3.gz /usr/share/man/man3/vmod_std.3.gz /usr/share/man/man3/vmod_unix.3.gz /usr/share/man/man3/vmod_vtc.3.gz /usr/share/man/man7/varnish-cli.7.gz /usr/share/man/man7/varnish-counters.7.gz /usr/share/man/man7/vcl-backend.7.gz /usr/share/man/man7/vcl-probe.7.gz /usr/share/man/man7/vcl-step.7.gz /usr/share/man/man7/vcl-var.7.gz /usr/share/man/man7/vcl.7.gz /usr/share/man/man7/vsl-query.7.gz /usr/share/man/man7/vsl.7.gz /usr/share/man/man7/vtc.7.gz /usr/share/varnish /usr/share/varnish/vcc /usr/share/varnish/vcc/vmod_blob.vcc /usr/share/varnish/vcc/vmod_cookie.vcc /usr/share/varnish/vcc/vmod_directors.vcc /usr/share/varnish/vcc/vmod_proxy.vcc /usr/share/varnish/vcc/vmod_purge.vcc /usr/share/varnish/vcc/vmod_std.vcc /usr/share/varnish/vcc/vmod_unix.vcc /usr/share/varnish/vcc/vmod_vtc.vcc /usr/share/varnish/vcl /usr/share/varnish/vcl/devicedetect.vcl /usr/share/varnish/vmodtool.py /usr/share/varnish/vsctool.py /var/cache/varnish /var/lib/varnish /var/log/varnish
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 20:22:04 2024