![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / devel / apr
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.56 / (download) - annotate - [select for diffs], Sun Apr 23 08:57:08 2023 UTC (4 months, 4 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base,
pkgsrc-2023Q2,
HEAD
Changes since 1.55: +4 -4
lines
Diff to previous 1.55 (colored)
apr: update to 1.7.4.
Changes for APR 1.7.4
*) Fix a regression where writing to a file opened with both APR_FOPEN_APPEND
and APR_FOPEN_BUFFERED did not properly append the data on Windows.
(This regression was introduced in APR 1.7.3) [Evgeny Kotkov]
Revision 1.55 / (download) - annotate - [select for diffs], Fri Apr 7 14:57:58 2023 UTC (5 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.54: +2 -2
lines
Diff to previous 1.54 (colored)
apr: restore patch comment
Revision 1.54 / (download) - annotate - [select for diffs], Fri Apr 7 14:07:22 2023 UTC (5 months, 2 weeks ago) by ryoon
Branch: MAIN
Changes since 1.53: +2 -1
lines
Diff to previous 1.53 (colored)
apr: Restore apr-config change to fix buildlinking Bump PKGREVISION.
Revision 1.53 / (download) - annotate - [select for diffs], Fri Apr 7 09:37:00 2023 UTC (5 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.52: +5 -6
lines
Diff to previous 1.52 (colored)
apr: updated to 1.7.3 Changes for APR 1.7.3 *) apr-1-config: Fix crosscompiling detection in apr-1-config. *) configure: Add --enable-sysv-shm to use SysV shared memory (shmget) if available. *) apr_socket_sendfile: Use WSAIoctl() to get TransmitFile function pointer on Windows. *) apr_dir_read: Do not request short file names on Windows 7 and later. *) apr_file_gets: Optimize for buffered files on Windows. *) Fix a deadlock when writing to locked files opened with APR_FOPEN_APPEND on Windows. *) Don't seek to the end when opening files with APR_FOPEN_APPEND on Windows. *) apr_file_write: Optimize large writes to buffered files on Windows. *) apr_file_write: Optimize large reads from buffered files on Windows.
Revision 1.52 / (download) - annotate - [select for diffs], Sun Feb 5 08:41:05 2023 UTC (7 months, 2 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base,
pkgsrc-2023Q1
Changes since 1.51: +4 -4
lines
Diff to previous 1.51 (colored)
apr: update to 1.7.2.
Changes for APR 1.7.2
*) Correct a packaging issue in 1.7.1. The contents of the release were
correct, but the top level directory was misnamed.
Revision 1.51 / (download) - annotate - [select for diffs], Wed Feb 1 03:29:47 2023 UTC (7 months, 2 weeks ago) by ryoon
Branch: MAIN
Changes since 1.50: +2 -1
lines
Diff to previous 1.50 (colored)
apr: Fix an output of 'apr-1-config --includes' in buildlink3 case * Do not detect buildlink3 case as crosscompile. Disable crosscompile case. Fix devel/subversion-base build. * Bump PKGREVISION
Revision 1.50 / (download) - annotate - [select for diffs], Tue Jan 31 18:41:49 2023 UTC (7 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.49: +7 -9
lines
Diff to previous 1.49 (colored)
apr: update to 1.7.1.
Changes for APR 1.7.1
*) SECURITY: CVE-2021-35940 (cve.mitre.org)
Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
(This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
later 1.6.x releases, but was missing in 1.7.0.) [Stefan Sperling]
*) configure: Fix various build issues for compilers enforcing
strict C99 compliance. PR 66396, 66408, 66426.
[Florian Weimer <fweimer redhat.com>, Sam James <sam gentoo.org>]
*) apr_atomic_read64(): Fix non-atomic read on 32-bit Windows [Ivan Zhakov]
*) configure: Prefer posix name-based shared memory over SysV IPC.
[Jim Jagielski]
*) configure: Add --disable-sctp argument to forcibly disable SCTP
support, or --enable-sctp which fails if SCTP support is not
detected. [Lubos Uhliarik <luhliari redhat.com>, Joe Orton]
*) Fix handle leak in the Win32 apr_uid_current implementation.
PR 61165. [Ivan Zhakov]
*) Add error handling for lseek() failures in apr_file_write() and
apr_file_writev(). [Joe Orton]
*) Don't silently set APR_FOPEN_NOCLEANUP for apr_file_mktemp() created file
to avoid a fd and inode leak when/if later passed to apr_file_setaside().
[Yann Ylavic]
*) APR's configure script uses AC_TRY_RUN to detect whether the return type
of strerror_r is int. When cross-compiling this defaults to no.
This commit adds an AC_CACHE_CHECK so users who cross-compile APR may
influence the outcome with a configure variable. [Sebastian Kemper
<sebastian_ml gmx net>]
*) Add a cache check with which users who cross-compile APR
can influence the outcome of the /dev/zero test by setting the variable
ac_cv_mmap__dev_zero=yes [Sebastian Kemper <sebastian_ml gmx net>]
*) Trick autoconf into printing the correct default prefix in the help.
[Stefan Fritsch]
*) Don't try to use PROC_PTHREAD by default when cross compiling.
[Yann Ylavic]
*) Add the ability to cross compile APR. [Graham Leggett]
*) While cross-compiling, the tools/gen_test_char could not
be executed at build time, use AX_PROG_CC_FOR_BUILD to
build native tools/gen_test_char
Support explicit libtool by variable assigning before buildcheck.sh,
it is helpful for cross-compiling (such as libtool=aarch64-linux-libtool)
[Hongxu Jia <hongxu.jia windriver.com>]
*) Avoid an overflow on 32 bit platforms. [René Hjortskov Nielsen
<r... hjortskov.dk>]
*) Use AC_CHECK_SIZEOF, so as to support cross compiling. PR 56053.
[Mike Frysinger <vapier gentoo.org>]
*) Add --tag=CC to libtool invocations. PR 62640. [Michael Osipov]
*) apr_pools: Fix pool debugging output so that creation events are
always emitted before allocation events and subpool destruction
events are emitted on pool clear/destroy for proper accounting.
[Brane ibej]
*) apr_socket_listen: Allow larger listen backlog values on Windows 8+.
[Evgeny Kotkov <evgeny.kotkov visualsvn.com>]
*) Fixed: apr_get_oslevel() was returning APR_WIN_XP on Windows 10
*) Fix attempt to free invalid memory on exit when apr_app is used
on Windows. [Ivan Zhakov]
*) Fix double free on exit when apr_app is used on Windows. [Ivan Zhakov]
*) Fix a regression in apr_stat() for root path on Windows. [Ivan Zhakov]
Revision 1.49 / (download) - annotate - [select for diffs], Sun Nov 28 12:57:05 2021 UTC (21 months, 3 weeks ago) by he
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4,
pkgsrc-2022Q3-base,
pkgsrc-2022Q3,
pkgsrc-2022Q2-base,
pkgsrc-2022Q2,
pkgsrc-2022Q1-base,
pkgsrc-2022Q1,
pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.48: +3 -1
lines
Diff to previous 1.48 (colored)
Add a patch to deal with CVE-2021-35940. An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. https://svn.apache.org/viewvc?view=revision&revision=1891198 Bump PKGREVISION.
Revision 1.48 / (download) - annotate - [select for diffs], Tue Oct 26 10:14:15 2021 UTC (22 months, 3 weeks ago) by nia
Branch: MAIN
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (colored)
archivers: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Could not be committed due to merge conflict: devel/py-traitlets/distinfo The following distfiles were unfetchable (note: some may be only fetched conditionally): ./devel/pvs/distinfo pvs-3.2-solaris.tgz ./devel/eclipse/distinfo eclipse-sourceBuild-srcIncluded-3.0.1.zip
Revision 1.47 / (download) - annotate - [select for diffs], Thu Oct 7 13:39:09 2021 UTC (23 months, 2 weeks ago) by nia
Branch: MAIN
Changes since 1.46: +1 -2
lines
Diff to previous 1.46 (colored)
devel: Remove SHA1 hashes for distfiles
Revision 1.46 / (download) - annotate - [select for diffs], Thu Feb 20 06:25:28 2020 UTC (3 years, 7 months ago) by rin
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1,
pkgsrc-2020Q4-base,
pkgsrc-2020Q4,
pkgsrc-2020Q3-base,
pkgsrc-2020Q3,
pkgsrc-2020Q2-base,
pkgsrc-2020Q2,
pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.45: +4 -1
lines
Diff to previous 1.45 (colored)
Work around missing 64bit atomic compiler builtins on IPL32 platforms other than x86, that is handled manually (mess!). It should be better to fix autoconf stuff rather than source codes. However, (1) it requires to regen configure script, and (2) apr 2.0 uses cmake. Thanks to @est_suzume for analysis.
Revision 1.45 / (download) - annotate - [select for diffs], Fri Apr 12 13:02:44 2019 UTC (4 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4,
pkgsrc-2019Q3-base,
pkgsrc-2019Q3,
pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.44: +5 -5
lines
Diff to previous 1.44 (colored)
apr: update to 1.7.0.
Changes for APR 1.7.0
*) apr_dir_read: [Unix] Dropped the preference of the dirread_r() flavor
for dirread(), because the former is both deprecated and unneeded.
[Yann Ylavic, William Rowe]
*) apr_file_info: [Win32 only] Treat only "name surrogate" reparse points
as symlinks, and not other reparse tag types. bug 47630
[Oleg Liatte <olegliatte gmail.com>]
*) Test %ld vs. %lld to avoid compiler emits using APR_OFF_T_FMT, in the
case of apparently equivilant long and long long types. [William Rowe]
*) Recognize APPLE predefined macros as equivilant to DARWIN. [Jim Jagielski]
*) Signals: Allow handling of SIGUSR2 in apr_signal_thread. [Yann Ylavic]
*) Atomics: Support for 64bit ints. [Jim Jagielski]
*) Add the apr_encode_* API that implements RFC4648 and RFC7515
compliant BASE64, BASE64URL, BASE32, BASE32HEX and BASE16
encode/decode functions. [Graham Leggett]
*) rand: Use arc4random_buf() on BSD platforms and getrandom() on Linux,
when available. [Christian Weisgerber <naddy openbsd.org, Yann Ylavic]
*) Add apr_sockaddr_zone_set, apr_sockaddr_zone_set to set and retrieve
the zone for link-local IPv6 addresses. [Joe Orton]
*) apr_sockaddr_equal: Compare link-local IPv6 addresses with different
zones as not equal. [Joe Orton]
*) apr_sockaddr_ip_getbuf, apr_sockaddr_ip_get: Append "%zone" for
IPv6 link-local addresses. [Joe Orton]
*) Locks: add a --disable-timedlocks config option in case users
encounter more platforms where it fails [Nick Kew].
*) apr_allocator, apr_pools: Add apr_allocator_page_size() and
apr_allocator_min_order_set() to respectively get the (system's) page size
in use and set the minimum allocation size for an allocator (expressed in
2^order pages). [Yann Ylavic]
*) locks: provide portable implementations of timedlock()s for
posix-sems, sysv-sems and pthreads for those platforms that
lack native versions (eg: OSX/macOS). [Jim Jagielski]
*) locks: Introduce apr_{thread,proc,global}_mutex_timedlock().
[Yann Ylavic]
Revision 1.44 / (download) - annotate - [select for diffs], Sun Dec 2 10:22:39 2018 UTC (4 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1,
pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.43: +5 -5
lines
Diff to previous 1.43 (colored)
apr: update to 1.6.5.
Changes for APR 1.6.5
*) Fix Win32 build breakage in apr_os_exp_time_put() in 1.6.4. [Rainer Jung]
Changes for APR 1.6.4 (not released)
*) configure: Fix detection of <net/if.h> on OpenBSD.
PR 61976. [David Carlier <devnexen gmail.com>, Yann Ylavic]
*) Fix apr_parse_addr_port() regression in scope_id parsing introduced
in 1.6.3. [Rainer Jung]
*) Fix Win32 file buffer locking behavior for single threaded file streams.
[Evgeny Kotkov, Mladen Turk, Jean-Frederic Clere]
*) Numerous corrections to APR poll behavior. [Yann Ylavic]
Revision 1.43 / (download) - annotate - [select for diffs], Tue Oct 24 12:24:27 2017 UTC (5 years, 10 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q3,
pkgsrc-2018Q2-base,
pkgsrc-2018Q2,
pkgsrc-2018Q1-base,
pkgsrc-2018Q1,
pkgsrc-2017Q4-base,
pkgsrc-2017Q4
Changes since 1.42: +5 -5
lines
Diff to previous 1.42 (colored)
Update to 1.6.3
Changelog:
Changes for APR 1.6.3
*) apr_file_trunc: Truncating a buffered file could add unexpected
data after the truncate position. 51017.
[Evgeny Kotkov <evgeny.kotkov visualsvn.com>]
*) apr_file_trunc: Fix an issue where reading from a buffered file
after truncate could return stale data from the buffer.
[Evgeny Kotkov <evgeny.kotkov visualsvn.com>]
*) apr_ipsubnet_create() now fails for an empty input string.
[Joe Orton]
Revision 1.42 / (download) - annotate - [select for diffs], Mon Jun 19 20:40:38 2017 UTC (6 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base,
pkgsrc-2017Q3,
pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Changes since 1.41: +5 -5
lines
Diff to previous 1.41 (colored)
Updated apr to 1.6.2.
Changes for APR 1.6.2
*) Corrected non-Unix builds for APR_LOCK_DEFAULT.
Changes for APR 1.6.1
*) Defer timed locks API for later 1.7 release [Nick Kew, William Rowe]
*) Export build files find_apr.m4 and apr_common.m4 [Jacob Champion]
Changes for APR 1.6.0
*) apr_allocator: Provide apr_allocator_align() to get the true size that
would be allocated for the given size (including the header and
alignment). [Yann Ylavic]
*) apr_os_proc_mutex_put_ex: Allow to specify whether the OS native
mutex should or not be cleaned up (destroyed) with the constructed
APR mutex (given pool), and default to not for the simple _put()
function. [Yann Ylavic]
*) apr_proc/global_mutex: Fix API regarding the native OS mutexes
accessors from/to available APR mechanisms, adding the new functions
apr_os_proc_mutex_get_ex() and apr_os_proc_mutex_set_ex() which give
control to the user over the selected mechanisms, including the missing
POSIX semaphores (sem_t) on platforms supporting them.
[Yann Ylavic]
*) apr_proc_mutex-pthread: Refcount shared mutexes usage to avoid
destruction while still is use by some process(es). PR 49504.
[Yann Ylavic]
*) apr_file_io: Add apr_file_pipe_create_pools() allowing a pair of
pipes to be created, each in a different pool. [Graham Leggett]
*) Add apr_pollcb_wakeup(), with similar behavior to
apr_pollset_wakeup(). Add apr_pollcb_method_name(), with similar
behavior to apr_pollset_method_name().
[Neil Conway <nrc cs berkeley edu>, Jeff Trawick]
*) apr_table_overlap: Add APR_OVERLAP_TABLES_ADD to merge and set when
overlapping tables. [Graham Leggett]
*) locks: Introduce apr_{thread,proc,global}_mutex_timedlock().
[Yann Ylavic]
*) Introduce the apr_cstr_fn() family of functions, derived from
the svn_cstring_ functions of the Subversion project.
*) Add APR_SO_FREEBIND option for apr_socket_opt_set. PR 58725.
[Ashley GC, Jan Kaluza, Joe Orton]
*) apr_filepath_merge: Fix truename length calculation on Windows
in cases where the "short" name variant is actually longer than
the "long" or "true" name. See: testnames.c:merge_shortname().
[Bert Huijben <rhuijben a.o>]
*) apr_atomic: Fix errors when building on Visual Studio 2013 while
maintaining the ability to build on Visual Studio 6 with Windows
Server 2003 R2 SDK. PR 57191. [Gregg Smith]
*) apr_skiplist: Add apr_skiplist_addne*() family to preserve existing
values (no duplicate), add apr_skiplist_size(), apr_skiplist_height()
and apr_skiplist_preheight() to get the corresponding current values,
and apr_skiplist_set_preheight() to modify it. [ Yann Ylavic ]
*) Add new --enable-allocator-guard-pages which is like allocator-uses-mmap,
but will also add inaccessible guard pages before and after each memnode.
This will result in higher ressource usage but allow to find/protect
against certain buffer overflow/overread bugs. Under Linux, it may be
necessary to increase /proc/sys/vm/max_map_count . [Stefan Fritsch]
*) apr_skiplist: Add apr_skiplist_add() to support multiple values.
*) Add new --enable-pool-concurrency-check configure option to detect
thread-unsafe concurrent accesses to pools. Runtime costs should be
relatively low. [Stefan Fritsch]
*) Add support code to teach valgrind about APR pools and allocators.
[Stefan Fritsch]
*) Add apr_sockaddr_info_copy(), for making a deep copy of an
apr_sockaddr_t into a specified pool. [Yann Ylavic
<ylavic.dev gmail.com>]
*) Added Unix domain socket support.
[Mladen Turk]
*) Add apr_shm_delete() to compliment apr_shm_remove().
[Jim Jagielski]
*) Intruduce APR_PERMS_SET macros for setting the owner/group on
objects. Currently only implemented for shm, proc and global
mutexes on posix platforms.
[Mladen Turk]
*) Add apr_escape_ldap() and apr_pescape_ldap(), escaping characters
as described by RFC4514 and RFC4515 respectively. [Graham Leggett]
Revision 1.41 / (download) - annotate - [select for diffs], Tue Nov 3 03:27:14 2015 UTC (7 years, 10 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base,
pkgsrc-2017Q1,
pkgsrc-2016Q4-base,
pkgsrc-2016Q4,
pkgsrc-2016Q3-base,
pkgsrc-2016Q3,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1,
pkgsrc-2015Q4-base,
pkgsrc-2015Q4
Changes since 1.40: +2 -1
lines
Diff to previous 1.40 (colored)
Add SHA512 digests for distfiles for devel category Issues found with existing distfiles: distfiles/eclipse-sourceBuild-srcIncluded-3.0.1.zip distfiles/fortran-utils-1.1.tar.gz distfiles/ivykis-0.39.tar.gz distfiles/enum-1.11.tar.gz distfiles/pvs-3.2-libraries.tgz distfiles/pvs-3.2-linux.tgz distfiles/pvs-3.2-solaris.tgz distfiles/pvs-3.2-system.tgz No changes made to these distinfo files. Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Revision 1.40 / (download) - annotate - [select for diffs], Thu May 28 06:39:32 2015 UTC (8 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q3,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2
Changes since 1.39: +4 -4
lines
Diff to previous 1.39 (colored)
Update to 1.5.2:
-*- coding: utf-8 -*-
Changes for APR 1.5.2
*) SECURITY: CVE-2015-1829 (cve.mitre.org)
APR applications using APR named pipe support on Windows can be
vulnerable to a pipe squatting attack from a local process; the extent
of the vulnerability, when present, depends on the application.
Initial analysis and report was provided by John Hernandez of Casaba
Security via HP SSRT Security Alert. [Yann Ylavic]
*) apr_atomic: Fix errors when building on Visual Studio 2013 while
maintaining the ability to build on Visual Studio 6 with Windows
Server 2003 R2 SDK. PR 57191. [Gregg Smith]
*) Switch to generic atomics for early/unpatched Solaris 10 not exporting
some atomic functions. PR 55418. [Yann Ylavic]
*) apr_file_mktemp() on HP-UX: Remove limitation of 26 temporary files
per process. PR 57677. [Jeff Trawick]
*) apr_escape: Correctly calculate the size of the returned string in
apr_escape_path and set the correct return value in case we actually
escape the string. [<aduryagin gmail.com>] PR 57230.
*) pollcb on Windows: Handle calls with no file/socket descriptors.
Follow up to PR 49882. [Jeff Trawick, Yann Ylavic]
*) apr_poll(cb): fix error paths returned values and leaks. [Yann Ylavic]
*) apr_thread_cond_*wait() on BeOS: Fix broken logic. PR 45800.
[Jochen Voss (no e-mail)]
*) apr_skiplist: Optimize the number of allocations by reusing pooled or
malloc()ed nodes for the lifetime of the skiplist. [Yann Ylavic]
*) apr_skiplist: Fix possible multiple-free() on the same value in
apr_skiplist_remove_all(). [Yann Ylavic]
*) apr_pollset: On z/OS, threadsafe apr_pollset_poll() may return
"EDC8102I Operation would block" under load.
[Pat Odonnell <patod us.ibm.com>]
*) On z/OS, apr_sockaddr_info_get() with family == APR_UNSPEC was not
returning IPv4 addresses if any IPv6 addresses were returned.
[Eric Covener]
*) Windows cmake build: Fix an incompatibility with cmake 2.8.12 and
later. [Jeff Trawick]
*) apr_global_mutex/apr_proc_mutex: Resolve failures with the
POSIX sem implementation in environments which receive signals.
[Jeff Trawick]
*) apr_skiplist: Fix potential corruption of skiplists leading to
results or crashes. [Takashi Sato <takashi tks st>, Eric Covener]
PR 56654.
*) Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
Revision 1.39 / (download) - annotate - [select for diffs], Tue Nov 25 14:55:46 2014 UTC (8 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base,
pkgsrc-2015Q1,
pkgsrc-2014Q4-base,
pkgsrc-2014Q4
Changes since 1.38: +2 -1
lines
Diff to previous 1.38 (colored)
Unconditionally use the !ARM, !CRAY version of APR_OFFSET.
Revision 1.38 / (download) - annotate - [select for diffs], Wed Apr 23 06:56:04 2014 UTC (9 years, 5 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base,
pkgsrc-2014Q3,
pkgsrc-2014Q2-base,
pkgsrc-2014Q2
Changes since 1.37: +4 -4
lines
Diff to previous 1.37 (colored)
Update "apr" package to version 1.5.1. Changes since 1.5.0: - apr_os_proc_mutex_get() on Unix: Avoid segfault for cross- process pthread mutexes. [Yann Ylavic <ylavic.dev gmail.com>] - When using shmget-based shared memory, the ID used for ftok is now an APR hash of the filename instead of the constant '1'. We do this to help avoid collisions. Bug 53996 [Jim Jagielski] - apr_socket_atreadeof(): Fix breakage on OS X. [Jim Jagielski] - Fix POSIX shared memory (shm_open) use for named shared memory. Includes adding '--enable-posix-shm' to force POSIX shm if available, and OS X compatibility. Bug 55928. [Jozef Hatala <jh-asf skrt org>, Jim Jagielski] - Fix apr_escape.c compilation errors on EBCDIC platforms. [Eric Covener] - FreeBSD 10: Correct a regression in 1.5.0 which affected non- blocking sockets in some applications, including httpd. [Jeff Trawick] - apr_skiplist: Add compatibility with C++ applications. [Jeff Trawick] - Correct a regression in 1.5.0 which affected out-of-tree builds on Unix. [Rainer Jung] - Improve platform detection for bundled expat by updating config.guess and config.sub. [Rainer Jung]
Revision 1.37 / (download) - annotate - [select for diffs], Sun Dec 1 09:45:49 2013 UTC (9 years, 9 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1,
pkgsrc-2013Q4-base,
pkgsrc-2013Q4
Changes since 1.36: +4 -4
lines
Diff to previous 1.36 (colored)
Update to 1.5.0
* BUILDLINK_{API,ABI}_DEPENDS.apr are bumped
Changelog:
Changes for APR 1.5.0
*) Fix Linux kernel version check to recognize more versions,
including versions 3.10 and later. Bug 55690. [Joe Orton,
Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>]
*) Add apr_sockaddr_is_wildcard() to check if a socket address
refers to the wildcard address for the protocol family (e.g.,
0.0.0.0/INADDR_ANY for IPv4). [Jeff Trawick]
*) apr_file_dup2() on Windows: Fix debug RTL assertion in when
attempting to _commit(stdout) or _commit(stderr). [Mike Rumph
<mike.rumph oracle.com>]
*) apr_socket_connect() on Windows: Handle WSAEISCONN. Bug 48736.
[<inoue ariel-networks.com>, Jeff Trawick]
*) z/OS: threadsafe apr_pollset_poll support for sockets [Greg Ames]
*) Windows: Don't obtain a mutex for buffered file I/O unless the
file was opened with the APR_FOPEN_XTHREAD flag. [Ivan Zhakov
<ivan visualsvn.com>]
*) Windows: Create named shared memory segments under the "Local"
namespace if the caller is unprivileged, fixing an inability of
unprivileged callers to use apr_shm_create() with named shared
memory segments under recent Windows. As before, shared memory
segments are created under the "Global" namespace for privileged
callers. Add apr_shm_create_ex() and apr_shm_attach_ex(), which
provide the ability to override the normal namespace selection.
[Jeff Trawick]
*) Update compile settings for MINT OS. Bug 47181. [Alan Hourihane
<alanh fairlite.co.uk>]
*) Files and pipes on Windows: Don't create an unused pollset when
files and pipes are opened. [Mladen Turk]
*) apr_socket_timeout_set() on Windows: If the socket was in a non-
blocking state before, disable that setting so that timeouts work.
[Jeff Trawick]
*) File info APIs: Fix calculation of atime and mtime on AIX. Bug 51146.
[Ruediger Pluem]
*) Add the apr_escape interface. [Graham Leggett]
*) Cygwin build fixes. Bugs 51016 and 55586. [Carlo Bramini
<carlo.bramix libero.it>]
*) Add apr_skiplist family. [Jim Jagielski]
*) Add experimental cmake-based build system for Windows. Refer to
README.cmake for more information. [Jeff Trawick, Tom Donovan]
*) Add the apr_table_getm() call, which transparently handles the
merging of keys with multiple values. [Graham Leggett]
*) Add apr_hash_this_key(), apr_hash_this_key_len(), and
apr_hash_this_val() for easier access to those attributes from
a hash iterator. [Hyrum K. Wright <hyrum_wright mail.utexas.edu>]
*) MinGW/MSYS: Support shared builds of APR, other general improvements
to support of this toolchain. Bug 46175. [Carlo Bramini
<carlo.bramix libero.it>]
*) Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
*) apr_socket_opt_set: Add support for APR_SO_BROADCAST. PR 46389.
[Armin Müller <mueller itestra com>]
*) Enable platform specific support for the opening of a file or
pipe in non-blocking mode through the APR_FOPEN_NONBLOCK flag.
[Graham Leggett]
Revision 1.36 / (download) - annotate - [select for diffs], Thu Jul 4 16:24:02 2013 UTC (10 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.35: +4 -6
lines
Diff to previous 1.35 (colored)
Update to 1.4.8:
Changes for APR 1.4.8
*) Fix compiltation with FreeBSD on ARM. [Olli Hauer <ohauer gmx.de>]
*) Fix 1.4.7 regression in apr_mcast_hops() and apr_mcast_loopback()
for AF_INET (IPv4) sockets on most Unix platforms. [Joe Orton]
*) Fix the return value of apr_threadattr_detach_get() on some
platforms like OS X and Solaris. [Rainer Jung, <dusanv gmail com>]
Changes for APR 1.4.7
*) Fix apr_sockaddr_info_get() not returning an error in some cases.
PR 54779. [Jan Kaluža <jkaluza redhat com>]
*) Fix amd64 assembler version of apr_atomic_xchgptr(). PR 51851. [Mattias
Engdegård <mattiase acm org>]
*) Fix PPC atomics to work with gcc 4.0. PR 54840. [Mattias Engdegård
<mattiase acm org>]
*) configure: Fix detection of O_NONBLOCK inheritance on busy
systems. [Rainer Jung]
*) Remove unused code, fix strict C compliance bug in SHA-256
implementation. [Jan Kaluza <jkaluza redhat.com>]
*) Fix apr_ipsubnet_test() false positives when comparing IPv4
subnet representation against an IPv6 address. PR 54047. [Joe Orton]
*) apr_socket_accept_filter: Return success when trying to again set
the filter to the same value as before, avoiding an unhelpful
APR_EINVAL. PR 37863. [Jeff Trawick]
*) configure: Fix Linux 3.x detection. PR 54001. [Gilles Espinasse
<g esp free fr>]
*) apr_time_exp_*() on Windows: Fix error in the tm_yday field of
apr_time_exp_t for times within leap years. PR 53175.
[Jeff Trawick]
*) Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
*) Add support for OSX Mountain Lion (10.8) [Jim Jagielski]
*) Add various gcc function attributes. [Stefan Fritsch]
*) Fix some problems in apr_sockaddr_info_get() when trying to resolve
the loopback addresses of a protocol family that is not otherwise
configured on the system. PR 52709. [Nirgal Vourgère
<jmv_deb nirgal com>, Stefan Fritsch]
*) Fix file not being unlocked if truncate call on a file fails.
[Mladen Turk]
*) apr_mcast_hops: Fix EINVAL for IPv6 sockets caused by using byte
instead integer for setsockopt. [Mladen Turk]
*) Windows: Fix compile-time checks for 64-bit builds, resolving a
crash in httpd's mod_rewrite. PR 49155. [<anindyabaruah gmail.com>]
Revision 1.35 / (download) - annotate - [select for diffs], Sun Mar 11 12:17:46 2012 UTC (11 years, 6 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2,
pkgsrc-2013Q1-base,
pkgsrc-2013Q1,
pkgsrc-2012Q4-base,
pkgsrc-2012Q4,
pkgsrc-2012Q3-base,
pkgsrc-2012Q3,
pkgsrc-2012Q2-base,
pkgsrc-2012Q2,
pkgsrc-2012Q1-base,
pkgsrc-2012Q1
Changes since 1.34: +4 -6
lines
Diff to previous 1.34 (colored)
Update to 1.4.5
Changelog:
Changes for APR 1.4.5
*) Security: CVE-2011-1928
apr_fnmatch(): Fix high CPU loop. [William Rowe]
*) Fix top_builddir in installed apr_rules.mk. [Bojan Smojver]
Changes for APR 1.4.4
*) Windows: Fix command-line builds. [William Rowe]
Revision 1.33.2.1 / (download) - annotate - [select for diffs], Sun Feb 12 01:36:32 2012 UTC (11 years, 7 months ago) by sbd
Branch: pkgsrc-2011Q4
Changes since 1.33: +3 -1
lines
Diff to previous 1.33 (colored) next main 1.34 (colored)
Pullup ticket #3679 - requested by spz devel/apr security update Revisions pulled up: - devel/apr/Makefile 1.68 - devel/apr/distinfo 1.34 - devel/apr/patches/patch-tables_apr__hash.c 1.1 - devel/apr/patches/patch-test_testhash.c 1.1 --- Module Name: pkgsrc Committed By: spz Date: Sat Feb 11 12:44:09 UTC 2012 Modified Files: pkgsrc/devel/apr: Makefile distinfo Added Files: pkgsrc/devel/apr/patches: patch-tables_apr__hash.c patch-test_testhash.c Log Message: fix CVE-2012-0840 with patches taken from the Apache svn
Revision 1.34 / (download) - annotate - [select for diffs], Sat Feb 11 12:44:09 2012 UTC (11 years, 7 months ago) by spz
Branch: MAIN
Changes since 1.33: +3 -1
lines
Diff to previous 1.33 (colored)
fix CVE-2012-0840 with patches taken from the Apache svn
Revision 1.33 / (download) - annotate - [select for diffs], Sat Nov 19 21:16:22 2011 UTC (11 years, 10 months ago) by alnsn
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base
Branch point for: pkgsrc-2011Q4
Changes since 1.32: +3 -1
lines
Diff to previous 1.32 (colored)
Add patches from upstream bug #51851. https://issues.apache.org/bugzilla/show_bug.cgi?id=51851
Revision 1.32 / (download) - annotate - [select for diffs], Sun May 22 22:41:00 2011 UTC (12 years, 4 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2
Changes since 1.31: +4 -5
lines
Diff to previous 1.31 (colored)
Update "apr" package to version 1.4.5. Change since version 1.4.4: - Security: CVE-2011-1928 apr_fnmatch(): Fix high CPU loop. [William Rowe] - Fix top_builddir in installed apr_rules.mk. [Bojan Smojver] Please note the fix for CVE-2011-1928 was previously already integrated as a patch.
Revision 1.29.4.2 / (download) - annotate - [select for diffs], Sat May 21 09:02:08 2011 UTC (12 years, 4 months ago) by tron
Branch: pkgsrc-2011Q1
Changes since 1.29.4.1: +2 -1
lines
Diff to previous 1.29.4.1 (colored) to branchpoint 1.29 (colored) next main 1.30 (colored)
Pullup ticket #3436 - requested by drochner
devel/apr: security patch
Revisions pulled up:
- devel/apr/Makefile 1.63
- devel/apr/distinfo 1.31
- devel/apr/patches/patch-aa 1.5
---
Module Name: pkgsrc
Committed By: drochner
Date: Fri May 20 09:23:16 UTC 2011
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Added Files:
pkgsrc/devel/apr/patches: patch-aa
Log Message:
add patch from upstream tp fix a regression in the last release
which could cause hangs
bump PKGREV
Revision 1.31 / (download) - annotate - [select for diffs], Fri May 20 09:23:15 2011 UTC (12 years, 4 months ago) by drochner
Branch: MAIN
Changes since 1.30: +2 -1
lines
Diff to previous 1.30 (colored)
add patch from upstream tp fix a regression in the last release which could cause hangs bump PKGREV
Revision 1.29.4.1 / (download) - annotate - [select for diffs], Sun May 15 09:32:37 2011 UTC (12 years, 4 months ago) by sbd
Branch: pkgsrc-2011Q1
Changes since 1.29: +4 -4
lines
Diff to previous 1.29 (colored)
Pullup ticket #3427 - requested by tron
devel/apr security update
Revisions pulled up:
- devel/apr/Makefile 1.62
- devel/apr/distinfo 1.30
---
Module Name: pkgsrc
Committed By: tron
Date: Wed May 11 18:07:16 UTC 2011
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Log Message:
Update "apr" package to version 1.4.2. Changes since version 1.4.4:
- Reimplement apr_fnmatch() from scratch using a non-recursive
algorithm; now has improved compliance with the fnmatch() spec.
[William Rowe]
- Fix environment-related crash using some non-standard builds on
Windows 7/Server 2008. [Steve Hay <SteveHay planit.com>]
- poll, pollset, pollcb on Windows: Handle calls with no file/socket
descriptors. Bug 49882. [Stefan Ruppert <sr myarm.com>, Jeff Trawick]
- Fix APR_IPV6_V6ONLY issues on Windows related to run-time behavior
on Windows older than Vista and SDK/MinGW levels without IPV6_V6ONLY.
Bug 45321. [Sob <sob hisoftware.cz>]
- Fix address handling when accepting an AF_INET socket from a socket
bound as AF_INET6. Bug 49678. [Joe Orton]
- Fix error return values from apr_sockaddr_info_get() on Windows for
IPv6 builds. [Ivan Zhakov <ivan visualsvn.com>]
- Add new experimental configure option --enable-allocator-uses-mmap to
use mmap instead of malloc in apr_allocator_alloc(). This greatly reduces
memory fragmentation with malloc implementations (e.g. glibc) that
don't handle allocationss of a page-size-multiples in an efficient way.
It also makes apr_allocator_max_free_set() actually have some effect
on such platforms. [Stefan Fritsch]
- configure: Support 64 and 32 bit universal builds for Darwin/
OS X 10.6+. [Jim Jagielski]
- apr_sockaddr_info_get() on AIX: Fix a problem which could set
the port field in the native socket address to 1 when 0 was
specified. Bug 46964. [Jeff Trawick]
- configure: Make definition of apr_ino_t independent of
_FILE_OFFSET_BITS even on platforms where ino_t is 'unsigned int'.
[Stefan Fritsch]
- apr_ring: Workaround for aliasing problem that causes gcc 4.5 to
miscompile some brigade related code. Bug 50190. [Stefan Fritsch]
- apr_file_flush_locked(): Handle short writes. [Stefan Fritsch]
- apr_pollset_create_ex(): Trap errors from pollset providers.
Bug 49094. [Sami Tolvanen <sami.tolvanen mywot.com>]
- apr_pollset_create*(): Fix memory lifetime problem with the wakeup
pipe when the pollset was created with APR_POLLSET_NOCOPY.
[Neil Conway <nrc cs.berkeley.edu>]
- Fix detection of some Linux variants when configure is built with
recent GNU tools. [Eric Covener]
- Avoid a redundant fcntl() call in apr_file_open() where O_CLOEXEC
is supported. Bug 46297. [Joe Orton]
- Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
Revision 1.30 / (download) - annotate - [select for diffs], Wed May 11 18:07:16 2011 UTC (12 years, 4 months ago) by tron
Branch: MAIN
Changes since 1.29: +4 -4
lines
Diff to previous 1.29 (colored)
Update "apr" package to version 1.4.2. Changes since version 1.4.4: - Reimplement apr_fnmatch() from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch() spec. [William Rowe] - Fix environment-related crash using some non-standard builds on Windows 7/Server 2008. [Steve Hay <SteveHay planit.com>] - poll, pollset, pollcb on Windows: Handle calls with no file/socket descriptors. Bug 49882. [Stefan Ruppert <sr myarm.com>, Jeff Trawick] - Fix APR_IPV6_V6ONLY issues on Windows related to run-time behavior on Windows older than Vista and SDK/MinGW levels without IPV6_V6ONLY. Bug 45321. [Sob <sob hisoftware.cz>] - Fix address handling when accepting an AF_INET socket from a socket bound as AF_INET6. Bug 49678. [Joe Orton] - Fix error return values from apr_sockaddr_info_get() on Windows for IPv6 builds. [Ivan Zhakov <ivan visualsvn.com>] - Add new experimental configure option --enable-allocator-uses-mmap to use mmap instead of malloc in apr_allocator_alloc(). This greatly reduces memory fragmentation with malloc implementations (e.g. glibc) that don't handle allocationss of a page-size-multiples in an efficient way. It also makes apr_allocator_max_free_set() actually have some effect on such platforms. [Stefan Fritsch] - configure: Support 64 and 32 bit universal builds for Darwin/ OS X 10.6+. [Jim Jagielski] - apr_sockaddr_info_get() on AIX: Fix a problem which could set the port field in the native socket address to 1 when 0 was specified. Bug 46964. [Jeff Trawick] - configure: Make definition of apr_ino_t independent of _FILE_OFFSET_BITS even on platforms where ino_t is 'unsigned int'. [Stefan Fritsch] - apr_ring: Workaround for aliasing problem that causes gcc 4.5 to miscompile some brigade related code. Bug 50190. [Stefan Fritsch] - apr_file_flush_locked(): Handle short writes. [Stefan Fritsch] - apr_pollset_create_ex(): Trap errors from pollset providers. Bug 49094. [Sami Tolvanen <sami.tolvanen mywot.com>] - apr_pollset_create*(): Fix memory lifetime problem with the wakeup pipe when the pollset was created with APR_POLLSET_NOCOPY. [Neil Conway <nrc cs.berkeley.edu>] - Fix detection of some Linux variants when configure is built with recent GNU tools. [Eric Covener] - Avoid a redundant fcntl() call in apr_file_open() where O_CLOEXEC is supported. Bug 46297. [Joe Orton] - Improve platform detection by updating config.guess and config.sub. [Rainer Jung]
Revision 1.29 / (download) - annotate - [select for diffs], Mon Nov 1 17:20:03 2010 UTC (12 years, 10 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4
Branch point for: pkgsrc-2011Q1
Changes since 1.28: +4 -4
lines
Diff to previous 1.28 (colored)
Changes 1.4.2: * Undo a crash-bug introduced in 1.3.9 affecting some applications of the apr hash and table structures, reported to affect Subversion Changes 1.4.1: * Win32: Properly handle the ERROR_DIRECTORY system error code. Changes 1.4.0: * Add apr_global_mutex_lockfile() for retrieving the file, if any, associated with the mutex. Add apr_global_mutex_name() for retrieving the name of the lock mechanism used by the underlying proc mutex. * Add apr_socket_atreadeof to determine whether the receive part of the socket has been closed by the peer. * Make apr_pollset and apr_pollcb implementations using providers. Added apr_pollset_create_ex and apr_pollcb_create_ex that allows choosing non-default providers. * apr_temp_dir_get() now checks the TMPDIR environment variable first, instead of third. * Add apr_file_sync() and apr_file_datasync() calls. * apr_pollset_wakeup() on Windows: Fix core caused by closing the file_socket_pipe with standard file_close. * Introduce apr_hash_do() for iterating over a hash table. * Make sure WIN32 behaves the same as posix for file-backed shared memory by removing the file on cleanup/remove. * Introduce apr_pollset_wakeup() for interrupting the blocking apr_pollset_poll() call. * Add apr_file_link() function.
Revision 1.27.2.1 / (download) - annotate - [select for diffs], Wed Dec 2 23:21:28 2009 UTC (13 years, 9 months ago) by tron
Branch: pkgsrc-2009Q3
Changes since 1.27: +4 -4
lines
Diff to previous 1.27 (colored) next main 1.28 (colored)
Pullup ticket #2492 - requested by fhajny
apr: security update
Revisions pulled up:
- devel/apr/Makefile 1.60
- devel/apr/distinfo 1.28
---
Module Name: pkgsrc
Committed By: fhajny
Date: Wed Dec 2 11:36:27 UTC 2009
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Log Message:
Update to 1.3.9 (security fix).
Changes for APR 1.3.9
*) SECURITY: CVE-2009-2699 (cve.mitre.org)
Faulty error handling in the Solaris pollset support
(Event Port backend) which could trigger hangs in the prefork
and event MPMs on that platform. PR 47645. [Jeff Trawick]
Revision 1.28 / (download) - annotate - [select for diffs], Wed Dec 2 11:36:27 2009 UTC (13 years, 9 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4
Changes since 1.27: +4 -4
lines
Diff to previous 1.27 (colored)
Update to 1.3.9 (security fix).
Changes for APR 1.3.9
*) SECURITY: CVE-2009-2699 (cve.mitre.org)
Faulty error handling in the Solaris pollset support
(Event Port backend) which could trigger hangs in the prefork
and event MPMs on that platform. PR 47645. [Jeff Trawick]
Revision 1.25.2.2 / (download) - annotate - [select for diffs], Fri Aug 7 18:44:33 2009 UTC (14 years, 1 month ago) by spz
Branch: pkgsrc-2009Q2
Changes since 1.25.2.1: +4 -4
lines
Diff to previous 1.25.2.1 (colored) to branchpoint 1.25 (colored) next main 1.26 (colored)
Pullup ticket 2856 - requested by gdt
security update
Revisions pulled up:
- pkgsrc/devel/apr/Makefile 1.59
- pkgsrc/devel/apr/distinfo 1.27
Module Name: pkgsrc
Committed By: gdt
Date: Fri Aug 7 14:29:44 UTC 2009
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Log Message:
Update to 1.3.8 (security fix).
Changes for APR 1.3.8
*) SECURITY: CVE-2009-2412 (cve.mitre.org)
Fix overflow in pools and rmm, where size alignment was taking place.
[Matt Lewis <mattlewis@google.com>, Sander Striker]
*) Make sure that "make check" is used in the RPM spec file, consistent
with apr-util. [Graham Leggett]
*) Pass default environment to testflock, testoc and testpipe children,
so that tests run when APR is compiled with Intel C Compiler.
[Bojan Smojver]
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 pkgsrc/devel/apr/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/devel/apr/distinfo
Revision 1.27 / (download) - annotate - [select for diffs], Fri Aug 7 14:29:44 2009 UTC (14 years, 1 month ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base
Branch point for: pkgsrc-2009Q3
Changes since 1.26: +4 -4
lines
Diff to previous 1.26 (colored)
Update to 1.3.8 (security fix).
Changes for APR 1.3.8
*) SECURITY: CVE-2009-2412 (cve.mitre.org)
Fix overflow in pools and rmm, where size alignment was taking place.
[Matt Lewis <mattlewis@google.com>, Sander Striker]
*) Make sure that "make check" is used in the RPM spec file, consistent
with apr-util. [Graham Leggett]
*) Pass default environment to testflock, testoc and testpipe children,
so that tests run when APR is compiled with Intel C Compiler.
[Bojan Smojver]
Revision 1.25.2.1 / (download) - annotate - [select for diffs], Fri Aug 7 12:22:17 2009 UTC (14 years, 1 month ago) by spz
Branch: pkgsrc-2009Q2
Changes since 1.25: +4 -4
lines
Diff to previous 1.25 (colored)
Pullup ticket 2854 - requested by tron
security update
Revisions pulled up:
- pkgsrc/devel/apr-util/Makefile 1.14
- pkgsrc/devel/apr-util/Makefile 1.8
- pkgsrc/devel/apr/Makefile 1.58
- pkgsrc/devel/apr/distinfo 1.26
Module Name: pkgsrc
Committed By: schmonz
Date: Fri Jul 24 13:09:32 UTC 2009
Modified Files:
pkgsrc/devel/apr-util: Makefile
Log Message:
Configure --without-sqlite2 in case it's unavoidably on the include path.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/apr-util/Makefile
-----
Module Name: pkgsrc
Committed By: tonnerre
Date: Tue Aug 4 10:09:35 UTC 2009
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Log Message:
Update to apr version 1.3.7, which, other than 1.3.5, is still downloadable.
Changes since 1.3.5:
- On Linux/hppa flock() returns EAGAIN instead of EWOULDBLOCK. This
causes proc mutex failures.
- Set CLOEXEC flags where appropriate. Either use new O_CLOEXEC flag and
associated functions, such as dup3(), accept4(), epoll_create1() etc.,
or simply set CLOEXEC flag using fcntl().
- More elaborate detection for dup3(), accept4() and epoll_create1().
To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.58 pkgsrc/devel/apr/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/devel/apr/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
-----
Module Name: pkgsrc
Committed By: tonnerre
Date: Tue Aug 4 10:13:04 UTC 2009
Modified Files:
pkgsrc/devel/apr-util: Makefile distinfo
Log Message:
Upgrade apr-util to version 1.3.8, which, unlike 1.3.7, is still downloadab=
le.
Changes since 1.3.7:
- Use locally scoped variables in PostgreSQL driver to avoid stomping
on return codes.
- Fix race conditions in initialisation of DBD, DBM and DSO.
- Expose DBM libs in apu-1-config by default. To avoid that, use
apu-1-config --avoid-dbm --libs. To get just DBM libs, use
apu-1-config --dbm-libs.
- Make sure --without-ldap works.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/apr-util/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/devel/apr-util/distinfo
-----
Module Name: pkgsrc
Committed By: tron
Date: Fri Aug 7 10:39:24 UTC 2009
Modified Files:
pkgsrc/devel/apr-util: Makefile distinfo
Log Message:
Update "apr-util" package to version 1.3.8. Changes since 1.3.9:
- SECURITY: CVE-2009-2412 (cve.mitre.org)
Fix overflow in rmm, where size alignment was taking place.
[Matt Lewis <mattlewis@google.com>, Sander Striker]
- Make sure that "make check" is used in the RPM spec file, so that
the crypto, dbd and dbm tests pass. [Graham Leggett]
- Make sure the mysql version of dbd_mysql_get_entry() respects the
rule that if the column number exceeds the number of columns, we
return NULL. [Graham Leggett]
- Ensure the dbm module is packaged up correctly in the RPM.
[Graham Leggett]
- Clarify the error messages within the dbd tests. [Graham Leggett]
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/apr-util/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/devel/apr-util/distinfo
Revision 1.26 / (download) - annotate - [select for diffs], Tue Aug 4 10:09:35 2009 UTC (14 years, 1 month ago) by tonnerre
Branch: MAIN
Changes since 1.25: +4 -4
lines
Diff to previous 1.25 (colored)
Update to apr version 1.3.7, which, other than 1.3.5, is still downloadable. Changes since 1.3.5: - On Linux/hppa flock() returns EAGAIN instead of EWOULDBLOCK. This causes proc mutex failures. - Set CLOEXEC flags where appropriate. Either use new O_CLOEXEC flag and associated functions, such as dup3(), accept4(), epoll_create1() etc., or simply set CLOEXEC flag using fcntl(). - More elaborate detection for dup3(), accept4() and epoll_create1().
Revision 1.25 / (download) - annotate - [select for diffs], Mon Jun 8 14:23:10 2009 UTC (14 years, 3 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base
Branch point for: pkgsrc-2009Q2
Changes since 1.24: +4 -4
lines
Diff to previous 1.24 (colored)
Update "apr" package to version 1.3.3. Changes since version 1.3.5: - Dropped kqueue and apr_poll detection from Mac OS/X 10.5/Darwin 9 due to various reported problems. - apr_strerror() on OS/2: Fix problem with calculating buffer size. Bug 45689. - Prefer glibtool1/glibtoolize1. - Fix buildconf with libtool 2.2. - Fix a bug with the APR_DELONCLOSE flag. Child processes were (also) unlinking the file. - Fix compilation error on systems that do not have IPV6. Bug 46601 - apr_socket_sendfile() on Solaris: Fix handling of files truncated after the sender determines the length. (This fixes a busy loop in httpd when a file being served is truncated.) - Fix documentation for apr_temp_dir_get(). Bug 46303 - Add AC_MSG_RESULT after AC_MSG_CHECKING. Bug 46427 - Reset errno to zero in apr_strtoi64 to prevent returning an errno not equal zero in cases where the operation worked fine. - Win32: Do not error out on apr_pollset_poll() when there are no sockets. - Fix apr_tokenize_to_argv parsing. Bug 46128
Revision 1.24 / (download) - annotate - [select for diffs], Sat Sep 6 16:39:25 2008 UTC (15 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.23: +4 -4
lines
Diff to previous 1.23 (colored)
Update to 1.3.3:
Changes for APR 1.3.3
*) Rename apr_pool_create_core to apr_pool_create_unmanaged and
deprecate the old API name. It better reflects the scope and usage
of this function. [Mladen Turk]
*) Use proper return code for fcntl-based apr_proc_mutex_trylock()
on platforms that return EACCES instead of EAGAIN when the lock
is already held (AIX, HP-UX).
[Eric Covener]
*) Fix APR_PID_T_FMT detection on Solaris. PR 45513
[Rainer Jung <rainer.jung kippdata.de>]
Changes for APR 1.3.2
*) Fix getservbyname_r() detection. [Ruediger Pluem]
Changes for APR 1.3.1
*) Fix win32 apr.hw to pick up XP/2003 TCP/IP multicast constants and
revert to IPV6 disabled-by-default (a change present only in 1.3.0).
[William Rowe]
*) Fix autoconf cached detection of atomic builtins. [Jim Jagielski]
*) Use thread safe versions of getservbyname(). [Bojan Smojver]
*) Use thread safe getpass_r on Netware. [Guenter Knauf]
Changes for APR 1.3.0
*) Fix Solaris poll failure. PR 43000
[Henry Jen <henryjen ztune.net>]
*) apr_getservbyname(): Use proper method for converting port
to host byte order. PR 44903.
[Chris Taylor <ctaylor wadeford.plus.com>]
*) Use /dev/urandom in preference to /dev/random as entropy source
for apr_generate_random_bytes. PR 44881. [Bojan Smojver]
*) Implement apr_proc_wait_all_procs for windows.
The implementation uses tool help library present
on Windows 2000 and later. APR_ENOTIMPL is returned
on platforms missing tool help from kernel32.dll.
[Mladen Turk]
*) Introduce apr_pool_pre_cleanup_register() for registering
a cleanup that is called before any subpool is destroyed
within apr_pool_clear or apr_pool_destroy.
This allows to register a cleanup that will notify subpools
about its inevitable destruction.
[Mladen Turk]
*) Introduce apr_pool_create_core_ex() for creation of standalone
pools without parent. This function should be used for short
living pools, usually ones that are created and destroyed
either in a loop or inside function call. Since the pools
created with this function doesn't have a parent they must
be explicitly destroyed when done.
[Mladen Turk]
*) Fix return value when apr_pollset_poll interrupted.
PR 42580 [Basant Kumar Kukreja <basant.kukreja sun.com>]
*) Add missing semi-colon in Win9x code path of apr_file_open that breaks
Win9X Debug builds. PR 44329. [Curt Arnold]
*) z/OS: return standard apr_status_t codes from apr_dso_load()
and apr_dso_sym(). [David Jones <oscaremma gmail.com>]
*) Fix the make test target in the spec file. [Graham Leggett]
*) Fix DSO-related crash on z/OS caused by incorrect memory
allocation. [David Jones <oscaremma gmail.com>]
*) Implement Darwin-semantic (9.0.0 and later) sendfile support.
Use writev in lieu of hdtr vecs since how Darwin counts the
data is undocumented. [Geoff Greer <angryparsley mipsisrisc.com>,
William Rowe, Jim Jagielski]
*) Implemented the APR_FOPEN_SPARSE flag, permits win32 to create
sparse data files. Also bestow apr_fileinfo_t csize field for
Windows versions 2000 and later, which helps in the detection
that a sparse file is truly in use (see test/testlfs.c for an
example, because different filesystems can vary in behavior
even on an OS supporting sparse files). [William Rowe]
*) Corrected for Darwin and others to toggle APR_HAS_LARGE_FILES
where large off_t's are enabled without any extra defines, hints
or additional functions. This is binary compatible, but apps
may need to be recompiled to take full advantage depending on how
they detect this feature. [William Rowe]
*) Implement apr_atomic_casptr() and apr_atomic_xchgptr() for z/OS.
[David Jones <oscaremma gmail.com>]
*) Introduce apr_file_pipe_create_ex() to portably permit one pipe
end or another to be entirely blocking for non-APR applications
(e.g. stdio streams) and the other (or both ends) non blocking,
with a timeout of 0 by default.
[William Rowe]
*) apr_procattr_io_set() on Windows: Set non-blocking pipe handles
to a default timeout of 0, following the Unix default. No effect
on pipe handles configured to block. PR 43522.
[Eric Covener <covener gmail.com>]
*) apr_file_write() on Windows: Fix return code when writing to a non-
blocking pipe would have blocked. PR 43563.
[Eric Covener <covener gmail.com>]
*) Introduce APR_NO_FILE as an option to apr_procattr_io_set() for any
of the three stdio streams to cause the corresponding streams to be
closed to the child process. This becomes effective in 1.3.0 across
platforms (equivilant to APR_NO_PIPE in 1.2.x except on Win32.)
[William Rowe]
*) Solve WinNT inherited pipe leaks by mutexing apr_proc_create calls,
on WinNT (not WinCE, nor 9x) so that we toggle the inherited state
of the stdin/out/err pipes. All other file handles are treated as
not-inherited until apr_file_dup2'ed a std handle of this process,
or while they are used by apr_proc_create. [William Rowe]
*) Define the Mac OS/X filesystem_encoding as utf-8 (in previous
releases the interpretation would vary). [Branko ibej]
*) Add table cloning (deep copy) convenience function.
[Davi Arnaut]
*) Rework the WIN32 CV code to signal the condition only if one or
more threads are blocked on the condition variable. If no threads
are waiting on the condition variable, nothing happens. The change
also eliminates the thundering-herd problem of the manual-reset
event, which (theoretically) wakes up all threads waiting on. Now
the behavior of the CV's should be the same on Unix and win32
platforms. PR 42305. [Davi Arnaut]
*) Define SEM_FAILED if it isn't already defined, as the proc mutex
code already does it. Also search for the sem_open function in
the realtime library. (This fixes HP-UX sem_open detection).
[Davi Arnaut]
*) Define the _HPUX_SOURCE feature test macro to obtain maximum
functionality.
PR 42261. [Davi Arnaut]
*) Stop invoking the testshm* helpers upon 'make test' invocation.
[Kurt Miller <kurt intricatesoftware.com>]
*) Register a cleanup only if APR_FILE_NOCLEANUP was not flagged in
apr_file_mktemp. [Brian J. France <list firehawksystems.com>]
*) Numerous build fixes for non-GCC builds and GCC builds on Win32,
as well as WinCE builds. [Davi Arnaut <davi haxent.com.br>,
Curt Arnold <carnold apache.org>, John Mark Vandenberg,
Kouhei Sutou <kou cozmixng.org>, William Rowe]
*) Discard file buffers when running cleanups for exec.
PR 41119. [Davi Arnaut <davi haxent.com.br>, Bojan Smojver]
*) Improve thread safety of assorted file_io functions.
PR 42400. [Davi Arnaut <davi haxent.com.br>]
*) Add the apr_pollcb API as an alternative more efficient method
of polling sockets, compared to apr_pollset. [Paul Querna]
*) Fix possible crash in apr_pool_initialize() when built with
verbose pool debugging. PR 41063.
[Peter Steiner <peter.steiner+apache hugwi.ch>]
*) Fix --disable-ipv6 build on platforms with getifaddrs().
PR 39199. [Joe Orton]
*) Correctly retrieve 'empty' environment values with apr_env_get
on Win32 (e.g. "VAR="), and added validation to testall suite.
PR 40764. [Issac Goldstand <margol beamartyr.net>]
*) Portably check for EEXIST in mktemp code. PR 40818
[Kenneth Golomb <KGolomb TradeCard.com>]
*) Fix apr_socket_recvfrom() to ensure the peer's address is returned
through the "from" parameter. [Joe Orton]
*) Fix error checking in kqueue, epoll and event port versions of
apr_pollset_create. PR 40660, 40661, 40662
[Larry Cipriani <lvc lucent.com>]
*) Add some documentation on the format matched by apr_fnmatch.
[David Glasser <glasser mit.edu>]
*) Add apr_hash_clear. [Daniel L. Rall <dlr apache.org>]
*) Don't try to build apr_app.c on MinGW.
[Matthias Miller <Blog outofhanwell.com>]
*) Fix the timeout converstion in apr_pollset with the KQueue
backend. [Marco Molteni <mmolteni cisco.com>]
*) Support MinGW. [John Vandenberg, Justin Erenkrantz]
*) Implement apr_thread_yield on Unix in terms of pthread_yield or
sched_yield. [Keisuke Nishida <keisuke.nishida gmail.com>]
*) Provide folding in autogenerated .manifest files for Win32 builders
using VisualStudio 2005 [William Rowe]
*) Utilise Solaris' native atomic_* functions for apr_atomics
where appropriate. [Colm MacCárthaigh]
*) Make apr_socket_recvfrom initialize the port field in the from
sockaddr. PR 39325 [Anthony Minessale <anthmct yahoo.com>]
*) NetBSD: Avoid leaving zombie process when using apr_signal()
to ignore SIGCHLD. PR 36750. [Todd Vierling <tv pobox.com>]
*) Implement support for apr_proc_mutex_trylock() on Unix platforms.
PR 38785. [Chris Darroch <chrisd pearsoncmg.com>]
*) APR_FIND_APR macro now supports customisable detailed checks on
each installed apr. [Justin Erenkrantz, Colm MacCárthaigh]
*) APR_FIND_APR macro no longer checks /usr/local/apache2/
[Colm MacCárthaigh]
*) Add APR_POLLSET_NOCOPY option to apr_pollset API to eliminate
O(n)-time lookup in apr_pollset_remove() (currently implemented
only for epoll). [Brian Pane]
*) Add apr_file_buffer_set() and apr_file_buffer_size_get() functions
to support variable buffer sizes with APR file handles.
[Colm MacCárthaigh]
*) Add apr_file_open_flags_std[err|out|in]() functions.
[Colm MacCárthaigh]
*) stdio: apr_file_open_std[err|out|in]() functions now set the APR_WRITE
or APR_READ flag as appropriate. [Colm MacCárthaigh]
*) multicast: apr_mcast_*() no longer return APR_ENOTIMPL when invoked
for non-UDP/RAW sockets. The caller is expected to ensure that the
socket-type is suitable for multicast. [Colm MacCárthaigh]
*) Add apr_sockaddr_ip_getbuf() function. [Joe Orton]
*) Fix handling of %pI in apr_psprintf. [Joe Orton]
*) Provide APR_VERSION_AT_LEAST() macro for applications which
want to enable features based on a required level of APR.
[Jeff Trawick]
*) jlibtool: Teach to use static libraries with -static.
[Justin Erenkrantz]
*) Fix checks for alloca() support in configure. PR 13037.
[Noah Misch <noah cs.caltech.edu>]
*) Add %pm support to apr_snprintf() for printing the error string
corresponding to an apr_status_t value. [Joe Orton]
*) Add APR_ARRAY_IDX() and APR_ARRAY_PUSH() convenience macros to
apr_tables.h. [Garrett Rooney]
Revision 1.23 / (download) - annotate - [select for diffs], Sun Dec 9 22:08:32 2007 UTC (15 years, 9 months ago) by jklos
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
cwrapper
Changes since 1.22: +4 -4
lines
Diff to previous 1.22 (colored)
Updated to 1.2.12. This includes apr_socket_sendfile for OS X 10.5.
Revision 1.22 / (download) - annotate - [select for diffs], Thu Oct 11 09:12:09 2007 UTC (15 years, 11 months ago) by tron
Branch: MAIN
Changes since 1.21: +4 -4
lines
Diff to previous 1.21 (colored)
Update "apr" package to version 1.2.11. Changes since version 1.2.9: - Win32 apr_file_read; Correctly handle completion-based read-to-EOF. - Fixed Win32 regression of stdout inheritance in apr_proc_create. - Solve winNT inherited pipe leaks by mutexing apr_proc_create calls, on WinNT (not WinCE, nor 9x) so that we toggle the inherited state of the stdin/out/err pipes. All other file handles are treated as not-inherited until apr_file_dup2'ed a std handle of this process, or while they are used by apr_proc_create. - Define the Mac OS/X filesystem_encoding as utf-8 (in previous releases the interpretation would vary). - Fix day of year (tm_day) calculation for July. The bug only affects Windows builds. Apache Bug #42953. - Fix LFS detection when building over NFS. The mode must be specified when O_CREAT is in the flags to open(). Apache Bug #42821. - Avoid overwriting the hash_mutex table for applications that incorrectly calls apr_atomic_init(). Apache Bug #42760. - Allow IPv6 connectivity test to fail, avoiding a potentially fatal error. - The MinGW Windows headers effectively redefines WINADVAPI from __stdcall to empty which results in a link failure when wincrypt.h is placed after an include to apr_private.h. Apache Bug #42293. - Define SEM_FAILED if it isn't already defined, as the proc mutex code already does it. Also search for the sem_open function in the realtime library. (This fixes HP-UX sem_open detection). - Define the _HPUX_SOURCE feature test macro to obtain maximum functionality. Fixes broken sendfile with LFS support on HP-UX. Apache Bug #42261.
Revision 1.21 / (download) - annotate - [select for diffs], Wed Sep 5 13:47:36 2007 UTC (16 years ago) by xtraeme
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base,
pkgsrc-2007Q3
Changes since 1.20: +4 -4
lines
Diff to previous 1.20 (colored)
Update to 1.2.9:
*) Stop invoking the testshm* helpers upon 'make test' invocation.
[Kurt Miller <kurt intricatesoftware.com>]
*) Register a cleanup only if APR_FILE_NOCLEANUP was not flagged in
apr_file_mktemp. [Brian J. France <list firehawksystems.com>]
*) Numerous build fixes for non-GCC builds and GCC builds on Win32,
as well as WinCE builds.
*) Discard file buffers when running cleanups for exec.
*) If apr_proc_create() fails to exec in the fork()ed child, call
_exit() not exit() to avoid running atexit()-registered functions
in the child. [Joe Orton]
*) Improve thread safety of assorted file_io functions.
[Davi Arnaut <davi haxent.com.br>]
*) Fix file pointer position calculation in apr_file_writev() on
buffered file. [Davi Arnaut <davi haxent.com.br>]
*) Fix formatting of unsigned integers larger than 2^63 in the
vformatter/apr_*printf.
[Wynn Wilkes <wynn bungeelabs.com>]
*) Fix possible EFAULT failures in apr_socket_sendfile() on 32-bit
Solaris with LFS enabled.
*) Fix deadlock in apr_file_gets() for a file opened with both the
APR_BUFFERED and APR_XTHREAD flags.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Jan 24 19:46:45 2007 UTC (16 years, 8 months ago) by epg
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.19: +4 -13
lines
Diff to previous 1.19 (colored)
devel/apr:
Update to 1.2.8 (formerly in devel/apr1), no longer build from the
httpd distfile.
devel/rapidsvn:
devel/subversion-base:
parallel/ganglia-monitor-core:
security/hydra:
www/apache2:
Use devel/apr0.
www/apache22:
Use devel/apr and devel/apr-util.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Oct 4 21:51:31 2006 UTC (16 years, 11 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4
Changes since 1.18: +2 -1
lines
Diff to previous 1.18 (colored)
Added a patch to make the tests runnable on NetBSD. Sadly, they seem to reach an endless loop.
Revision 1.17.2.1 / (download) - annotate - [select for diffs], Fri Jul 28 12:52:28 2006 UTC (17 years, 1 month ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.17: +4 -4
lines
Diff to previous 1.17 (colored) next main 1.18 (colored)
Pullup ticket 1757 - requested by tron
security update for apache2
Revisions pulled up:
- pkgsrc/devel/apr/distinfo 1.18
Updated via patch provided by the submitter.
Module Name: pkgsrc
Committed By: tron
Date: Fri Jul 28 10:38:36 UTC 2006
Modified Files:
pkgsrc/devel/apr: distinfo
pkgsrc/www/apache2: Makefile Makefile.common distinfo options.mk
Log Message:
Update "apr" package to version 0.9.12.2.0.59 and "apache2" package
to version 2.0.59. Changes since *2.0.58:
- SECURITY: CVE-2006-3747 (cve.mitre.org)
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling. For some RewriteRules this could lead to a pointer being
written out of bounds. Reported by Mark Dowd of McAfee.
Revision 1.18 / (download) - annotate - [select for diffs], Fri Jul 28 10:38:36 2006 UTC (17 years, 1 month ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.17: +4 -4
lines
Diff to previous 1.17 (colored)
Update "apr" package to version 0.9.12.2.0.59 and "apache2" package to version 2.0.59. Changes since *2.0.58: - SECURITY: CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee.
Revision 1.17 / (download) - annotate - [select for diffs], Sun May 7 12:35:27 2006 UTC (17 years, 4 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.16: +4 -4
lines
Diff to previous 1.16 (colored)
Update "apr" package to version 0.9.12.2.0.58 and "apache" package
to version 2.0.58. Change since Apache relase 2.0.55:
- Legal: Restored original years in copyright notices.
- mod_cgid: run the get_suexec_identity hook within the request-handler
instead of within cgid. Apache#36410.
- core: Prevent read of unitialized memory in ap_rgetline_core.
Apache#39282.
- mod_proxy: Report the proxy server name correctly in the "Via:" header,
when UseCanonicalName is Off. Apache#11971.
- mod_isapi: Various trivial code-fixes to permit mod_isapi to load and
run on Unix.
- HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>.
- SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
Apache#37791.
- SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
to avoid potential cross-site scripting. Change also made to
ap_escape_html so we escape quotes. Reported by JPCERT.
- Add APR/APR-Util Compiled and Runtime Version numbers to the
output of 'httpd -V'.
- Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
- Default handler: Don't return output filter apr_status_t values.
Apache#31759.
- mod_speling: Stop crashing with certain non-file requests.
- keep the Content-Length header for a HEAD with no response body.
Apache#18757
- Modify apr[util] .h detection to avoid breakage on VPATH builds
using Solaris make (amoung others) and avoid breakage in ./buildconf
when srclib/apr[-util] are symlinks rather than directories proper.
- Avoid server-driven negotiation when a CGI script has emitted an
explicit "Status:" header. Apache#38070.
- mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
format is used. Apache#27787.
- mod_cache: Correctly handle responses with a 301 status. Apache#37347.
- mod_proxy_http: Prevent data corruption of POST request bodies when
client accesses proxied resources with SSL. Apache#37145.
- Elimiated the NET_TIME filter, restructuring the timeout logic.
This provides a working mod_echo on all platforms, and ensures any
custom protocol module is at least given an initial timeout value
based on the <VirtualHost > context's Timeout directive.
- mod_ssl: Correct issue where mod_ssl does not pick up the
ssl-unclean-shutdown setting when configured. Apache#34452.
- Document the ReceiveBufferSize change done in r157583.
- mod_deflate: Merge the Vary header, instead of Setting it. Fixes
applications that send the Vary Header themselves. Apache#37559.
- mod_dav: Fix a null pointer dereference in an error code path during the
handling of MKCOL.
- mod_mime_magic: Handle CRLF-format magic files so that it works with
the default installation on Windows.
- Write message to error log if AuthGroupFile cannot be opened.
Apache#37566.
- Add ReceiveBufferSize directive to control the TCP receive buffer.
- mod_cache: Fix 'Vary: *' behavior to be RFC compliant. Apache#16125.
- Remove the base href tag from proxy_ftp, as it breaks relative
links for clients not using an Authorization header.
- http_request.c: Add missing va_end call.
- Add httxt2dbm to support/ for creating RewriteMap DBM Files.
- support/check_forensic: Fix temp file usage
- Chunk filter: Fix chunk filter to create correct chunks in the case that
a flush bucket is surrounded by data buckets.
- mod_cgi(d): Remove block on OPTIONS method so that scripts can
respond to OPTIONS directly rather than via server default.
Apache#15242
- Added new module mod_version, which provides version dependent
configuration containers.
- Add core version query function (ap_get_server_revision) and
accompanying ap_version_t structure (minor MMN bump).
Revision 1.15.2.1 / (download) - annotate - [select for diffs], Tue Oct 18 21:21:27 2005 UTC (17 years, 11 months ago) by seb
Branch: pkgsrc-2005Q3
Changes since 1.15: +5 -5
lines
Diff to previous 1.15 (colored) next main 1.16 (colored)
Pullup ticket 838 - requested by Matthias Scheler
sync devel/apr and www/apache2 with HEAD as precautionary/preventive step
Revisions pulled up:
- devel/apr/Makefile 1.37
- devel/apr/distinfo 1.16
- devel/apr/patches/patch-ao 1.3
- www/apache2/Makefile 1.84
- www/apache2/Makefile.common 1.19
- www/apache2/PLIST 1.31
- www/apache2/distinfo 1.43,1.44
- www/apache2/patches/patch-ac 1.6
- www/apache2/patches/patch-ae removed
- www/apache2/patches/patch-af removed
- www/apache2/patches/patch-ah removed
- www/apache2/patches/patch-aj removed
- www/apache2/patches/patch-ao 1.7
Module Name: pkgsrc
Committed By: joerg
Date: Tue Oct 11 20:10:35 UTC 2005
Modified Files:
pkgsrc/www/apache2: distinfo
Added Files:
pkgsrc/www/apache2/patches: patch-ao
Log Message:
Allow mod_ssl to build with OpenSSL 0.9.8. The patch is from
Georg v. Zezschwitz on dev@httpd.apache.org.
---
Module Name: pkgsrc
Committed By: tron
Date: Mon Oct 17 10:28:46 UTC 2005
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
pkgsrc/devel/apr/patches: patch-ao
pkgsrc/www/apache2: Makefile
Log Message:
Update "apr" package to version 0.9.7. Changes since version 0.9.6:
- Fix crash in apr_dir_make_recursive() for relative path
when the working directory has been deleted. [Joe Orton]
- Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT,
returning APR_EBUSY. [Ronen Mizrahi <ronen@tversity.com>]
- Fix apr_file_read() to catch write failures when flushing pending
writes for a buffered file. [Joe Orton]
- Fix apr_file_write() infinite loop on write failure for buffered
files. [Erik Huelsmann <ehuels gmail.com>]
- Fix error handling where apr_uid_* and apr_gid_* could segfault
or return APR_SUCCESS in failure cases. Bug 34053. [Joe Orton,
Paul Querna]
- Refactor Win32 condition variables code to address bugs 27654, 34336.
[Henry Jen <henryjen ztune.net>, E Holyat <eholyat yahoo.com>]
- Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows. Bug 32177.
[Sim <sgobbi datamanagement.it>, Jeff Trawick]
- Fix detection of rwlocks on Mac OS X. [Aaron Bannert]
- Fix issue with poll() followed by net I/O yielding EAGAIN on
Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez]
Update based on patches supplied by Ben Collver. Addresses first part
of PR pkg/31817 by Zafer Aydogan.
---
Module Name: pkgsrc
Committed By: tron
Date: Mon Oct 17 10:37:11 UTC 2005
Modified Files:
pkgsrc/www/apache2: Makefile.common PLIST distinfo
pkgsrc/www/apache2/patches: patch-ac
Removed Files:
pkgsrc/www/apache2/patches: patch-ae patch-af patch-ah patch-aj
Log Message:
Update "apache2" package to version 2.0.55. Changes since version 2.0.54:
- worker MPM: Fix a memory leak which can occur after an aborted
connection in some limited circumstances. [Greg Ames]
- mod_ldap: Fix Bug 36563. Keep track of the number of attributes
retrieved from LDAP so that all of the values can be properly
cached even if the value is NULL.
[Brad Nicholes, Ondrej Sury <ondrej sury.org>]
- Added TraceEnable [on|off|extended] per-server directive to alter
the behavior of the TRACE method. This addresses a flaw in proxy
conformance to RFC 2616 - previously the proxy server would accept
a TRACE request body although the RFC prohibited it. The default
remains 'TraceEnable on'. [William Rowe]
- Add ap_log_cerror() for logging messages associated with particular
client connections. [Jeff Trawick]
- Correct mod_cgid's argv[0] so that the full path can be delved by the
invoked cgi application, to conform to the behavior of mod_cgi.
[Pradeep Kumar S <pradeep.smani gmail.com>]
- mod_include: Fix possible environment variable corruption when
using nested includes. Bug 12655. [Joe Orton]
- Support the suppress-error-charset setting, as with Apache 1.3.x.
Bug 31274. [Jeff Trawick]
- EBCDIC: Handle chunked input from client or, with proxy, origin
server. [Jeff Trawick]
- Fix bad globbing comparison which could result in getting
a directory listing when a file was requested. Bug 34512.
[sean <infamous41md hotmail.com>]
- Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker()
was called even if mod_auth_ldap_check_user_id() was not
(or if it didn't succeed) for non-authoritative cases.
[Jim Jagielski]
- mod_proxy: Fix over-eager handling of '%' for reverse proxies.
Bug 15207. [Jim Jagielski]
- mod_ldap: Fix various shared memory cache handling bugs.
Bug 34209. [Joe Orton]
- Fix a file descriptor leak when starting piped loggers. Bug 33748.
[Joe Orton]
- mod_ldap: Avoid segfaults when opening connections if using a version
of OpenLDAP older than 2.2.21. Bug 34618. [Brad Nicholes]
- mod_ssl: Fix build with OpenSSL 0.9.8. Bug 35757. [William Rowe]
- proxy HTTP: If a response contains both Transfer-Encoding and a
Content-Length, remove the Content-Length and don't reuse the
connection, mitigating some HTTP Response Splitting attacks.
[Jeff Trawick]
- Prevent hangs of child processes when writing to piped loggers at
the time of graceful restart. Bug 26467. [Jeff Trawick]
- SECURITY: CAN-2005-1268 (cve.mitre.org)
mod_ssl: Fix off-by-one overflow whilst printing CRL information
at "LogLevel debug" which could be triggered if configured
to use a "malicious" CRL. Bug 35081. [Marc Stern <mstern csc.com>]
- mod_userdir: Fix possible memory corruption issue. Bug 34588.
[David Leonard <dleonard vintela.com>]
- worker mpm: don't take down the whole server for a transient
thread creation failure. Bug 34514 [Greg Ames]
- mod_rewrite: use buffered I/O to improve performance with large
RewriteMap txt: files. [Greg Ames]
- proxy HTTP: Rework the handling of request bodies to handle
chunked input and input filters which modify content length, and
avoid spooling arbitrary-sized request bodies in memory.
Bug 15859. [Jeff Trawick]
Patches supplied by Ben Collver. Addresses PR pkg/31817 by Zafer Aydogan.
Revision 1.16 / (download) - annotate - [select for diffs], Mon Oct 17 10:28:46 2005 UTC (17 years, 11 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base,
pkgsrc-2006Q1,
pkgsrc-2005Q4-base,
pkgsrc-2005Q4
Changes since 1.15: +5 -5
lines
Diff to previous 1.15 (colored)
Update "apr" package to version 0.9.7. Changes since version 0.9.6: - Fix crash in apr_dir_make_recursive() for relative path when the working directory has been deleted. [Joe Orton] - Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT, returning APR_EBUSY. [Ronen Mizrahi <ronen@tversity.com>] - Fix apr_file_read() to catch write failures when flushing pending writes for a buffered file. [Joe Orton] - Fix apr_file_write() infinite loop on write failure for buffered files. [Erik Huelsmann <ehuels gmail.com>] - Fix error handling where apr_uid_* and apr_gid_* could segfault or return APR_SUCCESS in failure cases. PR 34053. [Joe Orton, Paul Querna] - Refactor Win32 condition variables code to address bugs 27654, 34336. [Henry Jen <henryjen ztune.net>, E Holyat <eholyat yahoo.com>] - Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows. PR 32177. [Sim <sgobbi datamanagement.it>, Jeff Trawick] - Fix detection of rwlocks on Mac OS X. [Aaron Bannert] - Fix issue with poll() followed by net I/O yielding EAGAIN on Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez] Update based on patches supplied by Ben Collver. Addresses first part of PR pkg/31817 by Zafer Aydogan.
Revision 1.15 / (download) - annotate - [select for diffs], Wed Sep 21 00:01:01 2005 UTC (18 years ago) by tv
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Changes since 1.14: +2 -1
lines
Diff to previous 1.14 (colored)
Extend the Darwin avoid_zombies() signal hack to NetBSD, which needs explicit waits as well. Eliminates the CGI zombie problem on NetBSD 2.0+ using the "worker" MPM in Apache 2.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Sep 7 11:39:55 2005 UTC (18 years ago) by reed
Branch: MAIN
Changes since 1.13: +4 -1
lines
Diff to previous 1.13 (colored)
Add support for DragonFly from Joerg Sonnenberger. Okayed by tron.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Apr 25 09:13:02 2005 UTC (18 years, 5 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.12: +6 -6
lines
Diff to previous 1.12 (colored)
Changes 2.0.54:
*) mod_cache: Add CacheIgnoreHeaders directive.
*) mod_ldap: Added the directive LDAPConnectionTimeout to configure
the ldap socket connection timeout value.
*) Correctly export all mod_dav public functions.
*) Add a build script to create a solaris package.
*) worker MPM: Fix a problem which could cause httpd processes to
remain active after shutdown.
*) Unix MPMs: Shut down the server more quickly when child processes are
slow to exit.
*) Remove formatting characters from ap_log_error() calls. These
were escaped as fallout from CAN-2003-0020.
*) mod_ssl: If SSLUsername is used, set r->user earlier.
*) htdigest: Fix permissions of created files.
*) core_input_filter: Move buckets to a persistent brigade instead of
creating a new brigade. This stop a memory leak when proxying a
Streaming Media Server.
*) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid
hiccups from additional path information passed in non-utf-8 format.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Feb 23 22:24:09 2005 UTC (18 years, 7 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base,
pkgsrc-2005Q1
Changes since 1.11: +2 -1
lines
Diff to previous 1.11 (colored)
Add RMD160 digests.
Revision 1.10.2.1 / (download) - annotate - [select for diffs], Thu Feb 10 15:22:24 2005 UTC (18 years, 7 months ago) by salo
Branch: pkgsrc-2004Q4
Changes since 1.10: +3 -3
lines
Diff to previous 1.10 (colored) next main 1.11 (colored)
Pullup ticket 277 - requested by Matthias Scheler
security fix for apache2
Revisions pulled up:
- pkgsrc/devel/apr/Makefile 1.31
- pkgsrc/devel/apr/distinfo 1.11
- pkgsrc/www/apache2/Makefile 1.66 (merged by hand)
- pkgsrc/www/apache2/Makefile.common 1.13
- pkgsrc/www/apache2/PLIST 1.27
- pkgsrc/www/apache2/distinfo 1.36 (merged by hand)
- pkgsrc/www/apache2/patches/patch-aa 1.14
- pkgsrc/www/apache2/patches/patch-as removed
- pkgsrc/www/apache2/patches/patch-at removed
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 9 14:52:12 UTC 2005
Modified Files:
pkgsrc/devel/apr: Makefile distinfo
Log Message:
Update "apr" package to version 0.9.6.2.0.53. Changes since
version 0.9.5.2.0.52:
- Add apr_threadattr_stacksize_set() for overriding the default
stack size for threads created by apr_thread_create().
- Add an RPM spec file.
- Add a build script to create a solaris package.
---
Module Name: pkgsrc
Committed By: tron
Date: Wed Feb 9 14:57:52 UTC 2005
Modified Files:
pkgsrc/www/apache2: Makefile Makefile.common PLIST distinfo
pkgsrc/www/apache2/patches: patch-aa
Removed Files:
pkgsrc/www/apache2/patches: patch-as patch-at
Log Message:
Update "apache2" package to version 2.0.53. Changes since version 2.0.52:
- Fix --with-apr=/usr and/or --with-apr-util=/usr. Bug report 29740.
[Max Bowsher <maxb ukf.net>]
- mod_proxy: Fix ProxyRemoteMatch directive. Bug report 33170.
[Rici Lake <rici ricilake.net>]
- mod_proxy: Respect errors reported by pre_connection hooks.
[Jeff Trawick]
- --with-module can now take more than one module to be statically
linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
If the <modtype>-subdirectory doesn't exist it will be created and
populated with a standard Makefile.in. [Erik Abele]
- Fix the RPM spec file so that an RPM build now works. An RPM
build now requires system installations of APR and APR-util.
Remove some arbitrary moving around of binaries - the RPM now
maps to the ASF build of httpd.
[Graham Leggett]
- mod_dumpio, an I/O logging/dumping module, added to the
modules/expermimental subdirectory. [Jim Jagielski]
- mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
library handles special characters. Bug report 24437.
[Jess Holle]
- Win32 MPM: Correct typo in debugging output. [William Rowe]
- conf: Remove AddDefaultCharset from the default configuration because
setting a site-wide default does more harm than good.
Bug report 23421. [Roy Fielding]
- Add charset to example CGI scripts. [Roy Fielding]
- mod_ssl: fail quickly if SSL connection is aborted rather than
making many doomed ap_pass_brigade calls.
Bug report 32699. [Joe Orton]
- Remove compiled-in upper limit on LimitRequestFieldSize.
[Bill Stoddard]
- Start keeping track of time-taken-to-process-request again for
mod_status if ExtendedStatus is enabled. [Jim Jagielski]
- mod_proxy: Handle client-aborted connections correctly.
Bug report 32443. [Janne Hietamäki, Joe Orton]
- Fix handling of files >2Gb on all platforms (or builds) where
apr_off_t is larger than apr_size_t.
Bug report 28898. [Joe Orton]
- mod_include: Fix bug which could truncate variable expansions
of N*64 characters by one byte. Bug report 32985. [Joe Orton]
- Correct handling of certain bucket types in ap_save_brigade, fixing
possible segfaults in mod_cgi with #include virtual.
Bug report 31247. [Joe Orton]
- Allow for the use of --with-module=foo:bar where the ./modules/foo
directory is local only. Assumes, of course, that the required
files are in ./modules/foo, but makes it easier to statically
build/log "external" modules. [Jim Jagielski]
- Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that
ldap authorization only modules have access to the util_ldap
user cache without having to require ldap authentication as well.
Bug report 31898. [Jari Ahonen jah progress.com, Brad Nicholes]
- mod_auth_ldap: Added the directive "Requires ldap-attribute" that
allows the module to only authorize a user if the attribute value
specified matches the value of the user object. Bug report 31913
[Ryan Morgan <rmorgan pobox.com>]
- SECURITY: CAN-2004-0942 (cve.mitre.org)
Fix for memory consumption DoS in handling of MIME folded request
headers. [Joe Orton]
- SECURITY: CAN-2004-0885 (cve.mitre.org)
mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
bypassed during an SSL renegotiation. Bug report 31505.
[Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton]
- mod_ssl: Fail at startup rather than segfault at runtime if a
client cert is configured with an encrypted private key.
Bug report 24030. [Joe Orton]
- apxs: fix handling of -Wc/-Wl and "-o mod_foo.so".
Bug report 31448 [Joe Orton]
- mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
[Jeff Trawick]
- mod_cache: CacheDisable will only disable the URLs it was meant to
disable, not all caching. Bug report 31128.
[Edward Rudd <eddie omegaware.com>, Paul Querna]
- mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
cache responses. [Justin Erenkrantz]
- mod_rewrite: Handle per-location rules when r->filename is unset.
Previously this would segfault or simply not match as expected,
depending on the platform. [Jeff Trawick]
- mod_rewrite: Fix 0 bytes write into random memory position.
Bug report 31036. [André Malo]
- mod_disk_cache: Do not store aborted content. Bug report 21492.
[Rüdiger Plüm <r.pluem t-online.de>]
- mod_disk_cache: Correctly store cached content type.
Bug report 30278.
[Rüdiger Plüm <r.pluem t-online.de>]
- mod_ldap: prevent the possiblity of an infinite loop in the LDAP
statistics display. Bug report 29216. [Graham Leggett]
- mod_ldap: fix a bogus error message to tell the user which file
is causing a potential problem with the LDAP shared memory cache.
Bug report 31431 [Graham Leggett]
- mod_disk_cache: Do not store hop-by-hop headers. [Justin Erenkrantz]
- Fix the re-linking issue when purging elements from the LDAP cache
Bug report 24801. [Jess Holle <jessh ptc.com>]
- mod_disk_cache: Fix races in saving responses. [Justin Erenkrantz]
- Fix Expires handling in mod_cache. [Justin Erenkrantz]
- Alter mod_expires to run at a different filter priority to allow
proper Expires storage by mod_cache. [Justin Erenkrantz]
Revision 1.11 / (download) - annotate - [select for diffs], Wed Feb 9 14:52:12 2005 UTC (18 years, 7 months ago) by tron
Branch: MAIN
Changes since 1.10: +3 -3
lines
Diff to previous 1.10 (colored)
Update "apr" package to version 0.9.6.2.0.53. Changes since version 0.9.5.2.0.52: - Add apr_threadattr_stacksize_set() for overriding the default stack size for threads created by apr_thread_create(). - Add an RPM spec file. - Add a build script to create a solaris package.
Revision 1.9.2.1 / (download) - annotate - [select for diffs], Fri Nov 26 19:59:05 2004 UTC (18 years, 9 months ago) by snj
Branch: pkgsrc-2004Q3
Changes since 1.9: +3 -3
lines
Diff to previous 1.9 (colored) next main 1.10 (colored)
Pullup ticket 119 - requested by Jeremy C. Reed
security fix for apache2
Module Name: pkgsrc
Committed By: reed
Date: Sat Oct 2 15:47:03 UTC 2004
Modified Files:
pkgsrc/devel/apr: distinfo
pkgsrc/www/apache2: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/www/apache2/patches: patch-ab
Log Message:
Update apache to apache-2.0.52.
Also added comment to www/apache2/Makefile.common to remind to
update checksum in devel/apr also.
No actual devel/apr changes seen.
Also removed www/apache2/patches/patch-ab because it is identical to
fix for security in new version.
Changes with Apache 2.0.52
*) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
*) Fix the global mutex crash when the global mutex is never allocated
due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
*) Fix a segfault in the LDAP cache when it is configured switched
off. [Jess Holle <jessh ptc.com>]
*) SECURITY: CAN-2004-0811 (cve.mitre.org)
Fix merging of the Satisfy directive, which was applied to
the surrounding context and could allow access despite configured
authentication. PR 31315. [Rici Lake <rici ricilake.net>]
*) Fix the handling of URIs containing %2F when AllowEncodedSlashes
is enabled. Previously, such urls would still be rejected.
[Jeff Trawick, Bill Stoddard]
*) mod_mem_cache: Fixed race condition causing segfault because of memory being
freed twice, or reused after being freed.
[J. Clar, W. Stoddard, G. Ames]
*) Add -l option to rotatelogs to let it use local time rather than
UTC. PR 24417. [Ken Coar, Uli Zappe <uli ritual.org>]
*) mod_log_config: Fix a bug which prevented request completion time
from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
processing. PR 29696. [Alois Treindl <alois astro.ch>]
---
Module Name: pkgsrc
Committed By: reed
Date: Sat Oct 2 16:38:38 UTC 2004
Modified Files:
pkgsrc/www/apache2: Makefile PLIST
Log Message:
Sort the share/httpd/manual entries in the PLIST.
Added 35 share/httpd/manual entries to PLIST. Most are .ko.euc-kr,
.ko, ja.euc-jp, and .ja files.
I don't know when these were added.
Bump PKGREVISION because now package has several more files.
Revision 1.10 / (download) - annotate - [select for diffs], Sat Oct 2 15:47:02 2004 UTC (18 years, 11 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base
Branch point for: pkgsrc-2004Q4
Changes since 1.9: +3 -3
lines
Diff to previous 1.9 (colored)
Update apache to apache-2.0.52.
Also added comment to www/apache2/Makefile.common to remind to
update checksum in devel/apr also.
No actual devel/apr changes seen.
Also removed www/apache2/patches/patch-ab because it is identical to
fix for security in new version.
Changes with Apache 2.0.52
*) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
*) Fix the global mutex crash when the global mutex is never allocated
due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
*) Fix a segfault in the LDAP cache when it is configured switched
off. [Jess Holle <jessh ptc.com>]
*) SECURITY: CAN-2004-0811 (cve.mitre.org)
Fix merging of the Satisfy directive, which was applied to
the surrounding context and could allow access despite configured
authentication. PR 31315. [Rici Lake <rici ricilake.net>]
*) Fix the handling of URIs containing %2F when AllowEncodedSlashes
is enabled. Previously, such urls would still be rejected.
[Jeff Trawick, Bill Stoddard]
*) mod_mem_cache: Fixed race condition causing segfault because of memory being
freed twice, or reused after being freed.
[J. Clar, W. Stoddard, G. Ames]
*) Add -l option to rotatelogs to let it use local time rather than
UTC. PR 24417. [Ken Coar, Uli Zappe <uli ritual.org>]
*) mod_log_config: Fix a bug which prevented request completion time
from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
processing. PR 29696. [Alois Treindl <alois astro.ch>]
Revision 1.9 / (download) - annotate - [select for diffs], Mon Sep 20 17:13:06 2004 UTC (19 years ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base
Branch point for: pkgsrc-2004Q3
Changes since 1.8: +3 -5
lines
Diff to previous 1.8 (colored)
- Update apr to 2.0.51 - Fix permissions on installed .h files - ok'ed snj@, wiz@ - Thanks to epg@ for final check This version of Apache is principally a bug fix release. Of particular note is that 2.0.51 addresses five security vulnerabilities: An input validation issue in IPv6 literal address parsing which can result in a negative length parameter being passed to memcpy. [CAN-2004-0786] A buffer overflow in configuration file parsing could allow a local user to gain the privileges of a httpd child if the server can be forced to parse a carefully crafted .htaccess file. [CAN-2004-0747] A segfault in mod_ssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. [CAN-2004-0751] A potential infinite loop in mod_ssl which could be triggered given particular timing of a connection abort. [CAN-2004-0748] A segfault in mod_dav_fs which can be remotely triggered by an indirect lock refresh request. [CAN-2004-0809] For further details, see http://www.apache.org/dist/httpd/Announcement2.html and http://apache.rmplc.co.uk/httpd/CHANGES_2.0.
Revision 1.7.4.1 / (download) - annotate - [select for diffs], Wed Jul 14 12:39:00 2004 UTC (19 years, 2 months ago) by agc
Branch: pkgsrc-2004Q2
Changes since 1.7: +3 -3
lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
Pullup ticket 57 to the pkgsrc-2004Q2 branch, requested by Grant Beattie. Security and other bug fixes for apache2. Module Name: pkgsrc Committed By: adrianp Date: Wed Jul 14 08:28:51 UTC 2004 Modified Files: pkgsrc/www/apache2: Makefile Makefile.common PLIST buildlink3.mk distinfo pkgsrc/www/apache2/patches: patch-aa Added Files: pkgsrc/www/apache2: PLIST.deffiles Removed Files: pkgsrc/www/apache2/patches: patch-as Log Message: - Update to apache 2.0.50 - Add new build def APACHE_DEFAULT_FILES and Module Name: pkgsrc Committed By: adrianp Date: Wed Jul 14 08:31:12 UTC 2004 Modified Files: pkgsrc/devel/apr: buildlink3.mk distinfo Log Message: - Update to apache 2.0.50 - Add new build def APACHE_DEFAULT_FILES
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jul 14 08:31:12 2004 UTC (19 years, 2 months ago) by adrianp
Branch: MAIN
Changes since 1.7: +3 -3
lines
Diff to previous 1.7 (colored)
- Update to apache 2.0.50
- Add new build def APACHE_DEFAULT_FILES
Changes with Apache 2.0.50
*) SECURITY: CAN-2004-0493 (cve.mitre.org)
Close a denial of service vulnerability identified by Georgi
Guninski which could lead to memory exhaustion with certain
input data. [Jeff Trawick]
*) mod_cgi: Handle output on stderr during script execution on Unix
platforms; preventing deadlock when stderr output fills pipe buffer.
Also fixes case where stderr from nph- scripts could be lost.
PR 22030, 18348. [Joe Orton, Jeff Trawick]
*) mod_alias now emits a warning if it detects overlapping *Alias*
directives. [André Malo]
*) mod_rewrite no longer turns forward proxy requests into reverse proxy
requests. PR 28125 [ast domdv.de, André Malo]
*) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
exported on Win32 and Netware as well (minor MMN bump). PR 28523.
[Edward Rudd <eddie omegaware.com>, André Malo]
*) Restore the ability to disable the use of AcceptEx on Win9x systems
automatically (broken in 2.0.49). PR 28529. [André Malo]
*) <VirtualHost myhost> now applies to all IP addresses for myhost
instead of just the first one reported by the resolver. This
corrects a regression since 1.3. [Jeff Trawick]
*) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
against ServerRoot PR#26602 [Brad Nicholes]
*) SECURITY: CAN-2004-0488 (cve.mitre.org)
mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
(trusted) client certificate subject DN which exceeds 6K in length.
[Joe Orton]
*) mod_dav_fs: Fix MKCOL response for missing parent collections, which
caused issues for the Eclipse WebDAV extension.
PR 29034. [Joe Orton]
*) mod_deflate: Fix memory consumption (which was proportional to the
response size). PR 29318. [Joe Orton]
*) mod_ssl: Log the errors returned on failure to load or initialize
a crypto accelerator engine. [Joe Orton]
*) Allow RequestHeader directives to be conditional. PR 27951.
[Vincent Deffontaines <vincent gryzor.com>, André Malo]
*) Allow LimitRequestBody to be reset to unlimited. PR 29106
[André Malo]
*) Fix a bunch of cases where the return code of the regex compiler
was not checked properly. This affects: mod_setenvif, mod_usertrack,
mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo]
*) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
small cache sizes. PR 27751. [Geoff Thorpe <geoff geoffthorpe.net>]
*) Remove 2Gb log file size restriction on some 32-bit platforms.
PR 13511. [Joe Orton]
*) mod_logio no longer removes the EOS bucket. PR 27928.
[Bojan Smojver <bojan rexursive.com>]
*) htpasswd no longer refuses to process files that contain empty
lines. [André Malo]
*) Regression from 1.3: At startup, suexec now will be checked for
availability, the setuid bit and user root. The works only if
httpd is compiled with the shipped APR version (0.9.5).
PR 28287. [André Malo]
*) Unix MPMs: Stop dropping connections when the file descriptor
is at least FD_SETSIZE. [Jeff Trawick]
*) Fix handling of IPv6 numeric strings in mod_proxy. [Jeff Trawick]
*) mod_isapi: send_response_header() failed to copy status string's
last character. PR 20619. [Jesse Pelton <jsp pkc.com>]
*) Fix a segfault when requests for shared memory fails and returns
NULL. Fix a segfault caused by a lack of bounds checking on the
cache. PR 24801. [Graham Leggett]
*) Throw an error message if an attempt is made to use the LDAPTrustedCA
or LDAPTrustedCAType directives in a VirtualHost. PR 26390
[Brad Nicholes]
*) Fix a potential segfault if the bind password in the LDAP cache
is NULL. PR 28250. [Jari Ahonen <jah progress.com>]
*) Quotes cannot be used around require group and require dn
directives, update the documentation to reflect this. Also add
quotes around the dn and group within debug messages, to make it
more obvious why authentication is failing if quotes are used in
error. PR 19304. [Graham Leggett]
*) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
from escaping filters twice when the backslash character is used.
PR 24437. [Jess Holle <jessh ptc.com>]
*) Overhaul handling of LDAP error conditions, so that the util_ldap_*
functions leave the connections in a sane state after errors have
occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
27271 [Graham Leggett]
*) mod_ldap calls ldap_simple_bind_s() to validate the user
credentials. If the bind fails, the connection is left
in an unbound state. Make sure that the ldap connection
record is updated to show that the connection is no longer
bound. [Brad Nicholes]
*) Ensure that lines in the request which are too long are
properly terminated before logging.
[Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]
*) Update the bind credentials for the cached LDAP connection to
reflect the last bind. This prevents util_ldap from creating
unnecessary connections rather than reusing cached connections.
[Brad Nicholes]
*) mod_isapi: GetServerVariable returned improperly terminated header
fields given "ALL_HTTP" or "ALL_RAW". PR 20656.
[Jesse Pelton <jsp pkc.com>]
*) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
size. PR 20617. [Jesse Pelton <jsp pkc.com>]
*) mod_dav: Fix a problem that could cause crashes when manipulating
locks on some platforms. [Jeff Trawick]
*) mod_headers no longer crashes if an empty header value should
be added. [André Malo]
*) Fix segfault in mod_expires, which occured under certain
circumstances. PR 28047. [André Malo]
*) htpasswd: use apr_temp_dir_get() and general cleanup
[Guenter Knauf <eflash gmx.net>, Thom May]
*) mod_ssl: Fix memory leak in session cache handling. PR 26562
[Madhusudan Mathihalli]
*) mod_ssl: Fix potential segfaults when performing SSL shutdown from
a pool cleanup. PR 27945. [Joe Orton]
*) Add forensic logging module (mod_log_forensic).
[Ben Laurie]
*) logresolve: Allow size of log line buffer to be overridden at
build time (MAXLINE). PR 27793. [Jeff Trawick]
*) Fix the comment delimiter in htdbm so that it correctly parses the
username comment. Also add a terminate function to allow NetWare
to pause the output before the screen is destroyed.
[Guenter Knauf <eflash gmx.net>, Brad Nicholes]
*) Fix crash when Apache was started with no Listen directives.
[Michael Corcoran <mcorcoran warpsolutions.com>]
*) core_output_filter: Fix bug that could result in sending
garbage over the network when module handlers construct
bucket brigades containing multiple file buckets all referencing
the same open file descriptor. [Bojan Smojver]
*) Fix memory corruption problem with ap_custom_response() function.
The core per-dir config would later point to request pool data
that would be reused for different purposes on different requests.
[Jeff Trawick, based on an old 1.3 patch submitted by Will Lowe]
*) Win32: Tweak worker thread accounting routines to eliminate
server hang when number of Listen directives in httpd.conf
is greater than or equal to the setting of ThreadsPerChild.
[Bill Stoddard]
Revision 1.7 / (download) - annotate - [select for diffs], Mon Mar 22 19:50:16 2004 UTC (19 years, 6 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base,
pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Branch point for: pkgsrc-2004Q2
Changes since 1.6: +3 -3
lines
Diff to previous 1.6 (colored)
Update apache2 to 2.0.49. This includes various changes since last release
including:
*) SECURITY: CAN-2004-0174 (cve.mitre.org)
Fix starvation issue on listening sockets where a short-lived
connection on a rarely-accessed listening socket will cause a
child to hold the accept mutex and block out new connections until
another connection arrives on that rarely-accessed listening socket.
With Apache 2.x there is no performance concern about enabling the
logic for platforms which don't need it, so it is enabled everywhere
except for Win32. [Jeff Trawick]
*) SECURITY: CAN-2004-0113 (cve.mitre.org)
mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
PR 27106. [Joe Orton]
*) SECURITY: CAN-2003-0020 (cve.mitre.org)
Escape arbitrary data before writing into the errorlog. Unescaped
errorlogs are still possible using the compile time switch
"-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, Andr<E9> Malo]
Complete changelog is at http://www.apache.org/dist/httpd/CHANGES_2.0
Package changes include:
buildlink depends increased for apache2 (but not for apr).
apr package version changes, but APR_VERSION stays same.
more files installed and added to PLIST.
share/httpd/manual/search/manual-index.cgi removed from PLIST.
Also removing share/httpd/htdocs and share/httpd directories
removed from PLIST because already handled by MAKE_DIRS.
(I think this should use OWN_DIRS.)
(jlam@ said he would like this update done during freeze.)
Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 28 21:12:11 2003 UTC (19 years, 10 months ago) by mason
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base,
pkgsrc-2003Q4
Changes since 1.5: +3 -3
lines
Diff to previous 1.5 (colored)
Update checksums to account for Apache 2.0.48, so this will build.
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jul 9 08:09:04 2003 UTC (20 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.4: +3 -3
lines
Diff to previous 1.4 (colored)
upgrade to apache-2.0.47/apr-0.9.4.2.0.47.
Changes with Apache 2.0.47
*) SECURITY [CAN-2003-0192]: Fixed a bug whereby certain sequences
of per-directory renegotiations and the SSLCipherSuite directive
being used to upgrade from a weak ciphersuite to a strong one
could result in the weak ciphersuite being used in place of the
strong one. [Ben Laurie]
*) SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
temporary denial of service when accept() on a rarely accessed port
returns certain errors. Reported by Saheed Akhtar
<S.Akhtar@talis.com>. [Jeff Trawick]
*) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
of service when target host is IPv6 but proxy server can't create
IPv6 socket. Fixed by the reporter. [Yoshioka Tsuneo
<tsuneo.yoshioka@f-secure.com>]
*) SECURITY [VU#379828] Prevent the server from crashing when entering
infinite loops. The new LimitInternalRecursion directive configures
limits of subsequent internal redirects and nested subrequests, after
which the request will be aborted. PR 19753 (and probably others).
[William Rowe, Jeff Trawick, André Malo]
*) core_output_filter: don't split the brigade after a FLUSH bucket if
it's the last bucket. This prevents creating unneccessary empty
brigades which may not be destroyed until the end of a keepalive
connection.
[Juan Rivera <Juan.Rivera@citrix.com>]
*) Add support for "streamy" PROPFIND responses.
[Ben Collins-Sussman <sussman@collab.net>]
*) mod_cgid: Eliminate a double-close of a socket. This resolves
various operational problems in a threaded MPM, since on the
second attempt to close the socket, the same descriptor was
often already in use by another thread for another purpose.
[Jeff Trawick]
*) mod_negotiation: Introduce "prefer-language" environment variable,
which allows to influence the negotiation process on request basis
to prefer a certain language. [André Malo]
*) Make mod_expires' ExpiresByType work properly, including for
dynamically-generated documents. [Ken Coar, Bill Stoddard]
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jun 6 10:49:59 2003 UTC (20 years, 3 months ago) by jmmv
Branch: MAIN
Changes since 1.3: +3 -3
lines
Diff to previous 1.3 (colored)
Avoid hardcoding /usr/pkg in the configuration layouts (using the value from
the ${PREFIX} variable).
Revision 1.3 / (download) - annotate - [select for diffs], Fri May 30 10:14:21 2003 UTC (20 years, 3 months ago) by epg
Branch: MAIN
Changes since 1.2: +3 -1
lines
Diff to previous 1.2 (colored)
Fix apr-config and apu-config scripts when run from
${BUILDLINK_DIR}/bin. This may help fix ap2-perl, but won't help
ap2-php4.
Revision 1.2 / (download) - annotate - [select for diffs], Thu May 29 01:02:28 2003 UTC (20 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.1: +3 -4
lines
Diff to previous 1.1 (colored)
upgrade to apache 2.0.46. fixes two vulnerabilities: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0189
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun May 25 08:55:19 2003 UTC (20 years, 4 months ago) by epg
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
import apr-0.9.1.2.0.45 This package contains apr and apr-util from the latest Apache2 distribution (currently httpd-2.0.45). It is currently (er, currently in a few minutes) shared between the Apache2 and Subversion packages.
Revision 1.1 / (download) - annotate - [select for diffs], Sun May 25 08:55:19 2003 UTC (20 years, 4 months ago) by epg
Branch: MAIN
Initial revision