Re: EPEL-ANNOUNCE incompatible update of caddy in EPEL 9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Aug 24, 2023 at 1:44 AM Carl George <carl@xxxxxxxxxx> wrote:
>
> I am performing an incompatible upgrade of the caddy package in EPEL
> 9.  In accordance with the incompatible upgrade policy [0], I proposed
> this upgrade just over a week ago on the epel-devel mailing list [1].
> For reasons detailed in the previous email, it is no longer possible
> to update the package at the current version, preventing me from
> resolving known CVEs.  Today the EPEL Steering Committee voted to
> approve this upgrade [2].
>
> This upgrade will take the package from version 2.4.6 to 2.6.4.  This
> includes a few backwards-incompatible changes.  I believe these
> changes are on the milder side, and most users shouldn't notice a
> difference.  Here are the most notable removals/changes:
>
> - Reverse proxy: Incoming X-Forwarded-* headers will no longer be
> automatically trusted, to prevent spoofing.
> - Logging: Removed the deprecated common_log field from HTTP access
> logs, and the single_field encoder.
> - Logging: The remote_addr field has been replaced by remote_ip and
> remote_port fields in HTTP access logs, which split up the two parts
> of the remote address.
> - Caddyfile: The reverse_proxy directive's handle_response
> subdirective has had its status replacement functionality moved to a
> new replace_status subdirective.
>
> There are also a few additional changes to features labeled as
> experimental, and some deprecations (not yet removed).  For a full
> list, see the upstream release notes [3][4].
>
> If you are able, please test and provide karma for the update [5].
>
> [0] https://docs.fedoraproject.org/en-US/epel/epel-policy-incompatible-upgrades/
> [1] https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/CDNDAKTIAQTFTNDHOIHKQJ4B2LAV5ZSS/
> [2] https://meetbot.fedoraproject.org/fedora-meeting/2023-08-23/epel.2023-08-23-20.00.html
> [3] https://github.com/caddyserver/caddy/releases/tag/v2.5.0
> [4] https://github.com/caddyserver/caddy/releases/tag/v2.6.0
> [5] https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8849a14e7f
>
> --
> Carl George
> _______________________________________________
> epel-announce mailing list -- epel-announce@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to epel-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/epel-announce@xxxxxxxxxxxxxxxxxxxxxxx
> Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

This update has been in the testing repo for the mandatory 1 week
period.  I am pushing it to stable now.

-- 
Carl George
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux