hiawatha-letsencrypt-10.8.4-bp150.3.3.1<>,R\~{!M@eee=@9 t|m$[&W.E}N~!'+/e'nY=P2Fx>e\^kh<l,-W=J(?Jd * Z  h     4d A( a8 h,9 ,: p,FD2GDHHDIDXDYD\E$]Ep^FNbFcGdH)eH.fH1lH3uHHvHwIxIdyIzIIIIJChiawatha-letsencrypt10.8.4bp150.3.3.1Let's Encrypt script for the Hiawatha webserverThis is the Let's Encrypt script for the Hiawatha webserver. It can be used to request, renew and revoke certificated as provided by Let's Encrypt in a very easy way. It requires the PHP command line interface and uses version 2 of the ACME protocol to communicate with the Let's Encrypt server.\~{obs-arm-7#openSUSEGPL-2.0-onlyhttp://bugs.opensuse.orgProductivity/Networking/Web/Servershttp://www.hiawatha-webserver.orglinuxaarch64 FC('* my-9+ x,AA큤큤A큤A\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~y\~yc3c7445569c1cb158ae47aa472b1f409bc470628bfd5338acf50c6f2ced2a433ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6cd3fba05dd280ce3ba2a468d48de745ee61b8865200d3196a9aff8b062a9c251587f1ce0a163335e90855d8291d6cc20a2955009ebf213f83e4ed51332b8372c409546ea594cc3cfec1203a681d68208e0cdb3668ed20d424a481e42d3bbabbb83c79c1c5fac53b94a2cdb7bceeac3a74e05fd980224033f81064f8e4954c9856b44ad1ecf86607426b207a8e07f9aba5e4dabbdefa753c4e5ca3bd746c38303d4ddfb8be3773872734f5de16260752f5a14cf40b680308a819495368ccdf9b9f37edf40a1e65e675ad2c87f957a4c6fdd9232d93b7102f31a9ac97cf8b77fea898e6fee3cdd7e5f36b89240efa516c9e3b65febf228497a388a783d10a09ed8501e081176a724941741770ef147e61ffc2bea3ba55a0fe34131a47d20f9b5d769d370c22fbe9eb0bb66b741239babc19f88cecf98fe0a9eeb4dd7fe5c423eacb8e6d85d48dde7a3fa5f782c1bbd29e3714f4e1579a6c52a3a9c929d951d74429747b193fb516b7b4e28216ee4777a644b89898303b0a08afa0f852050a1f290ce99871a25ba99e28525f65e23ca39400257b8ae10aefd5001e12b899b99ae4drootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroothiawatha-10.8.4-bp150.3.3.1.src.rpmhiawatha-letsencrypthiawatha-letsencrypt(aarch-64)@@    /bin/sh/usr/bin/phphiawathaphp-clirpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1\j@Z@ZZZZ@Y+@YEX*WWUUU~@T Tи@TeT*@TVT=@T HSP@SxS0@SR@RR QMQ4Q@Q3Q]k@QIQ9NNdM)M>L L%@K:@K@Ky7@Ifisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgmpluskal@suse.comfisiu@opensuse.orgmpluskal@suse.commpluskal@suse.comfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgjengelh@inai.defisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgfisiu@opensuse.orgdetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.dedetlef@links2linux.demrueckert@suse.de- Update to 10.8.4: * CVE-2019-8358: Fixed a vulnerability which allowed a remote atacker to perform directory traversal when AllowDotFiles was enabled (bsc#1125751). * Several fixes in build system * Added build system for nghttp2 * New style for directory index * uri_depth added to XML for directory index- Update to version 10.8.1.: * Removed support for secp192r1 and secp192k1 curves, to make it PCI DSS compliant out of the box. * Small improvements to Let's Encrypt ACMEv2 script.- Ship Let's Encrypt script within subpackage.- Add firewalld config files for Leap/SLE >= 15 and TW.- Update to version 10.8: * New Let's Encrypt script that supports ACME v2. * Added Syslog option. * Added GZipExtensions option. * AllowDotFiles now used to show hidden files in directory listings. * Removed support for static RSA ciphers. * Hiawatha log format changed. * Small improvements. * Bugfix: certain characters in filenames disrupted directory index output. * Bugfix: requesting non-regular files now results in a 403 instead of blocking that thread.- Fix build with mbedtls 2.7.0.- Update to version 10.7: * Connect to a Unix socket via a reverse proxy. * Added BlockExtensions setting. * Small improvements. * Bugfix: error in handling renewal scripts in Let's Encrypt script.- Update to version 10.6: * Added PublicKeyPins option. * Added renewal-scripts to Let's Encrypt script. * Small changes to CMake build system. * Added CustomHeaderBackend option. * Renamed CustomHeader option to CustomHeaderClient. Old name still works. * Hiawatha ignores FileHashes and ReverseProxy for Let's Encrypt authentication requests. * Small improvements and bugfixes.- Update to version 10.4: * SkipCacheCookie option added. * Added Systemd init script to Debian package. * Small improvements and bugfixes. - Small packaging changes and requirements update- Build fails with mbedtls < 2.- Update to version 10.3: * PreventCSRF, PreventSQLi and PreventXSS improved. * Prevention of MySQL data mining via SQL injection. * Added revoke option to Let's Encrypt script. * Hiawatha ignores RequireTLS for Let's Encrypt authentication requests. * Small bugfixes and improvements. * Bugfix: possible HTTP request pipelining error after CSRF prevented. - Changes for version 10.2: * Added Let's Encrypt script (see extra/letsencrypt). * Added support for requesting Let's Encrypt certificates (see AccessList and PasswordFile settings in manual page). * Small improvements. * Bugfix: HideProxy not working for Forwarded header. - Changes for 10.1: * Added Extensions setting. * Added support for X-Sendfile header. * mbed TLS updated to 2.2.1. * Improved SQL injection detection. * Small bugfixes and improvements. - Changes for 10.0: * Usage of Directory sections changed. * Added support for RFC 5785. * Added support for GZip compression. Removed the UseGZfile option. * Added ECDSA support for TLS 1.0 and TLS 1.1. * Replaced UrlToolkit Expire option with ExpirePeriod in Directory section. * Replaced IgnoreDotHiawatha option with UseLocalConfig. * Removed the VolatileObject option. * Improved SQL injection detection. * mbed TLS updated to 2.2.0. * Small improvements. - Changes for 9.15: * Support for WebSockets via reverse proxy. * UNIX socket support for connections to WebSockets. * Responsive design for directory index and error message. * mbed TLS updated to 2.1.2. * Fixed mbed TLS linking in CMake configuration. * ListenBacklog option added. * Small bugfixes. - Changes for 9.14: * mbed TLS updated to 2.0.0. * Small bugfixes. * Bugfix: crash when sending very large request to FastCGI server.- Fix rpmlint warnings * add rcsymlink * fix log directory permissions- Update to 9.13: * Renamed SSLcertFile to TLScertFile. * Renamed RequireSSL to RequireTLS. * Renamed SSL_* CGI environment variables to TLS_*. * Renamed UrlToolkit option UseSSL to UseTLS. * Replaced MinSSLversion by MinTLSversion. * LogTimeouts option added. * Added 'skip directories' parameter to reverse proxy. * Failed logins sent to Hiawatha Monitor. * Small bugfix and improvements.- Update to 9.12: * Bugfix: memory leak in SSL library. * Small bugfix.- Update to 9.11: * ChallengeClient option added. * UrlToolkit options TotalConnections and OmitRequestLog added. * Improvements to UrlToolkit and reverse proxy swap. * UrlToolkit rules are also applied to PUT and DELETE. * Small improvements.- Update to 9.10: * Support for banning bad clients who connect via a proxy. * UrlToolkit option Do added. Changed how Call and Skip should be called. * General UrlToolkit improvements. See config/toolkit.conf for syntax. * Hiawatha now prefers reverse proxies with a scheme matching the one of the client connection. See config/toolkit.conf for syntax. * Hiawatha will now first process UrlToolkit rules before using ReverseProxy. * Small bugfixes and improvements.- Update to 9.9: * HTTPAuthToCGI option added. * BanByCGI option added. * Improved SSL ciphersuite selections. * CAcertificates options added. * Dropped support for SSL3.0. * Small bugfixes and improvements.- Update to 9.8: * Added support for websockets. WebSocket option added. * SSL key and certificate checks added to wigwam. * Small bugfixes and improvements.- Avoid generating libpolarssl.so.7, which led to "have choice for libpolarssl.so.7: libpolarssl7 hiawatha" and make other polarssl-using applications not run in practice because the library is in a non-standard directory, yet discovered by rpm as a provider.- Update to 9.7: * UseToolkit now possible in .hiawatha file at root of website. * Method option added to URL Toolkit. * SetResourceLimit option added. * ThreadKillRate option added. * Improved SQL injection detection. * Default value for DHsize set to 2048. * PolarSSL updated to version 1.3.8. * Memory allocation debugger module added. * Small bugfixes and improvements. * Bugfix: incorrect file hash printing by wigwam with directory as symlink.- Update to 9.6: * Logfile rotation for access logfiles. * HTTP Strict Transport Security header made optional for RequireSSL. * Support for chunked transfer encoded requests (not for PUT). * Support for improved server statistics in Hiawatha Monitor. * The Hiawatha Monitor is now supported without the need for XSLT. * PolarSSL updated to version 1.3.7. * A few bugfixes as reported by Coverity. * Bugfix: SQL injection detection was broken since 8.6. * Bugfix: XSS detection didn't work for reverse proxy. * Small bugfixes.- Update to 9.5: * Added support for CGI statistics in Hiawatha Monitor. * MonitorRequests and MonitorStatsInterval option removed. * Added support for Origin HTTP header to prevent CSRF. * EnforceFirstHostname option added. * ScriptAlias option added. * PolarSSL updated to version 1.3.6. * Dropped support for PolarSSL 1.2.- Update to 9.4: * Keep-Alive connections for reverse proxy made optional. * ErrorXSLTfile option added. * IgnoreDotHiawatha option added. * RandomHeader option added. * Dropped support for RC4. * PolarSSL updated to version 1.3.4. * Added support for Hyper Text Coffee Pot Control Protocol (RFC2324). * Added SSL_CIPHER to CGI environment. * Added Public/Private to UrlToolkit expire option. * Small improvements.- Add firewall rules for http and https.- Update to 9.3.1: * Several bugfixes in reverse proxy.- Update to 9.3: * PolarSSL updated to version 1.3.2. * Added support for Elliptic Curve Cryptography. * TunnelSSH option added. * AnonymizeIP option added. * Keep-alive connections for reverse proxy. * Small improvements.- Don't use cutom pid file in systemd service. - Fix logrotate config. - Spec cleanup.- Update source URL.- Drop hiawatha.permissions file and related option. Use 0755 and %verify(not mode) for %{_sbindir}cgi-wrapper.- Update to 9.2: * Added support for compiling Hiawatha against the system's default version (>=1.2.0) of the PolarSSL library. * PolarSSL updated to version 1.2.8. * Small bugfixes (memory leaks in error situations). * Bugfix: virtual hostname selection for IPv6 with non-standard port.- Update to 9.1: * FileHashes option added. * PolarSSL updated to version 1.2.7. Enabled ciphersuite selection based on protocol version. * Enabled accf_http support for FreeBSD. Thanks to Martin Tournoij. * ImageReferer option removed. * Bugfix: incorrect BanOnFlooding behavior. * Small improvements.- Update to 9.0: * Clients handled via thread pool instead of creating threads on the fly. * ThreadPoolSize option added. * Header option added to URL Toolkit. * Improved client SSL certificate handling. Environment variables renamed. * PolarSSL updated to version 1.2.6. * Improved Reverse Proxy caching support for requests with URL parameters. * CacheMinFilesize option removed. * DenyBot option removed. Use UrlToolkit's Header option instead. * OldBrowser option removed from URL Toolkit. Use Header option instead. * Improved UrlToolkit rule testing in wigwam. * Small bugfixes and improvements.- Run server as wwwrun user.- update to 8.8.1 (changes since 7.7): * Bugfix: Incorrect size of buffer for poll() can lead to a crash when using Tomahawk. * Caching for Reverse Proxy. CacheRProxyExtensions option added. * Basic HTTP authentication now supports the glibc2 version of crypt(). * Hostname in ImageReferer can now contain a wildcard. * DenyBody matching is now case insensitive. * PolarSSL updated to version 1.2.5. * Support for HTTP Strict Transport Security (RFC 6797). Integrated in RequireSSL option. * DHsize option added. * PolarSSL updated to version 1.2.3. * CloudFlare headers placed in environment variables. * Removed php-fcgi. * Bugfix: slow page loading via Reverse Proxy. * PolarSSL updated to version 1.2. Added support for TLS 1.2 and secure renegotiation. * Added support for Server Name Indication. * MinSSLversion option added. * ServerRoot option removed. * Improved MacOS X package building script. * Marked php-fcgi as deprecated. Use php-fpm instead. * Improved Reverse Proxy. * Changed error message style. * Renamed Command Channel to Tomahawk. * Return 403 instead of 401 upon correct password for HTTP authentication but user not in right group. * Bugfix: replaced select() with poll() to prevent crashes in case of large amount of simultaneous connections. Thanks to Peter Bex. * MaxServerLoad option added. * PolarSSL updated to version 1.1.4. * Bugfix: invalid reverse proxy request when URL parameters are present. * Bugfix: memory leak in SSL library. * Improved security for reverse proxy (works with PreventSQLi, etc). * ReverseProxy option added. * PolarSSL updated to version 1.1.3. * WebDAVapp option added. Enables support for WebDAV applications like ownCloud (http://owncloud.org/). * Removed support for the OPTIONS method. * AllowDotFiles option added. * Global forks setting in php-fcgi.conf moved to Server setting. * BanOnInvalidURL option added. * PolarSSL updated to version 1.1.1. * Bugfix: paths missing in default values and examples in manual pages. * Replaced Autoconf with CMake. Many thanks to Sander Niemeijer. * Replaced OpenSSL with PolarSSL. Many thanks to Paul Bakker. * AllowedCiphers and DHparameters options removed. * Added IE7 to UrlToolkit's OldBrowser list, removed IE5. * MaxUrlLength option added, can return 414 Request-URI Too Long. * Changed default value of TriggerOnCGIstatus to 'no'. * Equalized format of logfiles. * Extra checks added to php-fcgi. * Improved SQL injection detection. * Bugfix: memory leak in PreventSQLi routine. * Bugfix: potential server freeze with 100% CPU in CGI output caching. * Bugfix: null byte in HTTP header of cached CGI content. * Control CGI output cache via X-Hiawatha-Cache and X-Hiawatha-Cache-Remove CGI headers. See the CGI OUTPUT CACHE section in the manual page. * BanOnWrongPassword now also triggers on wrong username. * Bugfix: timeout issue with large POST requests on SSL connections.- new upstream version <7.7> * First parameter of Alias can now contain subdirectories. * Improved stability for connections with SSL client authentication. * Bugfix: BanOnFlooding was broken.- new upstream version <7.6> * PreventSQLi option rewritten.- new upstream version <7.5> * OldBrowser option added to URL toolkit. * Improved mimetype configuration. * Do-not-track HTTP header support. * Password file entries can now be created with Wigwam. * Small bugfixes and improvements. * Bugfix: sent one byte too few for Range -XX. * Bugfix: possible crash when using PreventSQLi.- new upstream version <7.4.1> * Bugfix: integer overflow in fetch_request() which could lead to a server crash.- new upstream version <7.4> * Connections per IP added to RequestLimitMask. * NoExtensionAs made a per-host setting. * Small bugfixes and improvements. * Bugfix: usage of HideProxy caused Hiawatha to refuse new connections after ConnectionsTotal connections. * Bugfix: memory leak in XSLT module.- new upstream version <7.3> * RequestLimitMask option added. * URL parameters for ErrorHandler. * Support for Haiku OS. * Small security bugfixes.- new upstream version <7.2> * URL toolkit code restructured. * UseSSL option added to URL toolkit. * Digest HTTP authentication works with htdigest(1) created password files. * Small improvements.- new upstream version <7.1> * Small bugfixes. * Bugfix: deny access and redirect result via toolkit subroutine. * Bugfix: broken flooding protection.- new upstream version <7.0> - added logrotate/init file.- update to 6.11obs-arm-7 1551813499 10.8.4-bp150.3.3.110.8.4-bp150.3.3.1hiawathaletsencryptINSTALLLICENSEREADME.txtletsencryptletsencrypt.conflibrariesacmev2.phpconfig.phphiawatha_config.phphttp.phphttps.phpletsencrypt.phplogfile.phpopenssl.confrsa.phpscriptsmail.example.org/usr/share//usr/share/hiawatha//usr/share/hiawatha/letsencrypt//usr/share/hiawatha/letsencrypt/libraries//usr/share/hiawatha/letsencrypt/scripts/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:9784/openSUSE_Backports_SLE-15_Update/9bdf15b3d75195e65e6b4d4d54585340-hiawatha.openSUSE_Backports_SLE-15_Updatedrpmxz5aarch64-suse-linuxdirectoryASCII texta /usr/bin/php script, ASCII text executablePHP script, ASCII textPOSIX shell script, ASCII text executableRRW9tDŋutf-87b758c12d1c25c2f983783066b2dd0b77abb7cb43c75c3c680c42989b66aa38b?07zXZ !t/H]"k%.{:IQs9m~o8GNT׸]芢eIdǂ]L=~7]sewp|Z R|{IccݝY{d #rJ`_Ewjp6(dp_<8s xvFD#4S5kRX6FTw^ОEKήTHL 8TmHEU%4{{ oڨ0\@ǝOj gO>V\r}5_͢XJLtcBꦑ̘Qa]}Ñ` q;$,j70ߣ.ܠC0I'ZyB ?`ЭbV6C|Woi4CۃKzQ8ęcBZ=H;#f8ݓE >6)" wM#eQV^{Hgkϒ:"2 !nC}Wv`29g