: Log in!


ウェブ 検索
トップ  >  Linux16歩  >  2016-07-07 httpdのupdate
20160707 httpd-2.4.23にupdateしました


--- 2420/conf/original/httpd.conf  2016-04-12 15:47:22.775666508 +0900
+++ 2423/conf/original/httpd.conf  2016-07-07 06:52:17.447688907 +0900
@@ -111,6 +111,7 @@ LoadModule access_compat_module modules/
 #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
 #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
 #LoadModule proxy_express_module modules/mod_proxy_express.so
+#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
 #LoadModule session_module modules/mod_session.so
 #LoadModule session_cookie_module modules/mod_session_cookie.so
 #LoadModule session_dbd_module modules/mod_session_dbd.so


Changes with Apache 2.4.23

*) mod_ssl: reset client-verify state of ssl when aborting 
   renegotiations. [Erki Aring <erki at example.ee>, Stefan Eissing]

*) mod_sed: Fix 'x' command processing. [Christophe Jaillet]

*) configure: Fix ./configure edge-case failures around dependencies
   of mod_proxy_hcheck. [William Rowe, Ruediger Pluem, Jeff Trawick]

Changes with Apache 2.4.22

*) mod_http2: fix for request abort when connections drops, introduced 
   in 1.5.8

Changes with Apache 2.4.21

*) mod_http2: more rigid error handling in DATA frame assembly, leading
   to deterministic connection errors if assembly fails.
   [Stefan Eissing, Pal Nilsen <https://github.com/maedox>]

*) abs: Include OPENSSL_Applink when compiling on Windows, to resolve
   failures under Visual Studio 2015 and other mismatched MSVCRT 
   PR59630 [Jan Ehrhardt <phpdev ehrhardt.nl>]

*) mod_ssl: Add "no_crl_for_cert_ok" flag to SSLCARevocationCheck 
   directive to opt-in previous behaviour (2.2) with CRLs verification 
   when checking certificate(s) with no corresponding CRL.
   [Yann Ylavic]

*) mpm_event, mpm_worker: Fix computation of MinSpareThreads' lower 
   bound according the number of listeners buckets.  [Yann Ylavic]

*) Add ap_cstr_casecmp[n]() - placeholder of apr_cstr_casecmp[n] 
   functions for case-insensitive C/POSIX-locale token comparison.
   [Jim Jagielski, William Rowe, Yann Ylavic, Branko Čibej]

*) mod_userdir: Constify and save a few bytes in the conf pool when
   parsing the "UserDir" directive. [Christophe Jaillet]

*) mod_cache: Fix (max-stale with no '=') and enforce (check
   integers after '=') Cache-Control header parsing.
   [Christophe Jaillet]

*) core: Add -DDUMP_INCLUDES configtest option to show the tree
   of Included configuration files.
   [Jacob Champion ]

*) mod_proxy_fcgi: Avoid passing a filename of proxy:fcgi:// as
   SCRIPT_FILENAME to a FastCGI server. PR59618.
   [Jacob Champion <champion.pxi gmail.com>]

*) mod_dav: Add dav_get_provider_name() function to obtain the name
   of the provider from mod_dav.
   [Jari Urpalainen <jari.urpalainen nokia.com>>]

*) mod_proxy_http2: properly care for HTTP2 flow control of the 
   frontend connection is HTTP/1.1. [Patch supplied by Evgeny Kotkov]
*) mod_http2: improved cleanup of connection/streams/tasks to always
   have deterministic order regardless of event initiating it. 
   Addresses reported crashes due to memory read after free issues. 
   [Stefan Eissing] 
*) mod_ssl: Correct the interaction between SSLProxyCheckPeerCN and 
   newer SSLProxyCheckPeerName directives since release 2.4.5, such 
   that disabling either disables both, and that enabling either 
   triggers the new, more comprehensive SSLProxyCheckPeerName behavior. 
   Only a single configuration remains to enable the legacy behavior, 
   which is to explicitly disable SSLProxyCheckPeerName, 
   and enable SSLProxyCheckPeerCN. [William Rowe]

*) mod_include: add the <!--#comment ...> syntax in order to include 
   comments in a SSI file. 
  [Christophe Jaillet based on a suggestion from Rob]

*) mod_http2: improved event handling for suspended streams, responses
   and window updates. [Stefan Eissing] 
*) mod_proxy_hcheck: Provide for dynamic background health
   checks on reverse proxies associated with BalancerMember
   workers. [Jim Jagielski]

*) mod_http2: Fix async write issue that led to selection of wrong 
   timeout vs. keepalive timeout selection for idle sessions. 
   [Stefan Eissing]
*) mod_http2: checking LimitRequestLine, LimitRequestFields and 
   LimitRequestFieldSize configurated values for incoming streams. 
   Returning HTTP status 431 for too long/many headers fields 
   and 414 for a too long pseudo header. [Stefan Eissing]
*) mod_http2: tracking conn_rec->current_thread on slave connections, 
   so that mod_lua finds the correct one. Fixes PR 59542. 
   [Stefan Eissing]
*) mod_proxy_http2: new experimental http2 proxy module for h2: 
   and h2c: proxy urls. Part of the httpd mod_proxy framework, 
   common settings apply. Requests from the same HTTP/2 frontend 
   connection against the same backend are aggregated on a single 
   connection.  [Stefan Eissing]
*) mod_http2: slave connections have conn_rec->aborted flag set when 
   a stream has been reset by the client. [Stefan Eissing]

*) mod_http2: merge of some 2.4.x adaptions re filters on slave 
   connections. Small fixes in bucket beams when forwarding file 
   buckets. Output handling on master connection uses less FLUSH and 
   passes automatically when more than half of H2StreamMaxMemSize bytes 
   have accumulated. Workaround for http: when forwarding partial file 
   buckets to keep the output filter from closing these too early. 
   [Stefan Eissing]

*) mod_http2: elimination of fixed master connection buffer for TLS 
   connections. New scratch bucket handling optimized for TLS write 
   sizes. File bucket data read directly into scratch buffers, 
   avoiding one copy. Non-TLS connections continue to pass buckets 
   unchanged to the core filters to allow sendfile() usage. 
  [Stefan Eissing]

*) mod_http2/mod_proxy_http2: h2_request.c is no longer shared between 
   these modules. This simplifies building on platforms such as 
   Windows, as module reference used in logging is now clear. 
   [Stefan Eissing]

*) Scoreboard: Fix a regression in 2.4.20 that causes wrong request 
   data to be displayed on the status page. PR 59333. 
   [Yann Ylavic, William Rowe]

*) mod_http2: fixed a bug that caused mod_proxy_http2 to be called for 
   window updates on requests it had already reported done. 
   Added synchronization on early connection/stream close that lets 
   ongoing requests safely drain their input filters. [Stefan Eissing]

*) mod_http2: scoreboard updates that summarize the h2 session (and 
   replace the last request information) will only happen when the 
   session is idle or in shutdown/done phase. [Stefan Eissing]

*) mod_http2: new "bucket beam" technology to transport buckets across
   threads without buffer copy. Delaying response start until flush or
   enough body data has been accumulated. Overall significantly smaller
   memory footprint. [Stefan Eissing]

*) core: New CGIVar directive can configure REQUEST_URI to represent 
   the current URI being processed instead of always the original 
   request. [Jeff Trawick]

*) scoreboard/status: Restore behavior of showing workers' previous 
   Client, VHost and Request values when idle, 
   like in 2.4.18 and earlier. 

*) mod_http2: r->protocol changed to "HTTP/2.0" (was "HTTP/2") as 
   this will give expected syntax in CGI's SERVER_PROTOCOL is more 
   compatible with existing major/minor handling. Fixes PR 59313.

*) mod_http2: disabling mmap for file buckets transport due to 
   segmenation faults when files change on the fly.
投票数:121 平均点:9.34
2016-07-02 dovecotのupdate
2016-07-16 lynis-2.3.1にupdate