diff --git a/SPECS/httpd/httpd.spec b/SPECS/httpd/httpd.spec index 4602395e33..77166e014d 100644 --- a/SPECS/httpd/httpd.spec +++ b/SPECS/httpd/httpd.spec @@ -1,65 +1,69 @@ +%define mmn 20120211 +%define _confdir %{_sysconfdir} Summary: The Apache HTTP Server Name: httpd Version: 2.4.46 -Release: 3%{?dist} +Release: 4%{?dist} License: ASL 2.0 -URL: https://httpd.apache.org/ -Group: Applications/System Vendor: Microsoft Corporation Distribution: Mariner +Group: Applications/System +URL: https://httpd.apache.org/ Source0: https://archive.apache.org/dist/%{name}/%{name}-%{version}.tar.bz2 Patch0: httpd-blfs_layout-1.patch Patch1: httpd-uncomment-ServerName.patch - # CVE-1999-0236 must be mitigated by the user. See "Server Side Includes" at https://httpd.apache.org/docs/2.4/misc/security_tips.html -Patch100: CVE-1999-0236.nopatch +Patch100: CVE-1999-0236.nopatch # CVE-1999-1412 applies only to MacOS X -Patch101: CVE-1999-1412.nopatch +Patch101: CVE-1999-1412.nopatch # CVE-2007-0086 has been disputed to not be a vulnerability since 2007 due to default system configurations securing against it. -Patch102: CVE-2007-0086.nopatch - -BuildRequires: openssl -BuildRequires: openssl-devel -BuildRequires: pcre-devel +Patch102: CVE-2007-0086.nopatch BuildRequires: apr BuildRequires: apr-util BuildRequires: apr-util-devel -BuildRequires: openldap BuildRequires: expat-devel BuildRequires: lua-devel - -Requires: pcre +BuildRequires: openldap +BuildRequires: openssl +BuildRequires: openssl-devel +BuildRequires: pcre-devel Requires: apr-util -Requires: openssl -Requires: openldap Requires: lua -Requires(pre): /usr/sbin/useradd /usr/sbin/groupadd -Requires(postun):/usr/sbin/userdel /usr/sbin/groupdel - +Requires: openldap +Requires: openssl +Requires: pcre +Requires(postun): %{_sbindir}/groupdel +Requires(postun): %{_sbindir}/userdel +Requires(pre): %{_sbindir}/groupadd +Requires(pre): %{_sbindir}/useradd Provides: apache2 - -%define _confdir %{_sysconfdir} +Provides: %{name}-mmn = %{version}-%{release} +Provides: %{name}-filesystem = %{version}-%{release} %description The Apache HTTP Server. %package devel -Summary: Header files for httpd -Group: Applications/System -Requires: httpd +Summary: Header files for httpd +Group: Applications/System +Requires: apr-devel +Requires: apr-util-devel +Requires: httpd + %description devel These are the header files of httpd. %package docs -Summary: Help files for httpd -Group: Applications/System -Requires: httpd +Summary: Help files for httpd +Group: Applications/System +Requires: httpd + %description docs These are the help files of httpd. %package tools -Group: System Environment/Daemons -Summary: Tools for httpd +Summary: Tools for httpd +Group: System Environment/Daemons %description tools The httpd-tools of httpd. @@ -86,31 +90,31 @@ make %{?_smp_mflags} %install make DESTDIR=%{buildroot} install -install -vdm755 %{buildroot}/usr/lib/systemd/system -install -vdm755 %{buildroot}/etc/httpd/logs +install -vdm755 %{buildroot}%{_libdir}/systemd/system +install -vdm755 %{buildroot}%{_sysconfdir}/httpd/logs -cat << EOF >> %{buildroot}/usr/lib/systemd/system/httpd.service +cat << EOF >> %{buildroot}%{_libdir}/systemd/system/httpd.service [Unit] Description=The Apache HTTP Server After=network.target remote-fs.target nss-lookup.target [Service] Type=forking -PIDFile=/var/run/httpd/httpd.pid -ExecStart=/usr/sbin/httpd -k start -ExecStop=/usr/sbin/httpd -k stop -ExecReload=/usr/sbin/httpd -k graceful +PIDFile=%{_var}/run/httpd/httpd.pid +ExecStart=%{_sbindir}/httpd -k start +ExecStop=%{_sbindir}/httpd -k stop +ExecReload=%{_sbindir}/httpd -k graceful [Install] WantedBy=multi-user.target EOF -install -vdm755 %{buildroot}/usr/lib/systemd/system-preset -echo "disable httpd.service" > %{buildroot}/usr/lib/systemd/system-preset/50-httpd.preset +install -vdm755 %{buildroot}%{_libdir}/systemd/system-preset +echo "disable httpd.service" > %{buildroot}%{_libdir}/systemd/system-preset/50-httpd.preset -ln -s /usr/sbin/httpd %{buildroot}/usr/sbin/apache2 -ln -s /etc/httpd/conf/httpd.conf %{buildroot}/etc/httpd/httpd.conf +ln -s %{_sbindir}/httpd %{buildroot}%{_sbindir}/apache2 +ln -s %{_sysconfdir}/httpd/conf/httpd.conf %{buildroot}%{_sysconfdir}/httpd/httpd.conf %post /sbin/ldconfig @@ -124,13 +128,13 @@ if [ $1 -eq 1 ]; then -s /bin/false -u 25 apache fi - if [ -h /etc/mime.types ]; then - mv /etc/mime.types /etc/mime.types.orig + if [ -h %{_sysconfdir}/mime.types ]; then + mv %{_sysconfdir}/mime.types %{_sysconfdir}/mime.types.orig fi fi -ln -sf /etc/httpd/conf/mime.types /etc/mime.types -mkdir -p /var/run/httpd +ln -sf %{_sysconfdir}/httpd/conf/mime.types %{_sysconfdir}/mime.types +mkdir -p %{_var}/run/httpd %systemd_post httpd.service %preun @@ -147,8 +151,8 @@ if [ $1 -eq 0 ]; then groupdel apache fi - if [ -f /etc/mime.types.orig ]; then - mv /etc/mime.types.orig /etc/mime.types + if [ -f %{_sysconfdir}/mime.types.orig ]; then + mv %{_sysconfdir}/mime.types.orig %{_sysconfdir}/mime.types fi fi %systemd_postun_with_restart httpd.service @@ -156,6 +160,9 @@ fi %files devel %defattr(-,root,root) %license LICENSE +%{_bindir}/apxs +%{_bindir}/dbmmanage +%{_mandir}/man1/apxs.1* %{_includedir}/* %files docs @@ -188,71 +195,107 @@ fi %files tools %defattr(-,root,root) -%{_bindir}/apxs -%{_bindir}/dbmmanage +%{_bindir}/* +%{_mandir}/man1/* +%license LICENSE +%doc NOTICE +%exclude %{_bindir}/apxs +%exclude %{_mandir}/man1/apxs.1* %changelog +* Tue Feb 09 2021 Henry Li - 2.4.46-4 +- Add Provides for httpd-mmn and httpd-filesystem from httpd +- Fix files section for httpd-devel and httpd-tools + * Tue Oct 06 2020 Pawel Winogrodzki 2.4.46-3 - Mark CVE-2007-0086 as nopatch + * Mon Sep 28 2020 Daniel McIlvaney 2.4.46-2 - Mark CVE-1999-0236 CVE-1999-1412 as nopatch + * Tue Aug 18 2020 Pawel Winogrodzki 2.4.46-1 - Updated to 2.4.46 to resolve CVE-2020-11984. + * Tue May 19 2020 Ruying Chen 2.4.43-1 - Updated to 2.4.43 to resolve the following CVEs - CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097 - CVE-2019-10098, CVE-2020-1927, CVE-2020-1934 + * Sat May 09 2020 Nick Samson 2.4.39-4 - Added %%license line automatically + * Tue Apr 07 2020 Pawel Winogrodzki 2.4.39-3 - Updated and verified 'Source0', 'Patch0' and 'URL' tags. - License verified. - Removed '%%define sha1' line. + * Tue Sep 03 2019 Mateusz Malisz 2.4.39-2 - Initial CBL-Mariner import from Photon (license: Apache2). + * Tue Apr 16 2019 Dweep Advani 2.4.39-1 - Upgrading to 2.4.39 for fixing multiple CVEs - (1) CVE-2018-17189 (2) CVE-2018-17199 (3) CVE-2019-0190 - (4) CVE-2019-0211 (5) CVE-2019-0215 (6) CVE-2019-0217 + * Thu Jan 24 2019 Dweep Advani 2.4.34-2 - Fixed CVE-2018-11763 + * Wed Aug 29 2018 Tapas Kundu 2.4.34-1 - Updated to version 2.4.34, fix CVE-2018-1333 + * Mon Oct 02 2017 Xiaolin Li 2.4.28-1 - Updated to version 2.4.28 + * Mon Sep 18 2017 Alexey Makhalov 2.4.27-3 - Remove shadow from requires and use explicit tools for post actions + * Mon Aug 07 2017 Anish Swaminathan 2.4.27-2 - Add shadow to requires for useradd/groupadd + * Mon Jul 24 2017 Anish Swaminathan 2.4.27-1 - Updated to version 2.4.27 - Fixes CVE-2017-3167 + * Wed May 31 2017 Harish Udaiya Kumar 2.4.25-3 - Provide preset file to disable service by default. + * Fri Mar 31 2017 Dheeraj Shetty 2.4.25-2 - Fixing httpd.pid file write issue + * Fri Mar 31 2017 Dheeraj Shetty 2.4.25-1 - Updated to version 2.4.25 + * Tue Dec 27 2016 Xiaolin Li 2.4.18-8 - BuildRequires lua, Requires lua. + * Wed Dec 21 2016 Anish Swaminathan 2.4.18-7 - Change config file properties for httpd.conf + * Thu Jul 28 2016 Divya Thaluru 2.4.18-6 - Removed packaging of debug files + * Wed Jul 27 2016 Divya Thaluru 2.4.18-5 - Added patch for CVE-2016-5387 + * Tue May 24 2016 Priyesh Padmavilasom 2.4.18-4 - GA - Bump release of all rpms + * Thu May 05 2016 Kumar Kaushik 2.4.18-3 - Adding upgrade support in pre/post/un script. + * Mon Mar 21 2016 Mahmoud Bassiouny 2.4.18-2 - Fixing systemd service + * Fri Jan 22 2016 Xiaolin Li 2.4.18-1 - Updated to version 2.4.18 + * Mon Nov 23 2015 Sharath George 2.4.12-4 - Add /etc/mime.types + * Tue Sep 29 2015 Xiaolin Li 2.4.12-3 - Move perl script to tools package. + * Thu Jul 16 2015 Touseef Liaqat 2.4.12-2 - Added service file. Changed installation paths. + * Wed May 20 2015 Touseef Liaqat 2.4.12-1 - Initial build. First version diff --git a/SPECS/nginx/nginx.spec b/SPECS/nginx/nginx.spec index a1b4299c41..e5c1e69773 100644 --- a/SPECS/nginx/nginx.spec +++ b/SPECS/nginx/nginx.spec @@ -1,19 +1,21 @@ +%define sha1 nginx-njs=fd8c3f2d219f175be958796e3beaa17f3b465126 Summary: High-performance HTTP server and reverse proxy Name: nginx Version: 1.16.1 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD 2-Clause -URL: http://nginx.org/ -Group: Applications/System Vendor: Microsoft Corporation Distribution: Mariner +Group: Applications/System +URL: https://nginx.org/ Source0: https://nginx.org/download/%{name}-%{version}.tar.gz Source1: nginx.service Source2: nginx-njs-0.2.1.tar.gz -%define sha1 nginx-njs=fd8c3f2d219f175be958796e3beaa17f3b465126 BuildRequires: openssl-devel BuildRequires: pcre-devel BuildRequires: which +Provides: %{name}-filesystem = %{version}-%{release} + %description NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. @@ -27,12 +29,12 @@ popd %build sh configure \ --prefix=%{_sysconfdir}//nginx \ - --sbin-path=/usr/sbin/nginx \ - --conf-path=/etc/nginx/nginx.conf \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ - --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log \ + --sbin-path=%{_sbindir}/nginx \ + --conf-path=%{_sysconfdir}/nginx/nginx.conf \ + --pid-path=%{_var}/run/nginx.pid \ + --lock-path=%{_var}/run/nginx.lock \ + --error-log-path=%{_var}/log/nginx/error.log \ + --http-log-path=%{_var}/log/nginx/access.log \ --add-module=../nginx-njs/njs-0.2.1/nginx \ --with-http_ssl_module \ --with-pcre \ @@ -43,13 +45,14 @@ sh configure \ --with-http_stub_status_module make %{?_smp_mflags} + %install make DESTDIR=%{buildroot} install -install -vdm755 %{buildroot}/usr/lib/systemd/system +install -vdm755 %{buildroot}%{_libdir}/systemd/system install -vdm755 %{buildroot}%{_var}/log install -vdm755 %{buildroot}%{_var}/opt/nginx/log ln -sfv %{_var}/opt/nginx/log %{buildroot}%{_var}/log/nginx -install -p -m 0644 %{SOURCE1} %{buildroot}/usr/lib/systemd/system/nginx.service +install -p -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/nginx.service %files %defattr(-,root,root) @@ -76,42 +79,62 @@ install -p -m 0644 %{SOURCE1} %{buildroot}/usr/lib/systemd/system/nginx.service %{_var}/log/nginx %changelog -* Sat May 09 00:21:09 PST 2020 Nick Samson - 1.16.1-2 -- Added %%license line automatically +* Wed Feb 10 2021 Henry Li - 1.16.1-3 +- Add Provides for nginx-filesystem from nginx + +* Sat May 09 00:21:09 PST 2020 Nick Samson - 1.16.1-2 +- Added %%license line automatically * Fri Mar 13 2020 Paul Monson 1.16.1-1 - Update to version 1.16.1. License verified. + * Tue Sep 03 2019 Mateusz Malisz 1.15.3-5 - Initial CBL-Mariner import from Photon (license: Apache2). + * Fri Mar 15 2019 Keerthana K 1.15.3-4 - Enable http_stub_status_module. + * Wed Nov 07 2018 Ajay Kaher 1.15.3-3 - mark config files as non replaceable on upgrade. + * Mon Sep 17 2018 Keerthana K 1.15.3-2 - Adding http_auth_request_module and http_sub_module. + * Fri Sep 7 2018 Him Kalyan Bordoloi 1.15.3-1 - Upgrade to version 1.15.3 + * Fri Jul 20 2018 Keerthana K 1.13.8-3 - Restarting nginx on failure. + * Fri Jun 08 2018 Dheeraj Shetty 1.13.8-2 - adding module njs. + * Fri May 18 2018 Srivatsa S. Bhat 1.13.8-1 - Update to version 1.13.8 to support nginx-ingress + * Thu Dec 28 2017 Divya Thaluru 1.13.5-2 - Fixed the log file directory structure + * Wed Oct 04 2017 Xiaolin Li 1.13.5-1 - Update to version 1.13.5 + * Mon May 01 2017 Dheeraj Shetty 1.11.13-2 - adding module stream to nginx. + * Wed Apr 05 2017 Priyesh Padmavilasom 1.11.13-1 - update to 1.11.13 + * Fri Nov 18 2016 Anish Swaminathan 1.10.0-5 - Add patch for CVE-2016-4450 + * Wed Jul 27 2016 Divya Thaluru 1.10.0-4 - Removed packaging of debug files + * Fri Jul 8 2016 Divya Thaluru 1.10.0-3 - Modified default pid filepath and fixed nginx systemd service + * Tue May 24 2016 Priyesh Padmavilasom 1.10.0-2 - GA - Bump release of all rpms + * Mon May 16 2016 Xiaolin Li 1.10.0-1 - Initial build. First version