varnish-devel-7.7.1-bp156.2.3.1<>,ĉh9I%z 'wz IpGFM5Œ>C5)Rr$8\ӡ:?^{wf$c SS2p i< #ݳFR|sZt]x$]_ɇ!(L# 4Hfytcb d#RSM]7סƯv,_[ ˰7[CaD)jf`sBo}W-C&+GxH${55gbl`j~~JAfZ5m4;UV<y^e5Bʙ@4(I8ަ7ӨJY_p"Km<4²e[MDAXG-9hQ1qoJJR蛇NTH=hxc7`=/-~bpQj&nWnmؚ3Fоp~l1>UC֑68+c'XC}m4R2xh+be?U|Py?p ZO>> ?d " @(,EN[ ta@a a a Ha a `aa a""a$T$$%'(%J8%T'9%':*q'FGaHlaIaXTY`\a]a^C b4cdefluav wax$ayz Cvarnish-devel7.7.1bp156.2.3.1Development files for VarnishVarnish is an HTTP accelerator. Often called Reverse Proxy, it is an application that stores (caches) documents that have been requested over the HTTP protocol. This package holds the development files for varnish.h9s390zp21eSUSE Linux Enterprise 15openSUSEBSD-2-Clausehttp://bugs.opensuse.orgDevelopment/Libraries/C and C++https://varnish-cache.org/linuxs390x`' wJ 8, wId/ sm  0Id}K  yI "U(UY f @b9vj3   9H! M de3  + nr  [;Q/AA큤A큤A큤A큤A큤A큤h9̚h9̚h9̚h9̚h9̚h9̚h9̚h9̚h9̚h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̘h9̚h9̚h9̙h9̞h9̞h9̞h9̞b667583656400f8b6dad3a6b3c2ce3ba24e16cbcb71ad33131c3a26089be6bdbe0b5bbfaa98b43b3e776e7ae26c3fd1e6e835777ec7163ac2997eefde7cde0cea564b1cdcdbeb438851eca0dff17f24a8c64be9d7791f65dff2f0997e1b4c74ed36bf40c9356545282aa62b91bd1897861b6db612d1b85d93a1359eb33ca67b5b41a6a2b2eae94000272db0a074d8545b883189c3796764136001c3be3c08ecec5e8f55193cc8f43de75c644dc45176a831b16cc124155e4f09dd9e264a829a2f7f2a41ae85dd9936fa1a4a820a9ab47ebcee4795334a0b0946f1d94ed7d0afef8fb76b06164495b1f87b45ea87d668fa37cc1d0e287f4415bc12691e6c4979880015306422fd91f00ec5c3fc22309dbcdfd7cede9abe3b43ed06cbb5c35a74ac528e508f1b9a7f32e6bcde2d0efdf9827d4fa2f7f0e5946947f3bdf3f6616d9e36d94085720189103e401c12e11025c6cdc889f0f629fd5f7f214245972fdee4e632c7b1bdb563dc02dd11ec7bc83338f3b11c27a6785e8c5339ea84dfcb5598f1da580bf0c494afcde08a7f54ce450c8d84311d4a78f3ecdc127f1352cb070f0872b5e2236d8d24144859ce790b32ff183fa8700dd1a16e203d2a2b432fd787cefb183da673afdf1069f6d71d98bd0857ac0134f2668d4bbe461df1c24a3d338eac9048a0674943259de85e79e5f7a81002a96a771f3a99541191248a3731fd5d308329eea6f7e70cc322abcfe01e3fb3d6323ab6e95150b8032e53bf665b776343869a29f06097c4ba25472f10108c0fd3a77d454e4911c00af02bee1dd7807a0f939e49102e5305d77d999b08e530ffa9d7abf818087045017e6d8727438e32b15a484350a1667922c7c67d2ea3bb5739faf5acf631a55604c789a4beb79f44153800983faa842c45a885110b8026425e52d9c4b7297da070e6b68eb8f94344ba1203394d460a49bc9ec90c780ed5b2670e727484bd14d1ef789d6ee5d6718b5d9a67c48e07d56525197aad563eccfc3ee63b9b97fb2bdd6fb3e6e3e3610cd0971d738ad3de3419b3495628cc206f8eeeba800e321ce15ebf3a5fd2c7f716dbba77178b82db0300a00d0f11a66b23568cfe98313c6a2ebd2e0e1f76e17a769d34da4e6272eb1059b0e0c9c72b36a6f533787757745b659424e01561d52f6f6133e26c024c4c71bdcf93255e56f11fa1a821441267575847bad52abae2163a748c4acb7f7f98d5fcb4c1fcc5c6f8a7a4b292ac234c1574a1f57e953de6f411e21ad496ebc207af5ce0697d382c546fb19f1315ea5ede554818f50f60f9a730e322d88e2d01dd28ffd4dea24594fb9edbfcd80829fb46b0827a66e9ab1800ba402201f48f3f07f617938126bca0ea3faff44179d130d37b240d0160bb11e1d6c6cefa967106daa3c8fc232479c539cb8ae6fcf048558b2be51c73dfb4a5c4d6924f4274406db65d8de2c52c8d1c9fb1444889e8afd99a69ca90fc3330c71e73c9b8c6e432e3a518f7b56ac6a5b00c445b0a0a12f08e3049e3dbfeac8d3ac1cb008e680da9e504482b434b4008b10d980a210b0bd9e8d89c1d2e3bd79a33dad249636a5c61822277cdef15eb87a5aeb4a63bb5347255d17e77ad074b18e257d00f6a880607c8ba026cf47b975871882844dfd6f3f3e769118f360f160b3c866f252bd18fbf6d9159946450fc95cbab54ffe3d032c7df9fd50f09a89f753b2c30ae1c655626151b7a0a862761aef7dc3ab169bdc57792badbb29166d45f661bdaa5e218d84de8ff0dabacadc2953950d67f68533339d7c38e43074905cb3a09df4f1f7656ce39a217f73b51027d62a60171d2d78fffc483dfeef1b8ed9b792a4636059c20cad5c9a08ccb92ea3ec57226a43829aa58e511044dc400993dac137e2ebe338e69a9b482244456f49dd93ea01a04fb85c2e12b02608e3756a76176334e69840c383cc9e26e59f692f18831304772f4238385e6552e1054c966bb36960fc5bfd9561f9348d60900b5b7b0f1977a63fff305b62d8ce30c814d9746bc07f31f566115142ec114a7d23b5321e522ae1bc77dafbdb1e20a84d506cc880f0ab39efb747be5ca65d1e636b369d232e47ab1ed80c54b31f22e87dc4087008adbf2c6e2cfd7ea78665b5858d21f13d546e49baa000d4e1ecc3a036047029fe6252d17dca81170cc6aac49400bb982fd5cd74d48b0366975fc35c1e8d78a7c5d2255a03242bff2919296d3920aa87eea13ecf182f0ebea5215b310fefa534c96aa4a99f07e5357fbe6a0e09b06bc9b587922f37e132c37a6883db23e8ef68cd987dd34a961790de3360d59782c0e0715bb9b690270ec808721f2e3400721fd8cb8ca2ceda77239ed65dbda4046168d063899790faa00b10f95b347d24ed4a7fbaff18004bba28c4018af3fcf4dbb9c93aacdc47083f5e0b3d14a3b02c51d3a5ed71ca857f785c99edefbaf0779e0deeb7266c95549b7b751286f6260b3e517f22beca690f6a8b4a399efe26ca14b40ae8dbae7417063375d9d9fc2e33ccd04f92ae8748c29c5363a7dc4047defe9c91aefffea162faf8f16dfbe5b4152c4471a54eb0ad7ff6b2c377f448ca6f0864845c7975b7d77804778ff33f83815f78c5b3a5153be553f321554002f81d8d783a65288162b4a4020ebaf4ccd3720d0d3f607b2da8dcaf98ac6e1831fac2b09e7eb2e253cd7b3b96579fecf672b59a57f7cab5660f37f080467559eab667ce92e83ac4c2f5f7f92f1704bdd7bd55bdc73871dc73d5838fa4b05c4409c375621252637e0e09bc56838321caa5d2645f6d8ff08e46bd4db2247acad90b5d0193cae823b3ec890756a5a796d10123e343ae60dbd39d20e9e587be870e87a971ea1d5237b85b1fdc69d56a140440cffba6b03177a4ae559f3c4c6a014f3f83b6640ca8be895f58479b6ca780a6bcce5709b5f72cce928391500949e2307966a5270437ff6fdf2a57398f1582608ed1540ee61500b58d3aa628b5ad0b0c40eda950243c9ae7c78de8f32ca598ecc9ed86f1452fbf6aa8a2725c32319c05edf5cfbdcbe6e24c76eb25dfe5c899596e4f502f2203642d418306355fbb8327eaf710d8ad8035bcde090ce97577359ed9eb06ef5a3f82021ab4bdf567d1b0b5a0d9fbd5d46091ef583422eec8f9f297c87b636f91953859b00c3a265ff92254697978a93af8278faf9db5930d0ecb89c14670fbf39a808558e6989f8ae4164bc6be730a94b6a3e5e56e8b5a3577a2fe76decba7fed8f95924869dbf6dc5db035d4a136454df3d4466a4d0af455c42ad5f5184d091567fdcc60f4e2a34573f6d53ded20bdae2dd706f640899949bd3aff4d43809723d148bdcb50ce86fff3534f1749e77fc9993b7dc98839eea43582d1ab0163e92012b82adf07d387fcd3eb45753bbdc26f8b8d6d70a447029d2bab0db60983f09e4fc0c744447b2d98595b8e656e114c9ef95f0e4817c815d90c2aeacf5973b7ef07874f154389a0ed59c6668181dd781ccaf104f45bfcdc78aee34a771d37fd15936e53b0bbbcc703c4223fec2ec84607f29996755990ff74e6c9e4e968e303a507f2174dbbb3d53583d23380bc7208c328b32707e37725ad10919426f54d366d20bb764dc4cb540b14af64b963652efe6024a013fe25e635c8e4b1b1395ecbd03f9ea08423890d78c13d1a77306795f483baade2740c2a7198d70126d36f726f2e6f819eabc4e7bb7b2c7181277c4d5a6433f16cfcce1e5ffeda9ebae32937c3aff2a9e3b2c03b914dd70c63b6cf247e2251c07fdab800792e7aff17de7d1c15168ec14f93b3934620bb2978cbdaa30cf88f12e7bf10409012329754602f21771a3b9dae61734f29d1d07e0ba4c3128c9986eef24bd17e81d0d2330e9b55cbbe45d276125c9022205f82daae25c463d501d3c63026bb130b8d4f3d7adbb32a4ce0156b63f5c3fb2b4c9237eea0a351d136b9168531b86d222c1d2375d0846b5f8eee17ec4e3296dab7b255f94cbf8ce428fbbd4737bfeaa5a20a7415330e2607395libvarnishapi.so.3.1.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootvarnish-7.7.1-bp156.2.3.1.src.rpmpkgconfig(varnishapi)varnish-develvarnish-devel(s390-64)@    /usr/bin/pkg-configrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)varnish3.0.4-14.6.0-14.0-15.2-17.7.14.14.3h%@g@g*@fe@eie 0@ck@c]c*c(Yc'@b@bJan Engelhardt Andrea Manzini Jan Engelhardt Arjen de Korte Dirk Müller Jan Engelhardt Jan Engelhardt Dirk Müller Bernhard Wiedemann Bernhard Wiedemann Bernhard Wiedemann Jan Engelhardt Jan Engelhardt Johannes Segitz Jan Engelhardt Dirk Müller Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Jan Engelhardt Samu Voutilainen jengelh@inai.dejengelh@inai.derbrown@suse.comantoine.belvire@opensuse.orgdimstar@opensuse.orgjengelh@inai.dedimstar@opensuse.orgjengelh@inai.dejengelh@inai.deeshmarnev@suse.comeshmarnev@suse.comjengelh@inai.de- Update to release 7.7.1 * VSV-16: Resolve request smuggling attack- Update to release 7.7.0 * The `linux` jail gained control of transparent huge pages settings. * An issue has been fixed which could cause a crash when varnishd receives an invalid Content-Range header from a backend. * Timestamping for HTTP/2 requests (when idle period begins) has been switched to be more in line with HTTP/1. * VSV-15: The client connection is now always closed when a malformed request is received. [CVE-2025-30346, boo#1239892]- Update to release 7.6.0 * The Varnish Delivery Processor (VDP) filter API has been generalized to also accommodate future use for backend request bodies. * VDPs with no vdp_bytes_f function are now supported if the vdp_init_f returns a value greater than zero to signify that the filter is not to be added to the chain. This is useful to support VDPs which only need to work on headers. * The epoll and kqueue waiters have been improved to correctly report WAITER_REMCLOSE, which increases the WAITER.*.remclose counter. * varnishtest now supports the shutdown command corresponding to the shutdown(2) standard C library call. * VSC counters for waiters have been added: * conns to count waits on idle connections * remclose to count idle connections closed by the peer * timeout to count idle connections which timed out in the waiter * action to count idle connections which resulted in a read * The port of a listen_endpoint given with the -a argument to varnishd can now also be a numerical port range like "80-89". * The warning "mlock() of VSM failed" message is now emitted when locking of shared memory segments (via mlock(2)) fails. * A bug has been fixed where string comparisons in VCL could fail with the nonsensical error message "Comparison of different types: STRING '==' STRING". * An issue has been addressed in the builtin.vcl where backend responses would fail if they contained a Content-Range header when no range was requested. * Additional SessError VSL events are now generated for various HTTP/2 protocol errors. * A new Linux jail has been added which is now the default on Linux. For now, it is almost identical to the Unix jail with one addition: * When the new Linux jail is used, the working directory not mounted on tmpfs partition. * A race condition with VCL temperature transitions has been addressed. * Internal management of probes has been reworked to address race conditions. * Backend tasks can now be instructed to queue if the backend has reached its max_connections. * The size of the buffer to hold panic messages is now tunable through the new panic_buffer parameter. * The Varnish Shared Memory (VSM) and Varnish Shared Counters (VSC) consumer implementation in libvarnishapi have been improved for stability and performance. * An issue has been fixed where Varnish Shared Log (VSL) queries (for example using ``varnishlog -q``) with numerical values would fail in unexpected ways due to truncation. * The ``ObjWaitExtend()`` Object API function gained a statep argument to optionally return the busy object state consistent with the current extension. A NULL value may be passed if the caller does not require it. * For backends using the ``.via`` attribute to connect through a proxy, the connect_timeout, ``first_byte_timeout`` and ``between_bytes_timeout`` attributes are now inherited from proxy unless explicitly given. * varnishd now creates a worker_tmpdir which can be used by VMODs for temporary files. The VMOD developer documentation has details. * The environment variable VARNISH_DEFAULT_N now provides the default "varnish name" / "workdir" as otherwise specified by the ``-n`` argument to varnishd and varnish* utilities except varnishtest. * A glitch with TTL comparisons has been fixed which could, for example, lead to unexpected behavior with purge.soft().- Update to release 7.5.0 * Resolved CVE-2023-44487, CVE-2024-30156 [boo#1221942] * The default value of cli_limit has been increased from 48KB to 64KB. * A new ``pipe_task_deadline`` directive specifies the maximum duration of a pipe transaction. * All the timeout parameters that can be disabled accept the "never" value. * Added parameters to control the HTTP/2 Rapid Reset attach.- Use sysuser-tools to generate varnish user- update to 7.4.2 (bsc#1216123, CVE-2023-44487): * The ``vcl_req_reset`` feature (controllable through the ``feature`` parameter, see `varnishd(1)`) has been added and enabled by default to terminate client side VCL processing early when the client is gone. * req_reset* events trigger a VCL failure and are reported to `vsl(7)` as ``Timestamp: Reset`` and accounted to ``main.req_reset`` in `vsc` as visible through ``varnishstat(1)``. In particular, this feature is used to reduce resource consumption of HTTP/2 "rapid reset" attacks (see below). Note that *req_reset* events may lead to client tasks for which no VCL is called ever. Presumably, this is thus the first time that valid `vcl(7)` client transactions may not contain any ``VCL_call`` records. * Added mitigation options and visibility for HTTP/2 "rapid reset" attacks Global rate limit controls have been added as parameters, which can be overridden per HTTP/2 session from VCL using the new vmod ``h2``: * The ``h2_rapid_reset`` parameter and ``h2.rapid_reset()`` function define a threshold duration for an ``RST_STREAM`` to be classified as "rapid": If an ``RST_STREAM`` frame is parsed sooner than this duration after a ``HEADERS`` frame, it is accounted against the rate limit described below. * The ``h2_rapid_reset_limit`` parameter and ``h2.rapid_reset_limit()`` function define how many "rapid" resets may be received during the time span defined by the ``h2_rapid_reset_period`` parameter / ``h2.rapid_reset_period()`` function before the HTTP/2 connection is forcibly closed with a ``GOAWAY`` and all ongoing VCL client tasks of the connection are aborted. The defaults are 100 and 60 seconds, corresponding to an allowance of 100 "rapid" resets per minute. * The ``h2.rapid_reset_budget()`` function can be used to query the number of currently allowed "rapid" resets. * Sessions closed due to rapid reset rate limiting are reported as ``SessClose RAPID_RESET`` in `vsl(7)` and accounted to ``main.sc_rapid_reset`` in `vsc` as visible through ``varnishstat(1)``. * The ``cli_limit`` parameter default has been increased from 48KB to 64KB. * ``VSUB_closefrom()`` now falls back to the base implementation not only if ``close_range()`` was determined to be unusable at compile time, but also at run time. That is to say, even if ``close_range()`` is compiled in, the fallback to the naive implementation remains.- Update to release 7.4.1 * Response status codes other than 200 and 204 are now considered errors for ESI fragments. * Support for abstract AF_LOCAL sockets. * HTTP/2 header field validation is now more strict with respect to allowed characters. * VCL tracing now needs to be explicitly activated by setting the req.trace or bereq.trace VCL variables.- Update to release 7.2.1 * Attempts to mark well-known headers like Content-Length and Host hop-by-hop through a Connection-header will now cause a 400 "Bad request" response. (VSV00010, CVE-2022-45059, boo#1205243) * Apply the same character set rules to HTTP/2 pseudo-headers as is done on the corresponding HTTP/1 request-line field parsing. (VSV00011, CVE-2022-45060, boo#1205242)- update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semicolon at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure. * New "B" string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The new ``vcc_feature`` bits parameter replaces previous ``vcc_*`` boolean parameters. The latter still exist as deprecated aliases. * The ``-k`` option from ``varnishlog`` is now supported by ``varnishncsa``. * New functions ``std.now()`` and ``std.timed_call()`` in vmod_std. * New ``MAIN.shm_bytes`` counter. * A ``req.http.via`` header is set before entering ``vcl_recv``. Via headers are generated using the ``server.identity`` value. It defaults to the host name and can be turned into a pseudonym with the ``varnishd -i`` option. Via headers are appended in both directions, to work with other hops that may advertise themselves. * A ``resp.http.via`` header is no longer overwritten by varnish, but rather appended to. * The ``server.identity`` syntax is now limited to a "token" as defined in the HTTP grammar to be suitable for Via headers. * In ``varnishtest`` a Varnish instance will use its VTC instance name as its instance name (``varnishd -i``) by default for predictable Via headers in test cases. * VMOD and VEXT authors can use functions from ``vnum.h``. * Do not filter pseudo-headers as regular headers. * The termination rules for ``WRK_BgThread()`` were relaxed to allow VMODs to use it. * ``(struct worker).handling`` has been moved to the newly introduced ``struct wrk_vpi`` and replaced by a pointer to it, as well as ``(struct vrt_ctx).handling`` has been replaced by that pointer. ``struct wrk_vpi`` is for state at the interface between VRT and VGC and, in particular, is not const as ``struct vrt_ctx`` aka ``VRT_CTX``. * Panics now contain information about VCL source files and lines. * The ``Begin`` log record has a 4th field for subtasks like ESI sub-requests. * The ``-E`` option for log utilities now works as documented, with any type of sub-task based on the ``Begin[4]`` field. This covers ESI like before, and sub-tasks spawned by VMODs (provided that they log the new field). * No more ``req.http.transfer-encoding`` for ESI sub-requests. * The thread pool reserve is now limited to tasks that can be queued. A backend background fetch is no longer eligible for queueing. It would otherwise slow a grace hit down significantly when thread pools are saturated. * The unused ``fetch_no_thread`` counter was renamed to ``bgfetch_no_thread`` because regular backend fetch tasks are always scheduled. * The macros ``FEATURE()``, ``EXPERIMENT()``, ``DO_DEBUG()``, ``MGT_FEATURE()``, ``MGT_EXPERIMENT()``, ``MGT_DO_DEBUG()`` and ``MGT_VCC_FEATURE()`` now return a boolean value (``0`` or ``1``) instead of the (private) flag value. * A regression in the transport code led MAIN.client_req to be incremented for requests coming back from the waiting list, it was fixed. - Delete varnish-5.1.2-add-fallthrough-comments.patch- Make reload fail nicely on vcl syntax error - Set TasksMax=16384 because default thread_pool_max is 5000- Fix varnish.service stop- Fix logrotate - Add service reload- Update to release 7.1.1 [boo#1202350] [CVE-2022-38150] * Resolve a denial of service attack involving reason phrases.- Update to release 7.1.0 [boo#1195188] [CVE-2022-23959] * VCL: It is now possible to assign a BLOB value to a BODY variable, in addition to STRING as before. * VMOD: New STRING strftime(TIME time, STRING format) function for UTC formatting.- Added hardening to systemd service(s) (bsc#1181400). Modified: * varnish.service * varnishlog.service- Update to release 6.6.1 * Fix an HTTP/2.0 request smuggling vulnerability. [bnc#1188470]- update to 6.6.0: * The ban_cutoff parameter now refers to the overall length of the ban list, including completed bans, where before only non-completed (“active”) bans were counted towards ban_cutoff. * Body bytes accounting has been fixed to always represent the number of body bytes moved on the wire, exclusive of protocol-specific overhead like HTTP/1 chunked encoding or HTTP/2 framing. * The connection close reason has been fixed to properly report SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported. * Unless the new validate_headers feature is disabled, all newly set headers are now validated to contain only characters allowed by RFC7230. * The filter_re, keep_re and get_re functions from the bundled cookie vmod have been changed to take the VCL_REGEX type. This implies that their regular expression arguments now need to be literal, not e.g. string. * The interface for private pointers in VMODs has been changed, the VRT backend interface has been changed, many filter (VDP/VFP) related signatures have been changed, and the stevedore API has been changed. (Details thereto, see online changelog.)- Update to release 6.5.1 * Bump the VRT_MAJOR_VERSION number defined in the vrt.h- Update to release 6.5.0 * `PRIV_TOP` is now thread-safe to support parallel ESI implementations. * varnishstat's JSON output format (-j option) has been changed. * Behavior for 304-type responses was changed not to update the Content-Encoding response header of the stored object.- Disable LTO, this randomly fails during link stage.- Update Git-Web repository link - Set CFLAGS+=-fcommon.- Update to release 6.4.0 * The MAIN.sess_drop counter is gone. * backend "none" was added for "no backend". * The hash algorithm of the hash director was changed, so backend selection will change once only when upgrading. * It is now possible for VMOD authors to customize the connection pooling of a dynamic backend. * For more, see changes.rst.- Update to release 6.3.2 * Fix a denial of service vulnerability when using the proxy protocol version 2.- Update to release 6.3.0 * The Host: header is folded to lower-case in the builtin_vcl. * Improved performance of shared memory statistics counters. * Synthetic objects created from vcl_backend_error {} now replace existing stale objects as ordinary backend fetches would (for details see changes.rst)- Update to release 6.2.1 * Bugfix for CVE-2019-15892 [boo#1149382]- Add uninit.patch.- Updated to 6.2.0 * Added a thread pool watchdog which will restart the worker process if scheduling tasks onto worker threads appears stuck. The new parameter "thread_pool_watchdog" configures it. - Disabled error for clobbering, which caused bogus error in varnishtest- Put %fillup back into %post- Update to new upstream release 6.0.0 * Added support for Unix Domain Sockets, both for clients and for backend servers. This brings a new level of the VCL language, version 4.1. * Always use HTTP/1.1 on backend connections for pass fetch.- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to version 5.1.2: * Fix an endless loop in Backend Polling (#2295) * Fix a Chunked bug in tight workspaces (#2207, #2275) * Fix a bug relating to req.body when on waitinglist (#2266) * Handle EPIPE on broken TCP connections (#2267) * Work around the x86 arch's turbo-double FP format in parameter setup code. (#1875) * Fix race related to backend probe with proxy header (#2278) * Keep VCL temperature consistent between mgt/worker also when worker protests. * A lot of HTTP/2 fixes. - Changes introduced by version 5.1.1: * Fix bug introduced by stubborn old bugger right before release 5.1.0 was cut. - Changes introduced by version 5.1.0: * Added varnishd command-line options -I, -x and -?, and tightened restrictions on permitted combinations of options. * More progress on support for HTTP/2. * Add ``return(fail)`` to almost all VCL subroutines. * Restored the old hit-for-pass, invoked with ``return(pass(DURATION))`` from ``vcl_backend_response``. hit-for-miss remains the default. Added the cache_hitmiss stat, and cache_hitpass only counts the new/old hit-for-pass cases. Restored HitPass to the Varnish log, and added HitMiss. Added the HFP prefix to TTL log entries to log a hit-for-pass duration. * Rolled back the fix for #1206. Client delivery decides solely whether to send a 304 client response, based on client request and response headers. * Added vtest.sh. * Added vxid as a lefthand side for VSL queries. * Added the setenv and write_body commands for Varnish test cases (VTCs). err_shell is deprecated. Also added the operators - cliexpect, -match and -hdrlen, and -reason replaces -msg. Added the ${bad_backend} macro. * varnishtest can be stopped with the TERM, INT and KILL signals, but not with HUP. * The fallback director has now an extra, optional parameter to keep using the current backend until it falls sick. * VMOD shared libraries are now copied to the workdir, to avoid problems when VMODs are updated via packaging systems. * Bump the VRT version to 6.0. * Export more symbols from libvarnishapi.so. * The size of the VSL log is limited to 4G-1b, placing upper bounds on the -l option and the vsl_space and vsm_space parameters. * Added parameters clock_step, thread_pool_reserve and ban_cutoff. * Parameters vcl_dir and vmod_dir are deprecated, use vcl_path and vmod_path instead. * All parameters are defined, even on platforms that don't support them. An unsupported parameter is documented as such in param.show. Setting such a parameter is not an error, but has no effect. * Clarified the interpretations of the + and - operators in VCL with operands of the various data types. * DURATION types may be used in boolean contexts. * INT, DURATION and REAL values can now be negative. * Response codes 1000 or greater may now be set in VCL internally. resp.status is delivered modulo 1000 in client responses. * IP addresses can be compared for equality in VCL. * Introduce the STEVEDORE data type, and the objects storage.SNAME in VCL. Added req.storage and beresp.storage; beresp.storage_hint is deprecated. * Retired the umem stevedore. * req.ttl is deprecated. * Added std.getenv() and std.late_100_continue(). * The fetch_failed stat is incremented for any kind of fetch failure. * Added the stats n_test_gunzip and bans_lurker_obj_killed_cutoff. * Clarified the meanings of the %r, %{X}i and %{X}o formatters in varnishncsa. - Add varnish-5.1.2-add-fallthrough-comments.patch to fix build with GCC 7 (boo#1041259).- BuildRequire python3-docutils instead of python-docutils.- Update to new upstream release 5.0.0 - The varnishd "-u NNN" option, which may be remaining in /etc/sysconfig/varnish, has been replaced with "-j unix,user=NNN". * Varnish 5.0 changes some (mostly) internal APIs and adds some major new features over Varnish 4.1. * 5.0 supports jumping from the active VCL's vcl_recv{} to another VCL via a VCL label. * Very Experimental HTTP/2 support * We have added to the "directors" VMOD — an overhauled version of a director which was available as an out-of-tree VMOD under the name VSLP for a couple of years. It is basically a better hash director which uses consistent hashing to provide improved stability of backend node selection when the configuration and/or health state of backends changes. * Hit-For-Pass is now actually Hit-For-Miss * We have made the ban lurker even more efficient by example of some real live situations with tens of thousands of bans using inefficient regular expressions. * The waitinglist logic for ESI subrequests now uses condition variables to trigger immediate continuation of ESI processing when an object being waited for becomes available. * Backend PROXY protocol requests are now supported through the .proxy_header attribute of the backend definition. * VCL files are now also being searched for in /usr/share/varnish/vcl if not found in /etc/varnish. * The basic device detection vcl is now bundled with varnish.- Add "-ffloat-store -fexcess-precision=standard" to CFLAGS when building for ix86, working around bug gcc#323. See also gh#varnish/Varnish-Cache#88.- Update to new upstream release 4.1.2 * vmods: Passing VCL ACL to a vmod is now possible. * vmods: VRT_MINOR_VERSION increase due to new function: VRT_acl_match() * Be stricter when parsing a HTTP request to avoid potential HTTP smuggling attacks against vulnerable backends.- Report testsuite failure to build log and make testsuite nonfatal as there seems to be one swaying test, tests/r01478.vtc.- disable silent rules in spec file. - enable testsuite for varnish.- Update to new upstream release 4.1.1 * Improved security features (jails). * Support for PROXY protocol. * Warm and cold VCL states. * Backends defined through VMODs. * A lot of bugs were fixed. - Delete 0001-Fail-fetch-on-malformed-Content-Length-header.patch, this issue was fixed in upstream. - Add 'su varnish varnish' line to varnish.logrotate file. - Cleanup with spec-cleaner.- Update to new upstream release 4.0.3 * Full support for streaming objects through from the backend on a cache miss. Bytes will be sent to 1..n requesting clients as they come in from the backend server. * Background (re)fetch of expired objects. On a cache miss where a stale copy is available, serve the client the stale copy while fetching an updated copy from the backend in the background. * New varnishlog query language, allowing automatic grouping of requests when debugging ESI or a failed backend request. * Comprehensive request timestamp and byte counters. - Add 0001-Fail-fetch-on-malformed-Content-Length-header.patch [bnc#921316]s390zp21 1748620006  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`a7.7.17.7.1-bp156.2.3.17.7.1-bp156.2.3.1 varnishcachecache.hcache_backend.hcache_director.hcache_filter.hcache_varnishd.hcommoncommon_param.hminiobj.htblacct_fields_bereq.hacct_fields_req.hbackend_poll.hban_arg_oper.hban_oper.hban_vars.hbereq_flags.hberesp_flags.hboc_state.hbody_status.hcli_cmds.hdebug_bits.hexperimental_bits.hfeature_bits.hh2_error.hh2_frames.hh2_settings.hh2_stream.hhtc.hhttp_headers.hhttp_response.hlocks.hobj_attr.hoc_exp_flags.hoc_flags.hparams.hreq_bereq_flags.hreq_flags.hsess_attr.hsess_close.hsymbol_kind.hvcc_feature_bits.hvcl_context.hvcl_returns.hvcl_states.hvhd_fsm.hvhd_fsm_funcs.hvhd_return.hvhp_huffman.hvhp_static.hvrt_stv_var.hvsc_levels.hvsig_list.hvsl_tags.hvsl_tags_http.hwaiters.hvapivapi_options.hvoptget.hvsc.hvsig.hvsl.hvsl_int.hvsm.hvas.hvav.hvbh.hvbm.hvcl.hvcli.hvcs.hvdef.hvmod_abi.hvnum.hvqueue.hvre.hvre_pcre2.hvrnd.hvrt.hvrt_obj.hvsa.hvsb.hvsha256.hvtcp.hvte.hvtim.hvtree.hvut.hvut_options.hwaiterwaiter.hlibvarnishapi.sovarnishapi.pcaclocalvarnish-legacy.m4varnish.m4/usr/include//usr/include/varnish//usr/include/varnish/cache//usr/include/varnish/common//usr/include/varnish/tbl//usr/include/varnish/vapi//usr/include/varnish/waiter//usr/lib64//usr/lib64/pkgconfig//usr/share//usr/share/aclocal/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:18918/openSUSE_Backports_SLE-15-SP6_Update/73890b5564b1b9852fd68d90af41eb69-varnish.openSUSE_Backports_SLE-15-SP6_Updatedrpmxz5s390x-suse-linuxdirectoryC source, ASCII textASCII textC source, UTF-8 Unicode textpkgconfig fileM4 macro processor script, ASCII textPRI>g_4SGhաutf-8ccbbd433c51e3ce477030cd92ca4724e83e3a1b92d2226e4b037ce7c0d8a6208? 7zXZ !t/XZ"Z]"k%}Cxc9C4 lKٯyrM>$LEv$[ E}vZcax֟z0S_Ѷ4Nb7N/4PQB69t p)OއQBy|ILB3q*LIBT- $]Ly*f}CCR@^ %UY"on%=DRQ']ðiXds|/K>i2+$bJG9룭(v'; 4V`jz81!1qY/ꟸ[C.hS TƘD3Vϑr>s4]OW;Y#3p*u? Hոã9.ot c:jWأLѳ=l0郧ޥb/mo6q>vdɮDva.Jj#x;ř%wK\sfSL%YR&jLGOf*HVv  [;qz6{yU`_k:ǢbWs_]wxWlqg 1*m`ujM6:b]#q왹3c72Ujkk|%ܸr!#1ag)jWɦzLc A;v;h) vn$϶;6{C׊ڜVGw6>,M<)8t: W!ke1̌z0>s5J3ya/߻L ђ)?HKx_ƙ$ᮽ"APm'/N$ A gճ#fc q*N!Z XϦ~ 3M7Ny8htd?G%mlHw9/Z/2<m{jrn{TIhD&+D:%)X@ߞԔn@PZLRHX1!6K-_xZ\XlއBg;葂C2Ii !I9KL;I%Ma@7$c&y/r2 BPrQcP=c%uv@ס9~@EUDrfD-N.o3:A)H5[-J=6ݐu%P z E+ x=gR6-, p8@ƍs\)\2mq>KbO<(I MR$8=DumP"xVqA?-"rtjTk].{ClS$ /*row'g 텸SꬌV?@eKaZ4t-ܷ2Pu|nGncd6s';&&sM p[®E(q8OBXЌbvK&L;KLNg(uar "RY"fda 9??-tgY@L7юYӞۉ*)xF_jfQЧ80ٙ!9L%Ny47n-mJ[*VixR?t*L"x3]> v;͚`Rv0Dh1Hy*F J}?/]RR&^VEAd쀜>sZ. LpJ\?| 1=eQ'@/]Oڑ WC{)BẈĤf.jDq #3PC_b)۔ (՘;qo /8)BS 6*<w,Cj 8]mݦ”5#qDPĔ<}8Xg%Vz%bp4L+6;GrMםrd/gG|Or mR?"3ILBAeDAzn(vֻ{},53rBF4la~,6O1t.hS:&qUcͼքiv@y@ńw$~ !ǃ`V-Y : 1N>_Q/fU_UqGeGdt@Pm > n/jPj:R-GevaRzB?rɽw@ <,#JmD UZWY<@tL›p7$< 5~uT<5rB) >kW5`e^?T#T)Ng_`=^^G(ӇWrz%z5)5e#0].PJ 0 @*iKAzDMQcĐ-}&jlWpAܘwhq:3!+ ˀp2̥<]U3 =/r͢1$qO2C:Q@p@xٹ:!.L7ct6"#ǾYYE`$Y+N+6Ł֌^zY^xp#J9uN6ݵ&4.?WlYfru?uǵ+MO̊%4oSv,4WÀn9 y7pYT"aK8߆P uK$3BB|3@bʄ. 0J7F4tל+٪tǀ_^O,.bI8pj/9mqO-agFm5NPB譔70R!I0¬j«e?Z) {kTg< 5NM`W%z2 Yvm|cte'kHԄy Z+\ߔ(90.ѐAO.-L%,].v4N=Y=?;hϓcٍXT*S*0e553t*I̵@hW= Dr|_3www!w.-W:8^-Ab0QN('dZt]\1\>CM8\\P`S '8h,<}NK31*ꬺhkξ$ySʬyM̺Y 0  x-5̿Dd!Yw&fb!. &, +z9ѝxԿ]k\`GŢNS qtH4REhw |2fɗ%VM%wQi v.p;kf``b.nwwߗIyO%0*:0+dNANHo;]pjm8 byD@T~pQ%ivq6rP9,whIHX~(o?,e._MĺJ@RAqoQBN;US^b_J=`_.) 4$u;E!24K҄xjS9E 3(Ё1efП8fVxZbHBL؜A08y4=,Ii>6fH// ,GyO&5 .2f묫%S.΂C,γo)yG~ + ߖ̢D_H ,2LPu~PXVc;%SCdn%y*  .Cqxi!T+!np33 [].JlF-O3!һ-? ̀ΟrER(+`N #2gK(t\m.K8dBvu+ґ!!nȏ5nUbIuG3Nf8IT[H%vܡ'`I;5s@5z'~ω#.Drw|?ib"#n9SmSo lκ_IcB:$b{ 9ÁP`R 16/S'e̍,jn_BmYqe߀"e ݘSZi`v)|sCЂ1ɉ[n[lsSsPv޽RmH+pղH~~稰-8-gr͔6~ĎWW8e,G.JcKg§ ^SdlU$lNo@G{KX,vA7lW)bӥ3J.?.vZXDw#Uwȵ3\Kߴ5CbD)eCbRW_7:i~"Z#qEgh#qc$&J7o^؀UvR3v3? 욷{B8P7|(ic,VuN?ݾs`/[eSsM$2F˲L/cQ~ iNrV Zll!BT?덝0&={gE,kVV>wH3UC5WsH׏zPv]آXp?`+15"(#dέH ' &]=w+?ius?K E$pՇ7 =)XwGY W\(1y/"ę6wقV-35;Xu19,X jx׬$?b@3 7R4i?Z6MK)JT]x g2*\u:S?$WWE7%`ʶt}j7|^Ja)R-sVcSƷСMAV9m.9X ne}]H>Evm*Y{%Є[zmrrJI >;,/xiU* (Ubp}4++,yVzO!X(]{vU£GƂԽ{…P,WrPZ.<;tLi`b9yy/\#(u;EoY ${$#Q7`N޲P}5+ @{6)t.(}b3Qb- i62Bq|tr1D^q+S,9ogt-(A@jA4V,&wSa>Uܚ^iu+\n75!QGӢjַؘŹ^k =wku5=KXtJHIMɖzK[lGH|j$nLi^g%UGV 6,Viwԑ';Pb?UPUG_Ђ0ըFJip/Չ,c'L;)Ç& J,N7^:ncx$2-df<`?34P.10Yssp j1+r J}m f rgG{-h`;v_!{FlELN׋":&w]x|9'cb5^YM0egCL(hjW<0`Rs7JJ5FʤAD6 ?\٤ 8N-5`?"m~!m'~uq4Qr0"bɖ i@;sc֚Z}5=L~G@f˨5A讀ɾ-xl['FUmLz[XΘ}??%vg'B*WNTmɯ%+ 8Ze1 pB3(3+t;oX J8Є=ZӥA/ujƗB戝H].nrb Pj d)y[p$O]BzGw eFOXgQh:VZtoE-tA#Pa-^1%\Kz :X'2zu;Oƍ _ћ%&ؖ$ՠ'!:gI i6c  1BA" 'EvV?&\pa1&d,  )$Pf'%/,][r=3tw۟gg(Z:!&o/M+Abȕc0^N︝ze&4JP%H1Gɐ W!uEzyp<hH(}mk <#x AҷNaKMҪfp/TT( Ù'}#ʹh_( @zaOP3@-j:3el#"pȠ0ƯoW]r PxpB")^l3C! ƴ|ýcx^PJE۰Z YZ