Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

lighttpd-mod_vhostdb_pgsql-1.4.82-1.3 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: lighttpd-mod_vhostdb_pgsql Distribution: openSUSE Tumbleweed
Version: 1.4.82 Vendor: openSUSE
Release: 1.3 Build date: Fri Sep 12 22:14:47 2025
Group: Productivity/Networking/Web/Servers Build host: reproducible
Size: 15911 Source RPM: lighttpd-1.4.82-1.3.src.rpm
Packager: https://bugs.opensuse.org
Url: https://www.lighttpd.net/
Summary: PostgreSQL based virtual hosts module for Lighttpd
 
With PostgreSQL based vhosting you can put the information where to look
for the document-root of a given host into a PostgreSQL database.

Provides

Requires

License

BSD-3-Clause

Changelog

* Fri Sep 12 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.82:
    * restrict request trailers to configured list:
      trailers in request headers will be ignored unless allowed
      field names are explicitly configured in a comma-separated list
      containing no spaces:
      server.feature-flags += (“request.trailer-whitelist” => “…”)
      This changes behavior from lighttpd 1.4.80, which added support
      for request trailers and header merging, but did not restrict
      request trailers.
    * bug fixes
* Thu Aug 14 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.80:
    * detect and issue error trace for HTTP/2 MadeYouReset
      CVE-2025-8671 (boo#1243888)
    * stricter HTTP request/response header, trailer, and chunked
      validation/parsing
    * support HTTP response trailers
    * support HTTP request trailers merge to headers (if not
      streaming request body)
    * extend TLS error log messages to include client addr if error
      caused by client
    * extend TLS error log messages for HTTP/2 attack detection
    * reject path info on static files by default
      (static-file.disable-pathinfo)
* Mon Jul 21 2025 Stefan Bühler <source@stbuehler.de>
  - update upstream keys (uids / expiry)
  - split some modules into separate packages, but require them in the
    main package for now:
    * mod_openssl
    * mod_deflate
    * mod_authn_dbi
  - add alternative tls modules:
    * mod_gnutls
    * mod_mbedtls
    * mod_nss
  - suggest DBI drivers with dbi modules
  - suggest some geoip packages for mod_maxminddb
  - kTLS offloading support (boo#1240669):
    * autoload tls kernel module with mod_openssl and mod_gnutls
  - use lua5.4 (upgrade from lua5.1) for mod_magnet
  - require libxcrypt-devel explicitly (for crypt_r)
* Sun May 18 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.79:
    * bug fix for mod_openssl using both ECDSA and RSA certs
    * hardened systemd lighttpd.service
  - drop harden_lighttpd.service.patch
* Wed Mar 26 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.78:
    * option to reload TLS certs and CRLs
    * bug fixes
* Sun Mar 23 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.77:
    * stronger TLS defaults: TLSv1.3
    * defaults t limit TLSv1.3 Groups to the IANA “Recommended” set:
      “X25519:P-256:P-384:X448”
    * server.error-handler-404 operates only on 404
    * lighttpd.conf renamed lighttpd.annotated.conf, lighttpd.conf is
      now a simpler header which includes lighttpd.annotated.conf.
* Sat Apr 13 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.76:
    * detect VU#421644 HTTP/2 CONTINUATION Flood
    * issue trace and send GO_AWAY
    * tarball is now more reproducible and verifiable
* Sat Mar 23 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.75:
    * incrementally stronger TLS cipher defaults
    * fix a regression in mod_dirlisting in lighttpd 1.4.74
    * add missing file src/compat/sys/queue.h to the release tarball
  - packaging changes upon notes by the upstream developers:
    * drop usage of lightytest.sh and PHP dependencies
    * drop unneeeded build dependencies and build options
    * drop non-default BZIP2 support
    * update description of -mod_webdav
* Fri Mar 01 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.74:
    * Some messages sent to syslog() (if enabled in lighttpd config)
      have been changed to use different priorities (e.g.
      LOG_WARNING, LOG_DEBUG) instead of everything being sent with
      LOG_ERROR priority. The change affects only lighttpd configs
      which set server.errorlog-use-syslog = “enable” (not default)
    * Other bug fixes
* Mon Feb 05 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - fix user/group with rpm 4.19 (boo#1219549)
* Tue Oct 31 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.73:
    * CVE-2023-44487: HTTP/2 detect and log rapid reset attack
      (boo#1216123)
* Sat Oct 07 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.72:
    * a number of buf fixes and developer visible changes
* Sun May 28 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.71:
    * HTTP/2 support separated to mod_h2 module
* Fri May 12 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.70:
    * speed up CGI spawning
    * support HTTP/2 downstream proxy serving multiple clients on
      single connection (mod_extforward, mod_maxminddb)
    * no longer building separate modules for built-in modules
      lighttpd omits building separate (unused) modules for:
      mod_access mod_alias mod_evhost mod_expire mod_fastcgi
      mod_indexfile mod_redirect mod_rewrite mod_scgi mod_setenv
      mod_simple_vhost mod_staticfile
* Sat Feb 11 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.69:
    * bug fixes and portability fixes
* Sat Jan 21 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 1.4.68:
    * TLS modules now default to using stronger, modern ciphers and
      will default to allow client preference in selecting ciphers.
      Allowing client preference in selecting ciphers is safe to do along
      with restrictions to use modern ciphers supporting PFS, and is
      better for mobile users without AES hardware acceleration.
      Legacy ciphers can still be configured in lighttpd.conf using
      `ssl.openssl.ssl-conf-cmd`, as long as the ciphers are supported by
      the underlying TLS libraries. https://wiki.lighttpd.net/Docs_SSL
      new defaults:
      “CipherString” => “EECDH+AESGCM:AES256+EECDH:CHACHA20:SHA256:!SHA384”,
      “Options” => “-ServerPreference”
      old defaults:
      “CipherString” => “HIGH”,
      “Options” => “ServerPreference”
    * Deprecated TLS options have been removed.
      – ssl.honor-cipher-order
      – ssl.dh-file
      – ssl.ec-curve
      – ssl.disable-client-renegotiation
      – ssl.use-sslv2
      – ssl.use-sslv3
      See https://wiki.lighttpd.net/Docs_SSL for replacements with
      `ssl.openssl.ssl-conf-cmd`, but prefer lighttpd defaults instead.
    * Deprecated: mod_evasive has been removed
    * Deprecated: mod_secdownload has been removed
    * Deprecated: mod_uploadprogress has been removed
    * Deprecated: mod_usertrack has been removed
      These four modules can be replaced with a few lines of LUA.

Files

/usr/lib64/lighttpd/mod_vhostdb_pgsql.so
/usr/share/licenses/lighttpd-mod_vhostdb_pgsql
/usr/share/licenses/lighttpd-mod_vhostdb_pgsql/COPYING

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Mar 18 23:51:43 2026