linux/meta-openembedded.git/meta-webserver, branch stable/thud-next Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=stable%2Fthud-next 2018-11-15T21:18:50+00:00 apache2: Fix CVE-2018-11763 2018-11-15T21:18:50+00:00 Mingli Yu mingli.yu@windriver.com 2018-10-29T07:25:49+00:00 urn:sha1:de6d776d800384aed442b643fd03ccd35d5a9194 mod_http2: connection IO event handling reworked. Instead of reacting on incoming bytes, the state machine now acts on incoming frames that are affecting it. This reduces state transitions. Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> README: updated Maintainers list for Thud 2018-11-15T21:17:00+00:00 Armin Kuster akuster808@gmail.com 2018-10-31T14:59:03+00:00 urn:sha1:ed4472e0541dc8741dd9a7a8e6cc49e4e650eaa7 Signed-off-by: Armin Kuster <akuster808@gmail.com> layers: Update layer compatibility to thud 2018-09-30T17:17:48+00:00 Khem Raj raj.khem@gmail.com 2018-09-25T21:18:00+00:00 urn:sha1:d273070293cf646fb399167dccc1a1b18dc41cb6 Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andreas Müller <schnitzeltony@googlemail.com> Cc: Derek Straka <derek@asterius.io> Cc: Tim Orling <TicoTimo@gmail.com> Cc: Hongxu Jia <hongxu.jia@windriver.com> Cc: Armin Kuster <akuster808@gmail.com> Cc: Joe MacDonald <joe_macdonald@mentor.com> Cc: Andrea Adami <andrea.adami@gmail.com> nginx: add PACKAGECONFIG[ssl] 2018-09-24T18:49:45+00:00 Max Kellermann max.kellermann@gmail.com 2018-09-18T08:26:02+00:00 urn:sha1:4e389f64d7e87efdde26c5164063b7dea6a0d072 Signed-off-by: Max Kellermann <max.kellermann@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> phpmyadmin: upgrade 4.8.2 -> 4.8.3 2018-09-05T20:59:16+00:00 Yi Zhao yi.zhao@windriver.com 2018-09-05T05:06:03+00:00 urn:sha1:85986e6d73e7ca525455021ea29b0df8b725c591 Security fixes: CVE-2018-15605: An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> apache2: set files layout to debian style 2018-08-24T15:58:13+00:00 Yi Zhao yi.zhao@windriver.com 2018-08-24T03:40:11+00:00 urn:sha1:8b021f35e343d5ea3b44ed9f9da8c9db6998bf3b The default layout installs log files to /var/apache2/logs. But we assume the log directory is /var/log/apache2 in volatile.conf. Specify the layout to debian style to set the correct the log directory. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> xdebug: upgrade 2.6.0 -> 2.6.1 2018-08-22T00:28:14+00:00 Yi Zhao yi.zhao@windriver.com 2018-08-22T00:26:32+00:00 urn:sha1:811447a949d5cf2a3bf23f4ea416993f16efbc66 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> nginx: Upgrade to 1.15.2 2018-08-15T15:20:06+00:00 Khem Raj raj.khem@gmail.com 2018-08-13T06:42:29+00:00 urn:sha1:f0acce20d44b78e1679060419e280b12c217b01d Signed-off-by: Khem Raj <raj.khem@gmail.com> nostromo: Add dep on virtual/crypt 2018-08-15T15:20:06+00:00 Khem Raj raj.khem@gmail.com 2018-08-11T22:24:29+00:00 urn:sha1:fad9dec084f74dce1e12e1a6f70584367d854847 glibc 2.28+ this library is not part of libc package Signed-off-by: Khem Raj <raj.khem@gmail.com> hiawatha: Add missing dep on virtual/crypt 2018-08-15T15:20:06+00:00 Khem Raj raj.khem@gmail.com 2018-08-11T22:05:14+00:00 urn:sha1:c9e1918542b9466cdd811afcdbfaa049311533da Signed-off-by: Khem Raj <raj.khem@gmail.com>