From: Yann Ylavic Date: Tue, 18 Jun 2024 14:52:38 +0000 (+0000) Subject: Sync CHANGES. X-Git-Tag: 2.4.60-rc1-candidate~32 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9952110d9591717015b1e69b926aad44faf98c52;p=thirdparty%2Fapache%2Fhttpd.git Sync CHANGES. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1918415 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 8617b705026..9fd49911cb3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,31 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.60 + *) mod_ssl: Fix a regression that causes the default DH parameters for a key + no longer set and thus effectively disabling DH ciphers when no explicit + DH parameters are set. PR 68863 [Ruediger Pluem] + + *) mod_cgid: Optional support for file descriptor passing, fixing + error log handling (configure --enable-cgid-fdpassing) on Unix + platforms. PR 54221. [Joe Orton] + + *) mod_cgid/mod_cgi: Distinguish script stderr output clearly in + error logs. PR 61980. [Hank Ibell ] + + *) mod_tls: update version of rustls-ffi to v0.13.0. + [Daniel McCarney (@cpu}] + + *) mod_md: + - Using OCSP stapling information to trigger certificate renewals. Proposed + by @frasertweedale. + - Added directive `MDCheckInterval` to control how often the server checks + for detected revocations. Added proposals for configurations in the + README.md chapter "Revocations". + - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is + allowed in RFC 6960. Treat those as having an update interval of 12 hours. + Added by @frasertweedale. + - Adapt OpenSSL usage to changes in their API. By Yann Ylavic. + Changes with Apache 2.4.59 *) SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by diff --git a/changes-entries/md_2.4.26.txt b/changes-entries/md_2.4.26.txt deleted file mode 100644 index 9b82f611f18..00000000000 --- a/changes-entries/md_2.4.26.txt +++ /dev/null @@ -1,10 +0,0 @@ - * mod_md: - - Using OCSP stapling information to trigger certificate renewals. Proposed - by @frasertweedale. - - Added directive `MDCheckInterval` to control how often the server checks - for detected revocations. Added proposals for configurations in the - README.md chapter "Revocations". - - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is - allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Added by @frasertweedale. - - Adapt OpenSSL usage to changes in their API. By Yann Ylavic. diff --git a/changes-entries/mod_tls_v0.9.0.txt b/changes-entries/mod_tls_v0.9.0.txt deleted file mode 100644 index b57bf0b7c4d..00000000000 --- a/changes-entries/mod_tls_v0.9.0.txt +++ /dev/null @@ -1,2 +0,0 @@ - * mod_tls: update version of rustls-ffi to v0.13.0. - [Daniel McCarney (@cpu}] diff --git a/changes-entries/pr54221.txt b/changes-entries/pr54221.txt deleted file mode 100644 index 62b75ea4dd8..00000000000 --- a/changes-entries/pr54221.txt +++ /dev/null @@ -1,3 +0,0 @@ - *) mod_cgid: Optional support for file descriptor passing, fixing - error log handling (configure --enable-cgid-fdpassing) on Unix - platforms. PR 54221. [Joe Orton] diff --git a/changes-entries/pr61980.txt b/changes-entries/pr61980.txt deleted file mode 100644 index 828c090595a..00000000000 --- a/changes-entries/pr61980.txt +++ /dev/null @@ -1,2 +0,0 @@ - *) mod_cgid/mod_cgi: Distinguish script stderr output clearly in - error logs. PR 61980. [Hank Ibell ] diff --git a/changes-entries/pr68863.txt b/changes-entries/pr68863.txt deleted file mode 100644 index d45ffc708cc..00000000000 --- a/changes-entries/pr68863.txt +++ /dev/null @@ -1,3 +0,0 @@ - *) mod_ssl: Fix a regression that causes the default DH parameters for a key - no longer set and thus effectively disabling DH ciphers when no explicit - DH parameters are set. PR 68863 [Ruediger Pluem]