| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: apache2-mod_jk | Distribution: openSUSE Leap 16.0 |
| Version: 1.2.49 | Vendor: openSUSE |
| Release: lp160.1.1 | Build date: Thu Dec 21 14:51:41 2023 |
| Group: Productivity/Networking/Web/Frontends | Build host: reproducible |
| Size: 421094 | Source RPM: apache2-mod_jk-1.2.49-lp160.1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://tomcat.apache.org/connectors-doc/ | |
| Summary: Connectors between Apache and Tomcat Servlet Container | |
This package provides modules for Apache to invisibly integrate Tomcat capabilities into an existing Apache installation. To load the module into Apache, run the command "a2enmod jk" as root.
Apache-2.0
* Thu Dec 21 2023 David Anes <david.anes@suse.com>
- Add apache2-fix-symbol-export-typo.patch to fix a typo to restrict
the symbols to export by the module. Fixes bsc#1206261.
* Tue Oct 17 2023 David Anes <david.anes@suse.com>
- Update to version 1.2.49:
Apache
* Retrieve default request id from mod_unique_id. It can also be
taken from an arbitrary environment variable by configuring
"JkRequestIdIndicator".
* Don't delegate the generation of the response body to httpd
when the status code represents an error if the request used
the HEAD method.
* Only export the main module symbol. Visibility of module
internal symbols led to crashes when conflicting with library
symbols. Based on a patch provided by Josef Čejka. (wrong fix
was applied for bsc#1206261)
* Remove support for implicit mapping of requests to workers.
All mappings must now be explicit.
IIS
* Set default request id as a GUID. It can also be taken from an
arbitrary request header by configuring "request_id_header".
* Fix non-empty check for the Translate header.
Common
* Fix compiler warning when initializing and copying fixed
length strings.
* Add a request id to mod_jk log lines.
* Enable configure to find the correct sizes for pid_t and
pthread_t when building on MacOS.
* Fix Clang 15/16 compatibility. Pull request #6 provided by
Sam James.
* Improve XSS hardening in status worker.
* Add additional bounds and error checking when reading AJP
messages.
Docs
* Remove support for the Netscape / Sun ONE / Oracle iPlanet Web
Server as the product has been retired.
* Remove links to the old JK2 documentation. The JK2
documentation is still available, it is just no longer linked
from the current JK documentation.
* Restructure subsections in changelog starting with version
1.2.45.
* Mon May 18 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update jk.conf: [bsc#1167896]
* Specify the location of JkShmFile.
* Update tomcat-webapps paths.
* Mon May 11 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Fix Aliases to be compatible with the tomcat example URLs [bsc#1167896]
* Mon May 11 2020 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Changes for 1.2.47 and 1.2.48 updates:
* Add: Apache: Extend trace level logging of method entry/exit to
aid debugging of request mapping issues.
* Fix: Apache: Fix a bug in the normalization checks that prevented
file based requests, such as SSI file includes, from being processed.
* Fix: Apache: When using JkAutoAlias, ensure that files that include
spaces in their name are accessible.
* Update: Common: Update the documentation to reflect that the source
code for the Apache Tomcat Connectors has moved from Subversion to Git.
* Fix: Common: When using set_session_cookie, ensure that an updated session
cookie is issued if the load-balancer has to failover to a different worker.
* Update: Common: Update config.guess and config.sub from
https://git.savannah.gnu.org/git/config.git.
* Update: Common: Update release script for migration to git.
* Sun Feb 09 2020 pgajdos@suse.com
- remove useless %check section
* Mon Nov 05 2018 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update to version 1.2.46
Fixes:
* Apache: Fix regression in 1.2.44 which resulted in
socket_connect_timeout to be interpreted in units of seconds
instead of milliseconds on platforms that provide poll(). (rjung)
* Security: CVE-2018-11759 Connector path traversal [bsc#1114612]
- Update to version 1.2.45
Fixes:
* Correct regression in 1.2.44 that broke request handling for
OPTIONS * requests. (rjung)
* Improve path parameter parsing so that the session ID specified
by the session_path worker property for load-balanced workers
can be extracted from a path parameter in any segment of the
URI, rather than only from the final segment. (markt)
* Apache: Improve path parameter handling so that JkStripSession
can remove session IDs that are specified on path parameters in any
segment of the URI rather than only the final segment. (markt)
* IIS: Improve path parameter handling so that strip_session can
remove session IDs that are specified on path parameters in any
segment of the URI rather than only the final segment. (markt)
Updates:
* Apache: Update the documentation to note additional
limitations of the JkAutoAlias directive. (markt)
Code:
* Common: Optimize path parameter handling. (rjung)
- Cleaned with spec-cleaner
* Wed Sep 19 2018 pmonrealgonzalez@suse.com
- Update to version 1.2.44
Updates:
* Remove the Novell Netware make files and Netware specific source
code since there has not been a supported version of Netware
available for over five years. (markt)
* Apache: Update the documentation to use httpd 2.4.x style access
control directives. (markt)
* Update PCRE bundled with the ISAPI redirector to 8.42. (rjung)
* Update config.guess and config.sub from
https://git.savannah.gnu.org/git/config.git. (rjung)
Fixes:
* Common: Use Local, rather than Global, mutexs on Windows to
better support multi-user environments. (markt)
* Apache: Use poll rather than select to avoid the limitations of
select triggering an httpd crash. Patch provided by Koen Wilde. (markt)
* ISAPI: Remove the check that rejects requests that contain path
segments that match WEB-INF or META-INF as it duplicates a check
that Tomcat performs and, because ISAPI does not have visibility of
the current context path, it is impossible to implement this check
without valid requests being rejected. (markt)
* Refactor normalisation of request URIs to a common location and align
the normalisation implementation for mod_jk with that implemented by
Tomcat. (markt)
Add:
* Clarify the behvaiour of lb workers when all ajp13 workers fail with
particular reference to the role of the retries attribute. (markt)
* Add the new load-balancer worker property lb_retries to improve the
control over the number of retries. Based on a patch provided by
Frederik Nosi. (markt)
* Add a note to the documentation that the CollapseSlashes options are
now effectively hard-coded to CollpaseSlashesAll due to the changes
made to align normalization with that implemented in Tomcat. (markt)
* Thu Mar 15 2018 pmonrealgonzalez@suse.com
- Update to version 1.2.43 [bsc#1085220, CVE-2018-1323]
* LB: Propagate load factor changes applied by the status worker
to a load balancer sub worker correctly to all processes.
* ISAPI: Align the make files for 32-bit and 64-bit builds.
* Update config.guess and config.sub
* Update PCRE bundled with the ISAPI redirector to 8.41.
* Update the ISAPI redirector installation documentation to
reflect the currently supported versions of Windows.
* Align the normalization performed by the ISAPI redirector with
that implemented by Tomcat.
* Tue Feb 13 2018 tchvatal@suse.com
- Disable tests for now as the default profile is not working
properly to load up and upstream should update the sample
* Thu Feb 01 2018 tchvatal@suse.com
- Version update to 1.2.42:
* Many small fixes
* Optimalization for new gccs
* Minor code cleanups
* Sat May 20 2017 tchvatal@suse.com
- Just depend on java-devel
* Wed Jan 20 2016 tchvatal@suse.com
- Version update to 1.2.41:
* remove merged patch apache2-mod_jk-CVE-2014-8111.patch
* many small bugfixes all around:
+ http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
* Wed Sep 09 2015 pgajdos@suse.com
- test package with %apache_test_module_load
* Thu Jul 16 2015 pgajdos@suse.com
- Requries: %{apache_suse_maintenance_mmn}
This will pull this module to the update (in released distribution)
when apache maintainer thinks it is good (due api/abi changes).
* Thu Jun 04 2015 tchvatal@suse.com
- Apply patch to fix bnc#927845 CVE-2014-8111 VUL-1: apache2-mod_jk: Tomcat
mod_jk information leak due to incorrect JkMount/JkUnmount directives
processing:
* apache2-mod_jk-CVE-2014-8111.patch
* Thu Jun 04 2015 pgajdos@suse.com
- access configuration conditional in jk.conf example
* Wed Mar 18 2015 tchvatal@suse.com
- Drop the asc again to make dimstar happy
* Fri Mar 13 2015 tchvatal@suse.com
- Add asc signature file.
- Fix URL for homepage
* Mon Nov 24 2014 pgajdos@suse.com
- fix tomcat paths in jk.conf [bnc#742618]
* Mon Nov 03 2014 pgajdos@suse.com
- use apache rpm macros
* Mon Jun 02 2014 tchvatal@suse.com
- Cleanup with spec-cleaner
* Mon Jun 02 2014 tchvatal@suse.com
- Version bump to 1.2.40 fixes bnc#880798:
* Fix forwarding of chunked requests, which is broken in version 1.2.39. (rjung)
* 56352: Fix regression in memory release. (mturk)
* Fix status worker display of worker IP address after name or port was changed. (rjung)
* 56297: Improve key hash function. Copied from APR. (rjung)
* 55683: Remove quotes from quoted session cookies. (rjung)
* 53542: ISAPI: Fix grammar in 503 error page. (rjung)
* 55696: Crash on Mac OS X 10.9 during config parsing. (rjung)
* Deprecate nt_service from Tomcat Connectors. (mturk)
* 56133: Fix possible crash when a request fails during request body transfer to the back end and reply_timeout was set. Patch contributed by Hiroto Shimizu. (rjung)
* Fix status worker not updating parameters for all members. (mturk)
* 55853: HTTPD: Use the correct API for setting Content-Length. Patch contributed by areese yahoo-inc.com. (rjung)
* Add IPV6 support for connection to webserver. New directive prefer_ipv6 has been added to control the hostname resolution and preserve backward compatibility. (mturk)
* Add --disable-sock-cloexec to configure to disable use of SOCK_CLOEXEC (using FD_CLOEXEC + fnctl instead) so built modules will work with Linux kernels prior to 2.6.27. (timw)
* Clean up config file parsing. Worker names are now restricted to 60 bytes. (rjung)
* Allow to set a stickyness cookie in case a web framework breaks Tomcat's adding of the routing ID to the end of the JSESSIONID cookie. (rjung)
* Use max_packet_size also for request body forwarding. (rjung)
* Apache 2.4: By default forward logical client address as provided by mod_remoteip. When setting JkOptions ForwardPhysicalAddress mod_jk will instead forward the physical peer address. (rjung)
* Minor documentation improvements. (rjung)
* Mon Jan 28 2013 dimstar@opensuse.org
- Update to version 1.2.37:
+ Fix compatibility with apache 2.4
- Introduce apxs variable, based on apache_branch. With apache 2.4,
apxs2 moved from %{_sbindir} to %{_bindir}.
* Sat Sep 17 2011 jengelh@medozas.de
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build
* Tue Jun 07 2011 vlado.paskov@gmail.com
- Update of README.SUSE file: now reflects configuration steps for
mod_jk with tomcat6 server. It was refering tomcat5 configuration.
* Tue Aug 03 2010 gaboo@gaboo.org
- Update to version 1.2.30
* Apache: Improve compatibility with Apache 2.3. (rjung)
* AJP: Improve socket shutdown handling. (mturk)
* AJP: Ensure we never reuse a non reusable socket. (mturk)
* AJP: Tolerate a single excess packet when waiting for cpong. (mturk)
* AJP: Check protocol correctness more strictly. (mturk)
* other bug fixes and improvements
* http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
* Tue Oct 13 2009 mvyskocil@suse.cz
- bnc#493575 - VUL-1: apache2-mod_jk: mod_jk information leak
added jakarta-tomcat-connectors-4.1.30-src-CVE-2008-5519.patch
http://svn.eu.apache.org/viewvc?view=rev&revision=702540
* Thu Sep 11 2008 skh@suse.de
- update to version 1.2.26
- full changelog at
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
* Mon Mar 05 2007 skh@suse.de
- update to version 1.2.21 (fix CVE-2007-0774: Long URL Stack Overflow
Vulnerability, b.n.c. #248157)
* Wed Jan 17 2007 skh@suse.de
- update to newer (sic!) version 1.2.20
- remove apache13 cruft from spec file and patches
* Mon Oct 23 2006 poeml@suse.de
- rename from mod_jk (name of source rpm) resp. mod_jk-ap20 (name
of binary rpm) to apache2-mod_jk
* Tue Feb 07 2006 poeml@suse.de
- remove apr_sockaddr_port_get() call which is obsolete in libapr 1
- fix missing include
- bzip2 the source tarball
* Mon Jan 30 2006 poeml@suse.de
- removed libapr-util1-devel from BuildRequires (apache2-devel does
require it)
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Mon Jan 23 2006 poeml@suse.de
- make the package depend on the apache module API version
* Thu Jan 19 2006 cthiel@suse.de
- removed unneeded sources
* apr-util-0.9.4.tar.gz
* apr_20030819101622.tar.bz2
* apr_20030819101622-apache2_cflags.patch
* apr_20030819101622.patch
- fixed build
* Tue Nov 08 2005 dmueller@suse.de
- don't build as root
* Wed Sep 29 2004 skh@suse.de
- Added better documentation and sample configuration (#46081)
* Mon Sep 13 2004 skh@suse.de
- First separate package (no longer a subpackage of tomcat)
- Switch to JPackage package layout, but keep newer version 4.1.30 from
former package apache2-jakarta-tomcat-connectors
/usr/lib64/apache2/mod_jk.so /usr/share/doc/packages/apache2-mod_jk /usr/share/doc/packages/apache2-mod_jk/README.SUSE /usr/share/doc/packages/apache2-mod_jk/jk.conf /usr/share/doc/packages/apache2-mod_jk/workers.properties /usr/share/licenses/apache2-mod_jk /usr/share/licenses/apache2-mod_jk/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 12 00:13:41 2024