このコンテンツは選択した言語では利用できません。
Chapter 13. Servers and Services
Tomcat 6 starts as expected when the fr_FR language is configured
Previously, there was an incorrect entry in the Tomcat 6
LocalStrings_fr.properties
file. As a consequence, Tomcat 6 showed and exception during the startup when the LANG
variable in the /etc/tomcat6/tomcat6.conf
file was set to fr_FR
. This update fixes the entry and now Tomcat 6 starts without the exception. (BZ#1072484)
tomcat6 now provides noarch packages
Previous releases provided the tomcat6 packages as architecture-dependent. However, the Tomcat 6 servlet container is a Java application without any native components. Therefore, this release provides the packages as architecture-independent. (BZ#1155509)
The Tomcat 6 NIO connector does not leak memory anymore
Previously, a memory leak sometimes occurred when using the Tomcat 6 Non-blocking I/O (NIO) connector. This update ensures that Tomcat 6 removes processors from the RequestGroupInfo list and returns them to the recycledProcessors queue. As a result, the NIO connector no longer leaks memory. (BZ#1268352)
mod_nss now supports changing the SSL renegotiation buffer size
This update adds the
NSSRenegBufferSize
parameter to the mod_nss package. The parameter allows users to configure the amount of memory to be used for buffering a POST request when a per-location SSL renegotiation is required. Previously, mod_nss did not support this functionality, which caused such requests to fail with the following message recorded in Apache logging:
request body exceeds maximum size for SSL buffer, could not buffer message body to allow SSL renegotiation to proceed.
NSSRenegBufferSize
accepts buffer size in bytes. The default value is 128K. Setting NSSRenegBufferSize
to 0
disables the buffering. (BZ#1214366)
Documentation for tcp_wrappers
no longer refers to unavailable binaries
The
hosts_access(5)
man page, which is a part of the tcp_wrappers package, previously referred to tcpdchk
and tcpdmatch
binaries which were not included in this package, causing confusion. References to tcpdchk
have been removed from the man page, and a modified version of tcpdmatch
has been added to the package, allowing you to test your configurations by following the provided instructions. (BZ#1084458)
openssh-clients
no longer keeps exited sessions open
Previously, the implementation of openssh-clients did not adhere to RFC 4253, The Secure Shell (SSH) Transport Layer Protocol, as in some cases, a language tag was not sent for the
SSH_MSG_DISCONNECT
message. As a consequence, when connected to the server from a Red Hat Enterprise Linux 6 ssh-client
and disconnected by closing the session, the server kept the session (TCP socket) open until it timed out. This bug has been fixed by adding correct parameters for the SSH_MSG_DISCONNECT
message, which makes the server close the session as expected. (BZ#1222500)
Pegasus CIM server now disables SSLv3 and uses TLS1.0 or later by default
The Pegasus CIM server previously had no option to disable the SSLv3 protocol, which is now considered insecure. This update contains a backported upstream fix which changes the default behavior so that SSLv3 is disabled, TLS1.0 or later is used, and SSLv3 can be reenabled using the
sslBackwardCompatibility
option if necessary. (BZ#1238329)
vsftpd can now use wildcards in commands correctly
A regression in the
vsftpd
daemon previously caused commands which used wildcards such as *
or ?
to fail. This bug has been fixed and you can now use wildcards in commands such as ls
with vsftpd
again. (BZ#1315957)
Print jobs no longer disappear from cups
queue for non-responsive printers
Previously, when a print job was submitted to a print queue which was trying to send jobs to a non-responsive printer, and then the queue was disabled and reenabled, the print job disappeared due to a bug in the
cups
service. An upstream fix was backported into cups
, and jobs no longer disappear from queues when they are disabled and reenabled. (BZ#1293498)
The Dovecot IMAP server now returns the CP932 character in IMAP search results
A bug in the charset conversion algorithm caused IMAP searches not to return messages that contained the CP932 character. An upstream fix has been backported to fix this bug, and the IMAP search command na finds messages containing the CP932 character as expected. (BZ#1275233)
Applications no longer access database files on a NFS share ineffectively
Prior to this update, some applications performed poorly when performing operations on database files hosted on a NFS share. This was caused by the frequent invalidations of cache on the NFS client. This update introduces a new environment variable
NDBM_LOCK
, which prevents cache invalidation. As a result, the relevant applications no longer perform poorly in the described scenario. (BZ#668702)