incompatible update of caddy in EPEL 9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am performing an incompatible upgrade of the caddy package in EPEL
9.  In accordance with the incompatible upgrade policy [0], I proposed
this upgrade just over a week ago on the epel-devel mailing list [1].
For reasons detailed in the previous email, it is no longer possible
to update the package at the current version, preventing me from
resolving known CVEs.  Today the EPEL Steering Committee voted to
approve this upgrade [2].

This upgrade will take the package from version 2.4.6 to 2.6.4.  This
includes a few backwards-incompatible changes.  I believe these
changes are on the milder side, and most users shouldn't notice a
difference.  Here are the most notable removals/changes:

- Reverse proxy: Incoming X-Forwarded-* headers will no longer be
automatically trusted, to prevent spoofing.
- Logging: Removed the deprecated common_log field from HTTP access
logs, and the single_field encoder.
- Logging: The remote_addr field has been replaced by remote_ip and
remote_port fields in HTTP access logs, which split up the two parts
of the remote address.
- Caddyfile: The reverse_proxy directive's handle_response
subdirective has had its status replacement functionality moved to a
new replace_status subdirective.

There are also a few additional changes to features labeled as
experimental, and some deprecations (not yet removed).  For a full
list, see the upstream release notes [3][4].

If you are able, please test and provide karma for the update [5].

[0] https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades/
[1] https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/CDNDAKTIAQTFTNDHOIHKQJ4B2LAV5ZSS/
[2] https://meetbot.fedoraproject.org/fedora-meeting/2023-08-23/epel.2023-08-23-20.00.html
[3] https://github.com/caddyserver/caddy/releases/tag/v2.5.0
[4] https://github.com/caddyserver/caddy/releases/tag/v2.6.0
[5] https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8849a14e7f

-- 
Carl George
_______________________________________________
epel-announce mailing list -- epel-announce@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-announce@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]
  Powered by Linux