81e1926faf
Changes: *) Security: a buffer overflow might occur while handling a COPY or MOVE request in a location with "alias", allowing an attacker to modify the source or destination path outside of the document root (CVE-2026-27654). *) Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module on 32-bit platforms might cause a worker process crash, or might have potential other impact (CVE-2026-27784). *) Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash, or might have potential other impact (CVE-2026-32647). *) Security: a segmentation fault might occur in a worker process if the CRAM-MD5 or APOP authentication methods were used and authentication retry was enabled (CVE-2026-27651). *) Security: an attacker might use PTR DNS records to inject data in auth_http requests, as well as in the XCLIENT command in the backend SMTP connection (CVE-2026-28753). *) Security: SSL handshake might succeed despite OCSP rejecting a client certificate in the stream module (CVE-2026-28755). *) Feature: the "multipath" parameter of the "listen" directive. *) Feature: the "local" parameter of the "keepalive" directive in the "upstream" block. *) Change: now the "keepalive" directive in the "upstream" block is enabled by default. *) Change: now ngx_http_proxy_module supports keepalive by default; the default value for "proxy_http_version" is "1.1"; the "Connection" proxy header is not sent by default anymore. *) Bugfix: an invalid HTTP/2 request might be sent after switching to the next upstream if buffered body was used in the ngx_http_grpc_module. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
meta-webserver
This layer provides support for building web servers, web-based applications and related software.
Dependencies
This layer depends on:
URI: git://git.openembedded.org/openembedded-core subdirectory: meta branch: master
For some recipes, the meta-oe layer is required:
URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-oe branch: master
Layout
- recipes-httpd/ Web servers
- recipes-php/ PHP applications
- recipes-support/ Miscellaneous support recipes
- recipes-webadmin/ Standalone web administration interfaces
Notes
-
This layer used to provide a modphp recipe that built mod_php, but this is now built as part of the php recipe in meta-oe. However, since apache2 is required to build mod_php, and apache2 recipe is in this layer and recipes in meta-oe can't depend on it, mod_php is not built by default. If you do wish to use mod_php, you need to add "apache2" to the PACKAGECONFIG value for the php recipe in order to enable it. See here for info on how to do that:
http://www.yoctoproject.org/docs/current/ref-manual/ref-manual.html#var-PACKAGECONFIG
Maintenance
Send patches / pull requests to openembedded-devel@lists.openembedded.org with '[meta-webserver]' in the subject.
When sending single patches, please use something like:
git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-webserver][PATCH"
Layer maintainer: Derek Straka derek@asterius.io
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.
This README document is Copyright (C) 2012 Intel Corporation.