varnish-devel-7.7.1-bp156.2.3.1<>,h9ͨI%z {Gg-)wbF 꽣ES^ MJz-ۊ2)Zmpd(UDKAQJ}KBgK=&GHH#leAbFFOx&lTfQcxּԇmaTL;f: ~!N6M~"-,ʐoLd6Z@kBHXR6<K9 r/6@HMJӻ.; Obwab$do};t;>${$s1@k3,DOQBHGٮ6u6p8zQ1ߓ%mqwj:OaJLM\NDUet 9*2Jĝrl@:5=X:[l֩bJ 1MC%ϚKa!6d!d 7*jΨ?ōʃppz>0? d " @,0IR_ xaHa  a a Pa a haa a""a$\$$%/(%R8%\'9%':*y'FGaHxaIaX`Yl\a]a^O b@cdefluav0wax4ayzCvarnish-devel7.7.1bp156.2.3.1Development files for VarnishVarnish is an HTTP accelerator. Often called Reverse Proxy, it is an application that stores (caches) documents that have been requested over the HTTP protocol. This package holds the development files for varnish.h9ͨarmbuild25-2eSUSE Linux Enterprise 15openSUSEBSD-2-Clausehttp://bugs.opensuse.orgDevelopment/Libraries/C and C++https://varnish-cache.org/linuxaarch64`' wJ 8, wId/ sm  0Id}K  yI "U(UY f @b9vj3   9H! M de3  + nr  [;Q/AA큤A큤A큤A큤A큤A큤h92h92h92h92h92h92h92h92h92h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h91h92h92h91h94h94h94h94b667583656400f8b6dad3a6b3c2ce3ba24e16cbcb71ad33131c3a26089be6bdbe0b5bbfaa98b43b3e776e7ae26c3fd1e6e835777ec7163ac2997eefde7cde0cea564b1cdcdbeb438851eca0dff17f24a8c64be9d7791f65dff2f0997e1b4c74ed36bf40c9356545282aa62b91bd1897861b6db612d1b85d93a1359eb33ca67b5b41a6a2b2eae94000272db0a074d8545b883189c3796764136001c3be3c08ecec5e8f55193cc8f43de75c644dc45176a831b16cc124155e4f09dd9e264a829a2f7f2a41ae85dd9936fa1a4a820a9ab47ebcee4795334a0b0946f1d94ed7d0afef8fb76b06164495b1f87b45ea87d668fa37cc1d0e287f4415bc12691e6c4979880015306422fd91f00ec5c3fc22309dbcdfd7cede9abe3b43ed06cbb5c35a74ac528e508f1b9a7f32e6bcde2d0efdf9827d4fa2f7f0e5946947f3bdf3f6616d9e36d94085720189103e401c12e11025c6cdc889f0f629fd5f7f214245972fdee4e632c7b1bdb563dc02dd11ec7bc83338f3b11c27a6785e8c5339ea84dfcb5598f1da580bf0c494afcde08a7f54ce450c8d84311d4a78f3ecdc127f1352cb070f0872b5e2236d8d24144859ce790b32ff183fa8700dd1a16e203d2a2b432fd787cefb183da673afdf1069f6d71d98bd0857ac0134f2668d4bbe461df1c24a3d338eac9048a0674943259de85e79e5f7a81002a96a771f3a99541191248a3731fd5d308329eea6f7e70cc322abcfe01e3fb3d6323ab6e95150b8032e53bf665b776343869a29f06097c4ba25472f10108c0fd3a77d454e4911c00af02bee1dd7807a0f939e49102e5305d77d999b08e530ffa9d7abf818087045017e6d8727438e32b15a484350a1667922c7c67d2ea3bb5739faf5acf631a55604c789a4beb79f44153800983faa842c45a885110b8026425e52d9c4b7297da070e6b68eb8f94344ba1203394d460a49bc9ec90c780ed5b2670e727484bd14d1ef789d6ee5d6718b5d9a67c48e07d56525197aad563eccfc3ee63b9b97fb2bdd6fb3e6e3e3610cd0971d738ad3de3419b3495628cc206f8eeeba800e321ce15ebf3a5fd2c7f716dbba77178b82db0300a00d0f11a66b23568cfe98313c6a2ebd2e0e1f76e17a769d34da4e6272eb1059b0e0c9c72b36a6f533787757745b659424e01561d52f6f6133e26c024c4c71bdcf93255e56f11fa1a821441267575847bad52abae2163a748c4acb7f7f98d5fcb4c1fcc5c6f8a7a4b292ac234c1574a1f57e953de6f411e21ad496ebc207af5ce0697d382c546fb19f1315ea5ede554818f50f60f9a730e322d88e2d01dd28ffd4dea24594fb9edbfcd80829fb46b0827a66e9ab1800ba402201f48f3f07f617938126bca0ea3faff44179d130d37b240d0160bb11e1d6c6cefa967106daa3c8fc232479c539cb8ae6fcf048558b2be51c73dfb4a5c4d6924f4274406db65d8de2c52c8d1c9fb1444889e8afd99a69ca90fc3330c71e73c9b8c6e432e3a518f7b56ac6a5b00c445b0a0a12f08e3049e3dbfeac8d3ac1cb008e680da9e504482b434b4008b10d980a210b0bd9e8d89c1d2e3bd79a33dad249636a5c61822277cdef15eb87a5aeb4a63bb5347255d17e77ad074b18e257d00f6a880607c8ba026cf47b975871882844dfd6f3f3e769118f360f160b3c866f252bd18fbf6d9159946450fc95cbab54ffe3d032c7df9fd50f09a89f753b2c30ae1c655626151b7a0a862761aef7dc3ab169bdc57792badbb29166d45f661bdaa5e218d84de8ff0dabacadc2953950d67f68533339d7c38e43074905cb3a09df4f1f7656ce39a217f73b51027d62a60171d2d78fffc483dfeef1b8ed9b792a4636059c20cad5c9a08ccb92ea3ec57226a43829aa58e511044dc400993dac137e2ebe338e69a9b482244456f49dd93ea01a04fb85c2e12b02608e3756a76176334e69840c383cc9e26e59f692f18831304772f4238385e6552e1054c966bb36960fc5bfd9561f9348d60900b5b7b0f1977a63fff305b62d8ce30c814d9746bc07f31f566115142ec114a7d23b5321e522ae1bc77dafbdb1e20a84d506cc880f0ab39efb747be5ca65d1e636b369d232e47ab1ed80c54b31f22e87dc4087008adbf2c6e2cfd7ea78665b5858d21f13d546e49baa000d4e1ecc3a036047029fe6252d17dca81170cc6aac49400bb982fd5cd74d48b0366975fc35c1e8d78a7c5d2255a03242bff2919296d3920aa87eea13ecf182f0ebea5215b310fefa534c96aa4a99f07e5357fbe6a0e09b06bc9b587922f37e132c37a6883db23e8ef68cd987dd34a961790de3360d59782c0e0715bb9b690270ec808721f2e3400721fd8cb8ca2ceda77239ed65dbda4046168d063899790faa00b10f95b347d24ed4a7fbaff18004bba28c4018af3fcf4dbb9c93aacdc47083f5e0b3d14a3b02c51d3a5ed71ca857f785c99edefbaf0779e0deeb7266c95549b7b751286f6260b3e517f22beca690f6a8b4a399efe26ca14b40ae8dbae7417063375d9d9fc2e33ccd04f92ae8748c29c5363a7dc4047defe9c91aefffea162faf8f16dfbe5b4152c4471a54eb0ad7ff6b2c377f448ca6f0864845c7975b7d77804778ff33f83815f78c5b3a5153be553f321554002f81d8d783a65288162b4a4020ebaf4ccd3720d0d3f607b2da8dcaf98ac6e1831fac2b09e7eb2e253cd7b3b96579fecf672b59a57f7cab5660f37f080467559eab667ce92e83ac4c2f5f7f92f1704bdd7bd55bdc73871dc73d5838fa4b05c4409c375621252637e0e09bc56838321caa5d2645f6d8ff08e46bd4db2247acad90b5d0193cae823b3ec890756a5a796d10123e343ae60dbd39d20e9e587be870e87a971ea1d5237b85b1fdc69d56a140440cffba6b03177a4ae559f3c4c6a014f3f83b6640ca8be895f58479b6ca780a6bcce5709b5f72cce928391500949e2307966a5270437ff6fdf2a57398f1582608ed1540ee61500b58d3aa628b5ad0b0c40eda950243c9ae7c78de8f32ca598ecc9ed86f1452fbf6aa8a2725c32319c05edf5cfbdcbe6e24c76eb25dfe5c899596e4f502f2203642d418306355fbb8327eaf710d8ad8035bcde090ce97577359ed9eb06ef5a3f82021ab4bdf567d1b0b5a0d9fbd5d46091ef583422eec8f9f297c87b636f91953859b00c3a265ff92254697978a93af8278faf9db5930d0ecb89c14670fbf39a808558e6989f8ae4164bc6be730a94b6a3e5e56e8b5a3577a2fe76decba7fed8f95924869dbf6dc5db035d4a136454df3d4466a4d0af455c42ad5f5184d091567fdcc60f4e2a34573f6d53ded20bdae2dd706f640899949bd3aff4d43809723d148bdcb50ce86fff3534f1749e77fc9993b7dc98839eea43582d1ab0163e92012b82adf07d387fcd3eb45753bbdc26f8b8d6d70a447029d2bab0db60983f09e4fc0c744447b2d98595b8e656e114c9ef95f0e4817c815d90c2aeacf5973b7ef07874f154389a0ed59c6668181dd781ccaf104f45bfcdc78aee34a771d37fd15936e53b0bbbcc703c4223fec2ec84607f29996755990ff74e6c9e4e968e303a507f2174dbbb3d53583d23380bc7208c328b32707e37725ad10919426f54d366d20bb764dc4cb540b14af64b963652efe6024a013fe25e635c8e4b1b1395ecbd03f9ea08423890d78c13d1a77306795f483baade2740c2a7198d70126d36f726f2e6f819eabc4e7bb7b2c7181277c4d5a6433f16cfcce1e5ffeda9ebae32937c3aff2a9e3b2c03b914dd70c63b6cf247e2251c07fdab800792e7aff17de7d1c15168ec14f93b3934620bb2978cbdaa30cf88f12e7bf10409012329754602f21771a3b9dae61734f29d1d07e0ba4c3128c9986eef24bd17e81d0d2330e9b55cbbe45d276125c9022205f82daae25c463d501d3c63026bb130b8d4f3d7adbb32a4ce0156b63f5c3fb2b4c9237eea0a351d136b9168531b86d222c1d2375d0846b5f8eee17ec4e3296dab7b255f94cbf8ce428fbbd4737bfeaa5a20a7415330e2607395libvarnishapi.so.3.1.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootvarnish-7.7.1-bp156.2.3.1.src.rpmpkgconfig(varnishapi)varnish-develvarnish-devel(aarch-64)@    /usr/bin/pkg-configrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)varnish3.0.4-14.6.0-14.0-15.2-17.7.14.14.3h%@g@g*@fe@eie 0@ck@c]c*c(Yc'@b@bJan Engelhardt Andrea Manzini Jan Engelhardt Arjen de Korte Dirk Müller Jan Engelhardt Jan Engelhardt Dirk Müller Bernhard Wiedemann Bernhard Wiedemann Bernhard Wiedemann Jan Engelhardt Jan Engelhardt Johannes Segitz Jan Engelhardt Dirk Müller Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Samu Voutilainen jengelh@inai.dejengelh@inai.derbrown@suse.comantoine.belvire@opensuse.orgdimstar@opensuse.orgjengelh@inai.dedimstar@opensuse.orgjengelh@inai.dejengelh@inai.deeshmarnev@suse.comeshmarnev@suse.comjengelh@inai.de- Update to release 7.7.1 * VSV-16: Resolve request smuggling attack- Update to release 7.7.0 * The `linux` jail gained control of transparent huge pages settings. * An issue has been fixed which could cause a crash when varnishd receives an invalid Content-Range header from a backend. * Timestamping for HTTP/2 requests (when idle period begins) has been switched to be more in line with HTTP/1. * VSV-15: The client connection is now always closed when a malformed request is received. [CVE-2025-30346, boo#1239892]- Update to release 7.6.0 * The Varnish Delivery Processor (VDP) filter API has been generalized to also accommodate future use for backend request bodies. * VDPs with no vdp_bytes_f function are now supported if the vdp_init_f returns a value greater than zero to signify that the filter is not to be added to the chain. This is useful to support VDPs which only need to work on headers. * The epoll and kqueue waiters have been improved to correctly report WAITER_REMCLOSE, which increases the WAITER.*.remclose counter. * varnishtest now supports the shutdown command corresponding to the shutdown(2) standard C library call. * VSC counters for waiters have been added: * conns to count waits on idle connections * remclose to count idle connections closed by the peer * timeout to count idle connections which timed out in the waiter * action to count idle connections which resulted in a read * The port of a listen_endpoint given with the -a argument to varnishd can now also be a numerical port range like "80-89". * The warning "mlock() of VSM failed" message is now emitted when locking of shared memory segments (via mlock(2)) fails. * A bug has been fixed where string comparisons in VCL could fail with the nonsensical error message "Comparison of different types: STRING '==' STRING". * An issue has been addressed in the builtin.vcl where backend responses would fail if they contained a Content-Range header when no range was requested. * Additional SessError VSL events are now generated for various HTTP/2 protocol errors. * A new Linux jail has been added which is now the default on Linux. For now, it is almost identical to the Unix jail with one addition: * When the new Linux jail is used, the working directory not mounted on tmpfs partition. * A race condition with VCL temperature transitions has been addressed. * Internal management of probes has been reworked to address race conditions. * Backend tasks can now be instructed to queue if the backend has reached its max_connections. * The size of the buffer to hold panic messages is now tunable through the new panic_buffer parameter. * The Varnish Shared Memory (VSM) and Varnish Shared Counters (VSC) consumer implementation in libvarnishapi have been improved for stability and performance. * An issue has been fixed where Varnish Shared Log (VSL) queries (for example using ``varnishlog -q``) with numerical values would fail in unexpected ways due to truncation. * The ``ObjWaitExtend()`` Object API function gained a statep argument to optionally return the busy object state consistent with the current extension. A NULL value may be passed if the caller does not require it. * For backends using the ``.via`` attribute to connect through a proxy, the connect_timeout, ``first_byte_timeout`` and ``between_bytes_timeout`` attributes are now inherited from proxy unless explicitly given. * varnishd now creates a worker_tmpdir which can be used by VMODs for temporary files. The VMOD developer documentation has details. * The environment variable VARNISH_DEFAULT_N now provides the default "varnish name" / "workdir" as otherwise specified by the ``-n`` argument to varnishd and varnish* utilities except varnishtest. * A glitch with TTL comparisons has been fixed which could, for example, lead to unexpected behavior with purge.soft().- Update to release 7.5.0 * Resolved CVE-2023-44487, CVE-2024-30156 [boo#1221942] * The default value of cli_limit has been increased from 48KB to 64KB. * A new ``pipe_task_deadline`` directive specifies the maximum duration of a pipe transaction. * All the timeout parameters that can be disabled accept the "never" value. * Added parameters to control the HTTP/2 Rapid Reset attach.- Use sysuser-tools to generate varnish user- update to 7.4.2 (bsc#1216123, CVE-2023-44487): * The ``vcl_req_reset`` feature (controllable through the ``feature`` parameter, see `varnishd(1)`) has been added and enabled by default to terminate client side VCL processing early when the client is gone. * req_reset* events trigger a VCL failure and are reported to `vsl(7)` as ``Timestamp: Reset`` and accounted to ``main.req_reset`` in `vsc` as visible through ``varnishstat(1)``. In particular, this feature is used to reduce resource consumption of HTTP/2 "rapid reset" attacks (see below). Note that *req_reset* events may lead to client tasks for which no VCL is called ever. Presumably, this is thus the first time that valid `vcl(7)` client transactions may not contain any ``VCL_call`` records. * Added mitigation options and visibility for HTTP/2 "rapid reset" attacks Global rate limit controls have been added as parameters, which can be overridden per HTTP/2 session from VCL using the new vmod ``h2``: * The ``h2_rapid_reset`` parameter and ``h2.rapid_reset()`` function define a threshold duration for an ``RST_STREAM`` to be classified as "rapid": If an ``RST_STREAM`` frame is parsed sooner than this duration after a ``HEADERS`` frame, it is accounted against the rate limit described below. * The ``h2_rapid_reset_limit`` parameter and ``h2.rapid_reset_limit()`` function define how many "rapid" resets may be received during the time span defined by the ``h2_rapid_reset_period`` parameter / ``h2.rapid_reset_period()`` function before the HTTP/2 connection is forcibly closed with a ``GOAWAY`` and all ongoing VCL client tasks of the connection are aborted. The defaults are 100 and 60 seconds, corresponding to an allowance of 100 "rapid" resets per minute. * The ``h2.rapid_reset_budget()`` function can be used to query the number of currently allowed "rapid" resets. * Sessions closed due to rapid reset rate limiting are reported as ``SessClose RAPID_RESET`` in `vsl(7)` and accounted to ``main.sc_rapid_reset`` in `vsc` as visible through ``varnishstat(1)``. * The ``cli_limit`` parameter default has been increased from 48KB to 64KB. * ``VSUB_closefrom()`` now falls back to the base implementation not only if ``close_range()`` was determined to be unusable at compile time, but also at run time. That is to say, even if ``close_range()`` is compiled in, the fallback to the naive implementation remains.- Update to release 7.4.1 * Response status codes other than 200 and 204 are now considered errors for ESI fragments. * Support for abstract AF_LOCAL sockets. * HTTP/2 header field validation is now more strict with respect to allowed characters. * VCL tracing now needs to be explicitly activated by setting the req.trace or bereq.trace VCL variables.- Update to release 7.2.1 * Attempts to mark well-known headers like Content-Length and Host hop-by-hop through a Connection-header will now cause a 400 "Bad request" response. (VSV00010, CVE-2022-45059, boo#1205243) * Apply the same character set rules to HTTP/2 pseudo-headers as is done on the corresponding HTTP/1 request-line field parsing. (VSV00011, CVE-2022-45060, boo#1205242)- update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semicolon at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure. * New "B" string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The new ``vcc_feature`` bits parameter replaces previous ``vcc_*`` boolean parameters. The latter still exist as deprecated aliases. * The ``-k`` option from ``varnishlog`` is now supported by ``varnishncsa``. * New functions ``std.now()`` and ``std.timed_call()`` in vmod_std. * New ``MAIN.shm_bytes`` counter. * A ``req.http.via`` header is set before entering ``vcl_recv``. Via headers are generated using the ``server.identity`` value. It defaults to the host name and can be turned into a pseudonym with the ``varnishd -i`` option. Via headers are appended in both directions, to work with other hops that may advertise themselves. * A ``resp.http.via`` header is no longer overwritten by varnish, but rather appended to. * The ``server.identity`` syntax is now limited to a "token" as defined in the HTTP grammar to be suitable for Via headers. * In ``varnishtest`` a Varnish instance will use its VTC instance name as its instance name (``varnishd -i``) by default for predictable Via headers in test cases. * VMOD and VEXT authors can use functions from ``vnum.h``. * Do not filter pseudo-headers as regular headers. * The termination rules for ``WRK_BgThread()`` were relaxed to allow VMODs to use it. * ``(struct worker).handling`` has been moved to the newly introduced ``struct wrk_vpi`` and replaced by a pointer to it, as well as ``(struct vrt_ctx).handling`` has been replaced by that pointer. ``struct wrk_vpi`` is for state at the interface between VRT and VGC and, in particular, is not const as ``struct vrt_ctx`` aka ``VRT_CTX``. * Panics now contain information about VCL source files and lines. * The ``Begin`` log record has a 4th field for subtasks like ESI sub-requests. * The ``-E`` option for log utilities now works as documented, with any type of sub-task based on the ``Begin[4]`` field. This covers ESI like before, and sub-tasks spawned by VMODs (provided that they log the new field). * No more ``req.http.transfer-encoding`` for ESI sub-requests. * The thread pool reserve is now limited to tasks that can be queued. A backend background fetch is no longer eligible for queueing. It would otherwise slow a grace hit down significantly when thread pools are saturated. * The unused ``fetch_no_thread`` counter was renamed to ``bgfetch_no_thread`` because regular backend fetch tasks are always scheduled. * The macros ``FEATURE()``, ``EXPERIMENT()``, ``DO_DEBUG()``, ``MGT_FEATURE()``, ``MGT_EXPERIMENT()``, ``MGT_DO_DEBUG()`` and ``MGT_VCC_FEATURE()`` now return a boolean value (``0`` or ``1``) instead of the (private) flag value. * A regression in the transport code led MAIN.client_req to be incremented for requests coming back from the waiting list, it was fixed. - Delete varnish-5.1.2-add-fallthrough-comments.patch- Make reload fail nicely on vcl syntax error - Set TasksMax=16384 because default thread_pool_max is 5000- Fix varnish.service stop- Fix logrotate - Add service reload- Update to release 7.1.1 [boo#1202350] [CVE-2022-38150] * Resolve a denial of service attack involving reason phrases.- Update to release 7.1.0 [boo#1195188] [CVE-2022-23959] * VCL: It is now possible to assign a BLOB value to a BODY variable, in addition to STRING as before. * VMOD: New STRING strftime(TIME time, STRING format) function for UTC formatting.- Added hardening to systemd service(s) (bsc#1181400). Modified: * varnish.service * varnishlog.service- Update to release 6.6.1 * Fix an HTTP/2.0 request smuggling vulnerability. [bnc#1188470]- update to 6.6.0: * The ban_cutoff parameter now refers to the overall length of the ban list, including completed bans, where before only non-completed (“active”) bans were counted towards ban_cutoff. * Body bytes accounting has been fixed to always represent the number of body bytes moved on the wire, exclusive of protocol-specific overhead like HTTP/1 chunked encoding or HTTP/2 framing. * The connection close reason has been fixed to properly report SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported. * Unless the new validate_headers feature is disabled, all newly set headers are now validated to contain only characters allowed by RFC7230. * The filter_re, keep_re and get_re functions from the bundled cookie vmod have been changed to take the VCL_REGEX type. This implies that their regular expression arguments now need to be literal, not e.g. string. * The interface for private pointers in VMODs has been changed, the VRT backend interface has been changed, many filter (VDP/VFP) related signatures have been changed, and the stevedore API has been changed. (Details thereto, see online changelog.)- Update to release 6.5.1 * Bump the VRT_MAJOR_VERSION number defined in the vrt.h- Update to release 6.5.0 * `PRIV_TOP` is now thread-safe to support parallel ESI implementations. * varnishstat's JSON output format (-j option) has been changed. * Behavior for 304-type responses was changed not to update the Content-Encoding response header of the stored object.- Disable LTO, this randomly fails during link stage.- Update Git-Web repository link - Set CFLAGS+=-fcommon.- Update to release 6.4.0 * The MAIN.sess_drop counter is gone. * backend "none" was added for "no backend". * The hash algorithm of the hash director was changed, so backend selection will change once only when upgrading. * It is now possible for VMOD authors to customize the connection pooling of a dynamic backend. * For more, see changes.rst.- Update to release 6.3.2 * Fix a denial of service vulnerability when using the proxy protocol version 2.- Update to release 6.3.0 * The Host: header is folded to lower-case in the builtin_vcl. * Improved performance of shared memory statistics counters. * Synthetic objects created from vcl_backend_error {} now replace existing stale objects as ordinary backend fetches would (for details see changes.rst)- Update to release 6.2.1 * Bugfix for CVE-2019-15892 [boo#1149382]- Add uninit.patch.- Updated to 6.2.0 * Added a thread pool watchdog which will restart the worker process if scheduling tasks onto worker threads appears stuck. The new parameter "thread_pool_watchdog" configures it. - Disabled error for clobbering, which caused bogus error in varnishtest- Put %fillup back into %post- Update to new upstream release 6.0.0 * Added support for Unix Domain Sockets, both for clients and for backend servers. This brings a new level of the VCL language, version 4.1. * Always use HTTP/1.1 on backend connections for pass fetch.- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to version 5.1.2: * Fix an endless loop in Backend Polling (#2295) * Fix a Chunked bug in tight workspaces (#2207, #2275) * Fix a bug relating to req.body when on waitinglist (#2266) * Handle EPIPE on broken TCP connections (#2267) * Work around the x86 arch's turbo-double FP format in parameter setup code. (#1875) * Fix race related to backend probe with proxy header (#2278) * Keep VCL temperature consistent between mgt/worker also when worker protests. * A lot of HTTP/2 fixes. - Changes introduced by version 5.1.1: * Fix bug introduced by stubborn old bugger right before release 5.1.0 was cut. - Changes introduced by version 5.1.0: * Added varnishd command-line options -I, -x and -?, and tightened restrictions on permitted combinations of options. * More progress on support for HTTP/2. * Add ``return(fail)`` to almost all VCL subroutines. * Restored the old hit-for-pass, invoked with ``return(pass(DURATION))`` from ``vcl_backend_response``. hit-for-miss remains the default. Added the cache_hitmiss stat, and cache_hitpass only counts the new/old hit-for-pass cases. Restored HitPass to the Varnish log, and added HitMiss. Added the HFP prefix to TTL log entries to log a hit-for-pass duration. * Rolled back the fix for #1206. Client delivery decides solely whether to send a 304 client response, based on client request and response headers. * Added vtest.sh. * Added vxid as a lefthand side for VSL queries. * Added the setenv and write_body commands for Varnish test cases (VTCs). err_shell is deprecated. Also added the operators - cliexpect, -match and -hdrlen, and -reason replaces -msg. Added the ${bad_backend} macro. * varnishtest can be stopped with the TERM, INT and KILL signals, but not with HUP. * The fallback director has now an extra, optional parameter to keep using the current backend until it falls sick. * VMOD shared libraries are now copied to the workdir, to avoid problems when VMODs are updated via packaging systems. * Bump the VRT version to 6.0. * Export more symbols from libvarnishapi.so. * The size of the VSL log is limited to 4G-1b, placing upper bounds on the -l option and the vsl_space and vsm_space parameters. * Added parameters clock_step, thread_pool_reserve and ban_cutoff. * Parameters vcl_dir and vmod_dir are deprecated, use vcl_path and vmod_path instead. * All parameters are defined, even on platforms that don't support them. An unsupported parameter is documented as such in param.show. Setting such a parameter is not an error, but has no effect. * Clarified the interpretations of the + and - operators in VCL with operands of the various data types. * DURATION types may be used in boolean contexts. * INT, DURATION and REAL values can now be negative. * Response codes 1000 or greater may now be set in VCL internally. resp.status is delivered modulo 1000 in client responses. * IP addresses can be compared for equality in VCL. * Introduce the STEVEDORE data type, and the objects storage.SNAME in VCL. Added req.storage and beresp.storage; beresp.storage_hint is deprecated. * Retired the umem stevedore. * req.ttl is deprecated. * Added std.getenv() and std.late_100_continue(). * The fetch_failed stat is incremented for any kind of fetch failure. * Added the stats n_test_gunzip and bans_lurker_obj_killed_cutoff. * Clarified the meanings of the %r, %{X}i and %{X}o formatters in varnishncsa. - Add varnish-5.1.2-add-fallthrough-comments.patch to fix build with GCC 7 (boo#1041259).- BuildRequire python3-docutils instead of python-docutils.- Update to new upstream release 5.0.0 - The varnishd "-u NNN" option, which may be remaining in /etc/sysconfig/varnish, has been replaced with "-j unix,user=NNN". * Varnish 5.0 changes some (mostly) internal APIs and adds some major new features over Varnish 4.1. * 5.0 supports jumping from the active VCL's vcl_recv{} to another VCL via a VCL label. * Very Experimental HTTP/2 support * We have added to the "directors" VMOD — an overhauled version of a director which was available as an out-of-tree VMOD under the name VSLP for a couple of years. It is basically a better hash director which uses consistent hashing to provide improved stability of backend node selection when the configuration and/or health state of backends changes. * Hit-For-Pass is now actually Hit-For-Miss * We have made the ban lurker even more efficient by example of some real live situations with tens of thousands of bans using inefficient regular expressions. * The waitinglist logic for ESI subrequests now uses condition variables to trigger immediate continuation of ESI processing when an object being waited for becomes available. * Backend PROXY protocol requests are now supported through the .proxy_header attribute of the backend definition. * VCL files are now also being searched for in /usr/share/varnish/vcl if not found in /etc/varnish. * The basic device detection vcl is now bundled with varnish.- Add "-ffloat-store -fexcess-precision=standard" to CFLAGS when building for ix86, working around bug gcc#323. See also gh#varnish/Varnish-Cache#88.- Update to new upstream release 4.1.2 * vmods: Passing VCL ACL to a vmod is now possible. * vmods: VRT_MINOR_VERSION increase due to new function: VRT_acl_match() * Be stricter when parsing a HTTP request to avoid potential HTTP smuggling attacks against vulnerable backends.- Report testsuite failure to build log and make testsuite nonfatal as there seems to be one swaying test, tests/r01478.vtc.- disable silent rules in spec file. - enable testsuite for varnish.- Update to new upstream release 4.1.1 * Improved security features (jails). * Support for PROXY protocol. * Warm and cold VCL states. * Backends defined through VMODs. * A lot of bugs were fixed. - Delete 0001-Fail-fetch-on-malformed-Content-Length-header.patch, this issue was fixed in upstream. - Add 'su varnish varnish' line to varnish.logrotate file. - Cleanup with spec-cleaner.- Update to new upstream release 4.0.3 * Full support for streaming objects through from the backend on a cache miss. Bytes will be sent to 1..n requesting clients as they come in from the backend server. * Background (re)fetch of expired objects. On a cache miss where a stale copy is available, serve the client the stale copy while fetching an updated copy from the backend in the background. * New varnishlog query language, allowing automatic grouping of requests when debugging ESI or a failed backend request. * Comprehensive request timestamp and byte counters. - Add 0001-Fail-fetch-on-malformed-Content-Length-header.patch [bnc#921316]armbuild25-2 1748618664  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`a7.7.17.7.1-bp156.2.3.17.7.1-bp156.2.3.1 varnishcachecache.hcache_backend.hcache_director.hcache_filter.hcache_varnishd.hcommoncommon_param.hminiobj.htblacct_fields_bereq.hacct_fields_req.hbackend_poll.hban_arg_oper.hban_oper.hban_vars.hbereq_flags.hberesp_flags.hboc_state.hbody_status.hcli_cmds.hdebug_bits.hexperimental_bits.hfeature_bits.hh2_error.hh2_frames.hh2_settings.hh2_stream.hhtc.hhttp_headers.hhttp_response.hlocks.hobj_attr.hoc_exp_flags.hoc_flags.hparams.hreq_bereq_flags.hreq_flags.hsess_attr.hsess_close.hsymbol_kind.hvcc_feature_bits.hvcl_context.hvcl_returns.hvcl_states.hvhd_fsm.hvhd_fsm_funcs.hvhd_return.hvhp_huffman.hvhp_static.hvrt_stv_var.hvsc_levels.hvsig_list.hvsl_tags.hvsl_tags_http.hwaiters.hvapivapi_options.hvoptget.hvsc.hvsig.hvsl.hvsl_int.hvsm.hvas.hvav.hvbh.hvbm.hvcl.hvcli.hvcs.hvdef.hvmod_abi.hvnum.hvqueue.hvre.hvre_pcre2.hvrnd.hvrt.hvrt_obj.hvsa.hvsb.hvsha256.hvtcp.hvte.hvtim.hvtree.hvut.hvut_options.hwaiterwaiter.hlibvarnishapi.sovarnishapi.pcaclocalvarnish-legacy.m4varnish.m4/usr/include//usr/include/varnish//usr/include/varnish/cache//usr/include/varnish/common//usr/include/varnish/tbl//usr/include/varnish/vapi//usr/include/varnish/waiter//usr/lib64//usr/lib64/pkgconfig//usr/share//usr/share/aclocal/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:18918/openSUSE_Backports_SLE-15-SP6_Update/73890b5564b1b9852fd68d90af41eb69-varnish.openSUSE_Backports_SLE-15-SP6_Updatedrpmxz5aarch64-suse-linuxdirectoryC source, ASCII textASCII textC source, UTF-8 Unicode textpkgconfig fileM4 macro processor script, ASCII textPRIL5? I35kutf-8ede0392f376a01c0248445390f35572423b22c9637672c8f9bae794cb32ba362? 7zXZ !t/Xb"w]"k%}Cxc9C4 lKٯyrM>$LEv$ZO nܛ 23s@"BR6S94/dVAԢvT))MĄP[WIeԶ&d_w<ReVr*كC@HGS"^ |,ܪ2J0J {,Oػ-֌b}~48&*^$LeRX^B:_m 'հZ˫x-UngޠvJ銛9Z8|G*zxn*4qYF9Pmq=#Ѡ0Tf|j#>Kd}5CjϡYfW[VN.\f(@+AUj9{!l!6s-U0}O]oNjp,F1J08 y7MLn} EV{׿hh#{n!v@vA(s ]FJr.c_bD}62ik4x"耸8.^p{D9͑oq.0p21FKÜ gYyS Nos|\le_iRf7.[.*@"Ol8G#̈́HZC/uw"LdX1cAjZ__)`M- 0? 1or0mv0U%s9 }E?3X䄫dl[Wd_fJ7qv+>nl XK=w vA'_P=pgLJPcN26|8A9e&] [o6~('ʱ161h8n@1p%{w56/SƁ4A+tY>演>XRMECWd*#Z4,IT s`.U 褳s3JoywɻNCC:Sv$ ?dѺk0M@blDNh6,Z^Pz-k,wZt=Nk1ɢ4Nr鸬g!^MNؒmFJ_[-]#B5+_'3GFm(R͘Bjl%)ZYҟ및Mi9rbƥ)/ܓX gٙp"۠lG_M~E%6nv*-ޘȄf4*C@gxPѐV~x@vvK$[ )~Kn499)J$&͕\?5Q6!%MzeuvTĘό^o5 .Uޥ(GAxNwV+ EoYb{)U{0 -9ӏp7\P{`E<*ĩ5@`yuT Iy˶bΰ /7qi]~+49CsCݐK2-K\i¬5j;fPa50=B%rއ7&Y HY) qE; '  /*~TC潗6b^LtayVR.rO"+o1I2TJ]ouQN\~^J= ;`T Iשd2nlsk Yi b{7ou~JCIwQ`ru P\;$,pv?i$ o')G v Fi h'=_NKLl!wyQ 6wy$%N3h]']% mV˩LrWD#C1%?X*lpap2s^1DŹm_ .CAo%[%WIyfHN`G7A8@0C@OO:گkq'd -,Gi:~uYd@bWPOKW8AN1ۉrk5v|?D9B(}vY$KG |cYm5w?E[ˤ9$u_ 4ICQ!Ϗ{CTJޣ ߐ`zh(Zv2_sl 8"+tcLAC3S4|>]6kAD1eT]^  9F;3ta"N,oWd,"/e@,.܂uշV/c:Y:̸;I x# ]IBxG,6e^=hGˢ;wN-VEN1}7$֬Ug8q,)K{X;]*(B$3 Z1Bٳ- uf-, u& I/ Ֆ`&̱bd .Y|ѹ ;aoh$n|!S:rZ1ٕ /yKTyOA>Z-Vz}J{z{2⣒.jp&*A}^|h1cRr|;c:FCX]R?g#V.L)w'p:_Qߨw} 0o(c˅ۈ&{T1]+g0PEJ) %. esRH`~3jrX%:z!3^&8CMPΞ35E=gv{@'_N$|[{gcwҧ'+ zɫ-'w}L=CdzYQ>],D1$%(8mtj77礃*5=T*$4b,ӆ *siBӕr[:bS(l$JkB-4Y2~*i9jEBf/:oJ(媸^=k%xg:`ɷuį@n!yy}vvKmj#hWÉwm4UЏ4: <-sp)m*'B_LSH` %Fp.M9AdZ"[WGU{)YǾR2c$îa26 6<+ȿe%CsMsp /g4Y <C!LE=6f\]o_iԱXfnp]X)MbrDYkpW`6PuD| 4z b~˼"[Y'"F+R}>5iI0c!kw} +4Uo o6ߪ˙W_8+v6[E7MJ,@zY9NMplCHPI~yXbx[,7:9Gvʗ{π7ޯP}B)_@miE 8oxt.Ys4d~3X. V30yL0M\-L޻ֽ`Q^&W5}D?IhyZh͏BJ )qX H\p[rn6T,ŹGAyZ#9YeRMF^*Ե-g*f'ө,FscBc W+d8^(} \f!'/gq" sƴ4|.1%:a=VY(5O8RNWcZL$T{dޭD;o0&O7jӈOwx׌pɗ}QDocf{ ibEKlA ?S ;DC`ش,ZPdjsTyaq}ȋo΂22 kD.t=.--d_\^Tq۹˯ QpRQ|ěes\a*>_biLb+.ۨކ,x\orYӭ*#sA+pk0f{3W KaŌ%z 5bw9\ 'iTAI220i^+Vo}my<-nڂQ\SkƿL1sAjv[z&hG(ؐ_i噠A Ŕ|U3Em^77 iF%WЭ23o"bǓ"\,r*^ǃ-_RbS -C|@Bm*#?|5V=1SɊvp[UӢ^Gʙ?%٧>{)^~KkO#Zr޳$ןx!kZyu+S%wD'B7 R]jw >;_kd8~lb@,E^iom Io;wg[g(̐MTEk~o>fc`&2nfɡ[ 㕻]Fq+v]wwO}˼ aۜf~MdoZWjh$,Թ4L<CݾJ܂!W!B_\ ݠ& "` `͇\5}Jo'm>5>{.TۏD:1{ɞviŢMs?];'̓[I%00 1ad Wu΄6U ڜhD3de!!ew;(m<;VS$8 bT# /sjBAg1XGn] F5k\cH?{G(Կ ԧ51[Qu8^ɛ/ѩgӂ׷'ݨ bXdcTO3pYG@.*pbg12ao9A/l d͓w뽼v#a&up}LO& XyGs#ƅUQ܊r܉JoJXA/$"=H ΅ɋQ"1Lv􂲈}ŸWP̼5gl3ӢhSnY&ofC!iV?ņb_PSݬ;md{k =g)F>^PcGo#Hv@IĖX18n.I? mlS?Hp%e jY\޵$M KYAN5QR|~6aKwΆ\dZ~.$m\JSY}л +PL%͏gZܴǾS-)weZK6z%S\>7 <0㓿:7<-3$G߫Tlq3ҹZb0`%U~}ֽ% hDR3$ XHsHYF%Ѣ,WR :-v5 .|n$kbƾhyB2)(yQ1RD`OK[dk:&LH3'ߴJZD793f[ck^O|1~`9U,Xh} Ln.cc˭nHE@+ l |7WPЋ`eQv8 xaF?. >r3Dq+ at7ek#emnE*r鼙Vjp"ZFʀ-)~_\%FhAhFraKA8l醣hϧǤ4A(;ԁ7l!X'*ο,O&/, KdC> !a\dy(Avz2ǤfiEwݕ慠NVqoKma^*;jF&K=`)R@yD'|eP@?cJGs1cڬߤf1 ]&Y>"K;2gRb?>]O~,gTA{I\EׇKݗ%fFm?0a>mV D&LNF1E,FS`a %7$н](*+DpyUR,lo\I[Q۴?rk.彡c#t T6!p{'5⊨paMٜUVr XdzEVlɿ)o0+l//0 *$ZHh_N.ԦY&4o7^YĞg\xhWݷ/==MxaSȦk+3oktK[㜂w.