| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libvarnishapi3 | Distribution: SUSE Linux Enterprise 15 SP6 |
| Version: 7.4.1 | Vendor: openSUSE |
| Release: bp156.1.3 | Build date: Mon May 13 19:10:36 2024 |
| Group: Productivity/Networking/Web/Proxy | Build host: i03-ch2d |
| Size: 236024 | Source RPM: varnish-7.4.1-bp156.1.3.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://varnish-cache.org/ | |
| Summary: Shared libraries for Varnish | |
Varnish is an HTTP accelerator. Often called Reverse Proxy, it is an application that stores (caches) documents that have been requested over the HTTP protocol. Based on certain criteria, the next client requesting the document is either given the cached document, or a "fresh" document requested from a backend server. The purpose of this is to minimize the requests going to the backend server(s) by serving the same document to potentially many users. This package holds the shared libraries for varnish.
BSD-2-Clause
* Thu Sep 21 2023 Jan Engelhardt <jengelh@inai.de>
- Update to release 7.4.1
* Response status codes other than 200 and 204 are now considered
errors for ESI fragments.
* Support for abstract AF_LOCAL sockets.
* HTTP/2 header field validation is now more strict with respect
to allowed characters.
* VCL tracing now needs to be explicitly activated by setting the
req.trace or bereq.trace VCL variables.
* Wed Nov 09 2022 Jan Engelhardt <jengelh@inai.de>
- Update to release 7.2.1
* Attempts to mark well-known headers like Content-Length and
Host hop-by-hop through a Connection-header will now cause a
400 "Bad request" response.
(VSV00010, CVE-2022-45059, boo#1205243)
* Apply the same character set rules to HTTP/2 pseudo-headers
as is done on the corresponding HTTP/1 request-line field
parsing. (VSV00011, CVE-2022-45060, boo#1205242)
* Sat Oct 29 2022 Dirk Müller <dmueller@suse.com>
- update to 7.2.0:
* Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``,
``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated.
* Cookie headers generated by vmod_cookie no longer have a
spurious trailing semicolon at the end of the string. This
could break VCL relying on the previous incorrect behavior.
* The ``SessClose`` and ``BackendClose`` reason ``rx_body``,
which previously output ``Failure receiving req.body``, has
been rewritten to ``Failure receiving body``.
* Prototypical Varnish Extensions (VEXT). Similar to VMODs, a
VEXT is loaded by the cache process. Unlike VMODs that have
the combined lifetime of all the VCLs that reference them, a
VEXT has the lifetime of the cache process itself. There are
no built-in extensions so far.
* Duration parameters can optionally take a unit, with the same
syntax as duration units in VCL.
* Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body``
from outside client vcl subs now fail properly instead of
triggering an assertion failure.
* New "B" string for the package branch in ``VCS_String()``.
For the 7.2.0 version, it would yield the 7.2 branch.
* The new ``vcc_feature`` bits parameter replaces previous
``vcc_*`` boolean parameters. The latter still exist as
deprecated aliases.
* The ``-k`` option from ``varnishlog`` is now supported by
``varnishncsa``.
* New functions ``std.now()`` and ``std.timed_call()`` in
vmod_std.
* New ``MAIN.shm_bytes`` counter.
* A ``req.http.via`` header is set before entering
``vcl_recv``. Via headers are generated using the
``server.identity`` value. It defaults to the host name and
can be turned into a pseudonym with the ``varnishd -i``
option. Via headers are appended in both directions, to work
with other hops that may advertise themselves.
* A ``resp.http.via`` header is no longer overwritten by
varnish, but rather appended to.
* The ``server.identity`` syntax is now limited to a "token" as
defined in the HTTP grammar to be suitable for Via headers.
* In ``varnishtest`` a Varnish instance will use its VTC
instance name as its instance name (``varnishd -i``) by
default for predictable Via headers in test cases.
* VMOD and VEXT authors can use functions from ``vnum.h``.
* Do not filter pseudo-headers as regular headers.
* The termination rules for ``WRK_BgThread()`` were relaxed to
allow VMODs to use it.
* ``(struct worker).handling`` has been moved to the newly
introduced ``struct wrk_vpi`` and replaced by a pointer to
it, as well as ``(struct vrt_ctx).handling`` has been
replaced by that pointer. ``struct wrk_vpi`` is for state at
the interface between VRT and VGC and, in particular, is not
const as ``struct vrt_ctx`` aka ``VRT_CTX``.
* Panics now contain information about VCL source files and
lines.
* The ``Begin`` log record has a 4th field for subtasks like
ESI sub-requests.
* The ``-E`` option for log utilities now works as documented,
with any type of sub-task based on the ``Begin[4]`` field.
This covers ESI like before, and sub-tasks spawned by VMODs
(provided that they log the new field).
* No more ``req.http.transfer-encoding`` for ESI sub-requests.
* The thread pool reserve is now limited to tasks that can be
queued. A backend background fetch is no longer eligible for
queueing. It would otherwise slow a grace hit down
significantly when thread pools are saturated.
* The unused ``fetch_no_thread`` counter was renamed to
``bgfetch_no_thread`` because regular backend fetch tasks are
always scheduled.
* The macros ``FEATURE()``, ``EXPERIMENT()``, ``DO_DEBUG()``,
``MGT_FEATURE()``, ``MGT_EXPERIMENT()``, ``MGT_DO_DEBUG()``
and ``MGT_VCC_FEATURE()`` now return a boolean value (``0``
or ``1``) instead of the (private) flag value.
* A regression in the transport code led MAIN.client_req to be
incremented for requests coming back from the waiting list,
it was fixed.
- Delete varnish-5.1.2-add-fallthrough-comments.patch
* Wed Sep 21 2022 Bernhard Wiedemann <bwiedemann@suse.com>
- Make reload fail nicely on vcl syntax error
- Set TasksMax=16384 because default thread_pool_max is 5000
* Mon Sep 19 2022 Bernhard Wiedemann <bwiedemann@suse.com>
- Fix varnish.service stop
* Sun Sep 18 2022 Bernhard Wiedemann <bwiedemann@suse.com>
- Fix logrotate
- Add service reload
* Fri Aug 12 2022 Jan Engelhardt <jengelh@inai.de>
- Update to release 7.1.1 [boo#1202350] [CVE-2022-38150]
* Resolve a denial of service attack involving reason phrases.
* Mon May 16 2022 Jan Engelhardt <jengelh@inai.de>
- Update to release 7.1.0 [boo#1195188] [CVE-2022-23959]
* VCL: It is now possible to assign a BLOB value to a BODY
variable, in addition to STRING as before.
* VMOD: New STRING strftime(TIME time, STRING format) function
for UTC formatting.
* Wed Dec 01 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* varnish.service
* varnishlog.service
* Fri Aug 06 2021 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.6.1
* Fix an HTTP/2.0 request smuggling vulnerability. [bnc#1188470]
* Sun Jul 04 2021 Dirk Müller <dmueller@suse.com>
- update to 6.6.0:
* The ban_cutoff parameter now refers to the overall length of
the ban list, including completed bans, where before only
non-completed (“active”) bans were counted towards ban_cutoff.
* Body bytes accounting has been fixed to always represent the
number of body bytes moved on the wire, exclusive of
protocol-specific overhead like HTTP/1 chunked encoding or
HTTP/2 framing.
* The connection close reason has been fixed to properly report
SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported.
* Unless the new validate_headers feature is disabled, all newly
set headers are now validated to contain only characters
allowed by RFC7230.
* The filter_re, keep_re and get_re functions from the bundled
cookie vmod have been changed to take the VCL_REGEX type. This
implies that their regular expression arguments now need to be
literal, not e.g. string.
* The interface for private pointers in VMODs has been changed,
the VRT backend interface has been changed, many filter
(VDP/VFP) related signatures have been changed, and the
stevedore API has been changed. (Details thereto, see online
changelog.)
* Fri Oct 02 2020 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.5.1
* Bump the VRT_MAJOR_VERSION number defined in the vrt.h
* Thu Sep 17 2020 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.5.0
* `PRIV_TOP` is now thread-safe to support parallel ESI
implementations.
* varnishstat's JSON output format (-j option) has been changed.
* Behavior for 304-type responses was changed not to update the
Content-Encoding response header of the stored object.
* Tue Jun 23 2020 Jan Engelhardt <jengelh@inai.de>
- Disable LTO, this randomly fails during link stage.
* Tue Jun 09 2020 Jan Engelhardt <jengelh@inai.de>
- Update Git-Web repository link
- Set CFLAGS+=-fcommon.
* Tue Mar 17 2020 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.4.0
* The MAIN.sess_drop counter is gone.
* backend "none" was added for "no backend".
* The hash algorithm of the hash director was changed, so
backend selection will change once only when upgrading.
* It is now possible for VMOD authors to customize the
connection pooling of a dynamic backend.
* For more, see changes.rst.
* Tue Feb 25 2020 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.3.2
* Fix a denial of service vulnerability when using the proxy
protocol version 2.
* Tue Sep 17 2019 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.3.0
* The Host: header is folded to lower-case in the builtin_vcl.
* Improved performance of shared memory statistics counters.
* Synthetic objects created from vcl_backend_error {} now
replace existing stale objects as ordinary backend fetches
would (for details see changes.rst)
* Wed Sep 04 2019 Jan Engelhardt <jengelh@inai.de>
- Update to release 6.2.1
* Bugfix for CVE-2019-15892 [boo#1149382]
* Mon Aug 26 2019 Jan Engelhardt <jengelh@inai.de>
- Add uninit.patch.
* Wed Mar 27 2019 Samu Voutilainen <smar@smar.fi>
- Updated to 6.2.0
* Added a thread pool watchdog which will restart the worker
process if scheduling tasks onto worker threads appears
stuck. The new parameter "thread_pool_watchdog" configures
it.
- Disabled error for clobbering, which caused bogus
error in varnishtest
* Wed May 02 2018 jengelh@inai.de
- Put %fillup back into %post
* Mon Mar 19 2018 jengelh@inai.de
- Update to new upstream release 6.0.0
* Added support for Unix Domain Sockets, both for clients and
for backend servers. This brings a new level of the VCL
language, version 4.1.
* Always use HTTP/1.1 on backend connections for pass fetch.
* Thu Nov 23 2017 rbrown@suse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
* Fri Jun 23 2017 antoine.belvire@opensuse.org
- Update to version 5.1.2:
* Fix an endless loop in Backend Polling (#2295)
* Fix a Chunked bug in tight workspaces (#2207, #2275)
* Fix a bug relating to req.body when on waitinglist (#2266)
* Handle EPIPE on broken TCP connections (#2267)
* Work around the x86 arch's turbo-double FP format in parameter
setup code. (#1875)
* Fix race related to backend probe with proxy header (#2278)
* Keep VCL temperature consistent between mgt/worker also when
worker protests.
* A lot of HTTP/2 fixes.
- Changes introduced by version 5.1.1:
* Fix bug introduced by stubborn old bugger right before release
5.1.0 was cut.
- Changes introduced by version 5.1.0:
* Added varnishd command-line options -I, -x and -?, and
tightened restrictions on permitted combinations of options.
* More progress on support for HTTP/2.
* Add ``return(fail)`` to almost all VCL subroutines.
* Restored the old hit-for-pass, invoked with
``return(pass(DURATION))`` from
``vcl_backend_response``. hit-for-miss remains the default.
Added the cache_hitmiss stat, and cache_hitpass only counts the
new/old hit-for-pass cases. Restored HitPass to the Varnish
log, and added HitMiss. Added the HFP prefix to TTL log entries
to log a hit-for-pass duration.
* Rolled back the fix for #1206. Client delivery decides solely
whether to send a 304 client response, based on client request
and response headers.
* Added vtest.sh.
* Added vxid as a lefthand side for VSL queries.
* Added the setenv and write_body commands for Varnish test cases
(VTCs). err_shell is deprecated. Also added the operators
- cliexpect, -match and -hdrlen, and -reason replaces -msg.
Added the ${bad_backend} macro.
* varnishtest can be stopped with the TERM, INT and KILL signals,
but not with HUP.
* The fallback director has now an extra, optional parameter to
keep using the current backend until it falls sick.
* VMOD shared libraries are now copied to the workdir, to avoid
problems when VMODs are updated via packaging systems.
* Bump the VRT version to 6.0.
* Export more symbols from libvarnishapi.so.
* The size of the VSL log is limited to 4G-1b, placing upper
bounds on the -l option and the vsl_space and vsm_space
parameters.
* Added parameters clock_step, thread_pool_reserve and
ban_cutoff.
* Parameters vcl_dir and vmod_dir are deprecated, use vcl_path
and vmod_path instead.
* All parameters are defined, even on platforms that don't
support them. An unsupported parameter is documented as such in
param.show. Setting such a parameter is not an error, but has
no effect.
* Clarified the interpretations of the + and - operators in VCL
with operands of the various data types.
* DURATION types may be used in boolean contexts.
* INT, DURATION and REAL values can now be negative.
* Response codes 1000 or greater may now be set in VCL
internally. resp.status is delivered modulo 1000 in client
responses.
* IP addresses can be compared for equality in VCL.
* Introduce the STEVEDORE data type, and the objects
storage.SNAME in VCL. Added req.storage and beresp.storage;
beresp.storage_hint is deprecated.
* Retired the umem stevedore.
* req.ttl is deprecated.
* Added std.getenv() and std.late_100_continue().
* The fetch_failed stat is incremented for any kind of fetch
failure.
* Added the stats n_test_gunzip and
bans_lurker_obj_killed_cutoff.
* Clarified the meanings of the %r, %{X}i and %{X}o formatters in
varnishncsa.
- Add varnish-5.1.2-add-fallthrough-comments.patch to fix build
with GCC 7 (boo#1041259).
* Tue May 16 2017 dimstar@opensuse.org
- BuildRequire python3-docutils instead of python-docutils.
* Sun Sep 25 2016 jengelh@inai.de
- Update to new upstream release 5.0.0
- The varnishd "-u NNN" option, which may be remaining in
/etc/sysconfig/varnish, has been replaced with "-j unix,user=NNN".
* Varnish 5.0 changes some (mostly) internal APIs and adds some
major new features over Varnish 4.1.
* 5.0 supports jumping from the active VCL's vcl_recv{} to another
VCL via a VCL label.
* Very Experimental HTTP/2 support
* We have added to the "directors" VMOD — an overhauled version of
a director which was available as an out-of-tree VMOD under the
name VSLP for a couple of years. It is basically a better hash
director which uses consistent hashing to provide improved
stability of backend node selection when the configuration and/or
health state of backends changes.
* Hit-For-Pass is now actually Hit-For-Miss
* We have made the ban lurker even more efficient by example of
some real live situations with tens of thousands of bans using
inefficient regular expressions.
* The waitinglist logic for ESI subrequests now uses condition
variables to trigger immediate continuation of ESI processing
when an object being waited for becomes available.
* Backend PROXY protocol requests are now supported through the
.proxy_header attribute of the backend definition.
* VCL files are now also being searched for in
/usr/share/varnish/vcl if not found in /etc/varnish.
* The basic device detection vcl is now bundled with varnish.
* Thu Aug 18 2016 dimstar@opensuse.org
- Add "-ffloat-store -fexcess-precision=standard" to CFLAGS when
building for ix86, working around bug gcc#323. See also
gh#varnish/Varnish-Cache#88.
* Fri Apr 22 2016 jengelh@inai.de
- Update to new upstream release 4.1.2
* vmods: Passing VCL ACL to a vmod is now possible.
* vmods: VRT_MINOR_VERSION increase due to new function:
VRT_acl_match()
* Be stricter when parsing a HTTP request to avoid potential HTTP
smuggling attacks against vulnerable backends.
* Tue Mar 08 2016 jengelh@inai.de
- Report testsuite failure to build log and make testsuite nonfatal
as there seems to be one swaying test, tests/r01478.vtc.
* Tue Feb 16 2016 eshmarnev@suse.com
- disable silent rules in spec file.
- enable testsuite for varnish.
* Tue Feb 16 2016 eshmarnev@suse.com
- Update to new upstream release 4.1.1
* Improved security features (jails).
* Support for PROXY protocol.
* Warm and cold VCL states.
* Backends defined through VMODs.
* A lot of bugs were fixed.
- Delete 0001-Fail-fetch-on-malformed-Content-Length-header.patch,
this issue was fixed in upstream.
- Add 'su varnish varnish' line to varnish.logrotate file.
- Cleanup with spec-cleaner.
* Fri Mar 27 2015 jengelh@inai.de
- Update to new upstream release 4.0.3
* Full support for streaming objects through from the backend on a
cache miss. Bytes will be sent to 1..n requesting clients as they
come in from the backend server.
* Background (re)fetch of expired objects. On a cache miss where a
stale copy is available, serve the client the stale copy while
fetching an updated copy from the backend in the background.
* New varnishlog query language, allowing automatic grouping of
requests when debugging ESI or a failed backend request.
* Comprehensive request timestamp and byte counters.
- Add 0001-Fail-fetch-on-malformed-Content-Length-header.patch
[bnc#921316]
/usr/lib64/libvarnishapi.so.3 /usr/lib64/libvarnishapi.so.3.1.0
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 20:06:21 2024