The NetBSD Project

CVS log for pkgsrc/www/apache/Attic/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / apache

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.64, Tue Jun 10 15:22:18 2014 UTC (5 years, 6 months ago) by joerg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.63: +1 -1 lines
FILE REMOVED

Retire Apache 1.3 and 2.0.

Revision 1.63 / (download) - annotate - [select for diffs], Sat Mar 2 17:52:33 2013 UTC (6 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)

Don't strip -Wl flag on the apxs command line. Bump revision.

Revision 1.62 / (download) - annotate - [select for diffs], Tue May 29 20:23:12 2012 UTC (7 years, 6 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)

Link with CC like other platforms. Fixes module build with Clang.

Revision 1.61 / (download) - annotate - [select for diffs], Thu Aug 4 11:45:20 2011 UTC (8 years, 4 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.60: +2 -1 lines
Diff to previous 1.60 (colored)

Deal with C99 vs GNU89 inline semantics

Revision 1.59.4.1 / (download) - annotate - [select for diffs], Wed Feb 10 20:37:33 2010 UTC (9 years, 10 months ago) by spz
Branch: pkgsrc-2009Q4
Changes since 1.59: +4 -4 lines
Diff to previous 1.59 (colored) next main 1.60 (colored)

Pullup ticket 2996 - requested by dholland
security update

Revisions pulled up:
- pkgsrc/www/apache/Makefile		1.199
- pkgsrc/www/apache/distinfo		1.60
- pkgsrc/www/ap-ssl/Makefile		1.109
- pkgsrc/www/ap-ssl/distinfo		1.35

Files added:
pkgsrc/www/ap-ssl/patches/patch-ac

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   dholland
   Date:           Tue Feb  9 07:22:06 UTC 2010

   Modified Files:
           pkgsrc/www/apache: Makefile distinfo

   Log Message:
   Update to 1.3.42, fixing CVE-2010-0010. Note: this package is now EOL
   upstream. The next security bug probably won't get patched, so if you're
   still using this, it's time to migrate to 2.x.


   To generate a diff of this commit:
   cvs rdiff -u -r1.198 -r1.199 pkgsrc/www/apache/Makefile
   cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/apache/distinfo

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   dholland
   Date:           Wed Feb 10 03:55:18 UTC 2010

   Modified Files:
           pkgsrc/www/ap-ssl: Makefile distinfo
   Added Files:
           pkgsrc/www/ap-ssl/patches: patch-ac

   Log Message:
   Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change
   anything significant in the internals, all this requires is patching
   the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++.


   To generate a diff of this commit:
   cvs rdiff -u -r1.108 -r1.109 pkgsrc/www/ap-ssl/Makefile
   cvs rdiff -u -r1.34 -r1.35 pkgsrc/www/ap-ssl/distinfo
   cvs rdiff -u -r0 -r1.3 pkgsrc/www/ap-ssl/patches/patch-ac

Revision 1.60 / (download) - annotate - [select for diffs], Tue Feb 9 07:22:06 2010 UTC (9 years, 10 months ago) by dholland
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.59: +4 -4 lines
Diff to previous 1.59 (colored)

Update to 1.3.42, fixing CVE-2010-0010. Note: this package is now EOL
upstream. The next security bug probably won't get patched, so if you're
still using this, it's time to migrate to 2.x.

Revision 1.59 / (download) - annotate - [select for diffs], Sat Jul 25 19:55:11 2009 UTC (10 years, 4 months ago) by roy
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q3-base, pkgsrc-2009Q3
Branch point for: pkgsrc-2009Q4
Changes since 1.58: +4 -1 lines
Diff to previous 1.58 (colored)

Avoid collision with system getline(3).

Revision 1.58 / (download) - annotate - [select for diffs], Sat Feb 23 05:16:33 2008 UTC (11 years, 9 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.57: +17 -19 lines
Diff to previous 1.57 (colored)

Update apache to 1.3.41.

Changes with Apache 1.3.41

  *) SECURITY: CVE-2007-6388 (cve.mitre.org)
     mod_status: Ensure refresh parameter is numeric to prevent
     a possible XSS attack caused by redirecting to other URLs.
     Reported by SecurityReason.  [Mark Cox]

Changes with Apache 1.3.40 (not released)

  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
     mod_imap: Fix cross-site scripting issue.  Reported by JPCERT.
     [Joe Orton]

  *) SECURITY: CVE-2007-3847 (cve.mitre.org)
     mod_proxy: Prevent reading past the end of a buffer when parsing
     date-related headers.  PR 41144.
     With Apache 1.3, the denial of service vulnerability applies only
     to the Windows and NetWare platforms.
     [Jeff Trawick]

  *) More efficient implementation of the CVE-2007-3304 PID table
     patch. This fixes issues with excessive memory usage by the
     parent process if long-running and with a high number of child
     process forks during that timeframe. Also fixes bogus "Bad pid"
     errors. [Jim Jagielski, Jeff Trawick]

Changes with Apache 1.3.39

  *) SECURITY: CVE-2006-5752 (cve.mitre.org)
     mod_status: Fix a possible XSS attack against a site with a public
     server-status page and ExtendedStatus enabled, for browsers which
     perform charset "detection".  Reported by Stefan Esser.  [Joe Orton]

  *) SECURITY: CVE-2007-3304 (cve.mitre.org)
     Ensure that the parent process cannot be forced to kill non-child
     processes by checking scoreboard PID data with parent process
     privately stored PID data. [Jim Jagielski]

  *) mime.types: Many updates to sync with IANA registry and common
     unregistered types that the owners refuse to register.  Admins
     are encouraged to update their installed mime.types file.
     pr: 35550, 37798, 39317, 31483 [Roy T. Fielding]

There was no Apache 1.3.38

Revision 1.57 / (download) - annotate - [select for diffs], Sun Oct 7 20:49:57 2007 UTC (12 years, 2 months ago) by dmcmahill
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3
Changes since 1.56: +2 -1 lines
Diff to previous 1.56 (colored)

Be sure we actually use the db stuff as set up by bdb.buildlink3.mk.
This fixes a long standing build failure on SunOS-5.9/sparc and does
not seem to break things on NetBSD.

Revision 1.56 / (download) - annotate - [select for diffs], Thu Jun 28 01:24:39 2007 UTC (12 years, 5 months ago) by lkundrak
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base, pkgsrc-2007Q2
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)

Description for one patch referred to incorrect issue, the other patch
lacked ending semicolons.

Revision 1.55 / (download) - annotate - [select for diffs], Thu Jun 28 00:43:35 2007 UTC (12 years, 5 months ago) by lkundrak
Branch: MAIN
Changes since 1.54: +3 -3 lines
Diff to previous 1.54 (colored)

Add some descriptions to security patches.

Revision 1.54 / (download) - annotate - [select for diffs], Thu Jun 28 00:38:00 2007 UTC (12 years, 5 months ago) by lkundrak
Branch: MAIN
Changes since 1.53: +3 -1 lines
Diff to previous 1.53 (colored)

Fixing two possible security vulnerabilities:
CVE-2006-5752 XSS in mod_status with ExtendedStatus on
CVE-2007-3304 Remote DoS if MPM and mod_cache enabled
bumping PKGREVISION

Revision 1.51.4.2 / (download) - annotate - [select for diffs], Sun Jul 30 19:29:43 2006 UTC (13 years, 4 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.51.4.1: +7 -7 lines
Diff to previous 1.51.4.1 (colored) to branchpoint 1.51 (colored) next main 1.52 (colored)

Pullup ticket 1763 - requested by wiz
security update for apache

Revisions pulled up:
- pkgsrc/www/apache/Makefile			1.188
- pkgsrc/www/apache/distinfo			1.53
- pkgsrc/www/ap-ssl/Makefile			1.103
- pkgsrc/www/ap-ssl/distinfo			1.33

   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Sun Jul 30 11:17:51 UTC 2006

   Modified Files:
   	pkgsrc/www/apache: Makefile distinfo

   Log Message:
   Update to 1.3.37:

   Changes with Apache 1.3.37

     *) SECURITY: CVE-2006-3747 (cve.mitre.org)
        mod_rewrite: Fix an off-by-one security problem in the ldap scheme
        handling.  For some RewriteRules this could lead to a pointer being
        written out of bounds.  Reported by Mark Dowd of McAfee.
        [Mark Cox]
---
   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Sun Jul 30 11:19:38 UTC 2006

   Modified Files:
   	pkgsrc/www/ap-ssl: Makefile distinfo

   Log Message:
   Update to 2.8.28, for apache-1.3.37

   No changes besides the apache version update.

Revision 1.51.4.1 / (download) - annotate - [select for diffs], Sun Jul 30 19:21:26 2006 UTC (13 years, 4 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.51: +7 -8 lines
Diff to previous 1.51 (colored)

Pullup ticket 1761 - requested by wiz
security update for apache

Revisions pulled up:
- pkgsrc/www/apache/Makefile			1.186, 1.187
- pkgsrc/www/apache/buildlink3.mk		1.16
- pkgsrc/www/apache/distinfo			1.52
- pkgsrc/www/apache/module.mk			1.11
- pkgsrc/www/apache/patches/patch-ap		removed

   Module Name:		pkgsrc
   Committed By:	rillig
   Date:		Sun Jul  2 10:43:19 UTC 2006

   Modified Files:
   	pkgsrc/www/apache: Makefile buildlink3.mk module.mk

   Log Message:
   Fixed some easy pkglint warnings.
---
   Module Name:		pkgsrc
   Committed By:	wiz
   Date:		Wed Jul 19 22:45:14 UTC 2006

   Modified Files:
   	pkgsrc/www/apache: Makefile distinfo
   Removed Files:
   	pkgsrc/www/apache/patches: patch-ap

   Log Message:
   Update to 1.3.36:

   Changes with Apache 1.3.36

     *) Reverted SVN rev #396294 due to unwanted regression.
        The new feature introduced in 1.3.35 (Allow usage of the
        "Include" configuration directive within previously "Include"d
        files) has been removed in the meantime.
        (http://svn.apache.org/viewcvs?rev=396294&viewàev)

   Changes with Apache 1.3.35

     *) SECURITY: CVE-2005-3352 (cve.mitre.org)
        mod_imap: Escape untrusted referer header before outputting in HTML
        to avoid potential cross-site scripting.  Change also made to
        ap_escape_html so we escape quotes.  Reported by JPCERT.
        [Mark Cox]

     *) core: Allow usage of the "Include" configuration directive within
        previously "Include"d files. [Colm MacCarthaigh]

     *) HTML-escape the Expect error message.  Not classed as security as
        an attacker has no way to influence the Expect header a victim will
        send to a target site.  Reported by Thiago Zaninotti [Mark Cox]

     *) mod_cgi: Remove block on OPTIONS method so that scripts can
        respond to OPTIONS directly rather than via server default.
        [Roy Fielding] PR 15242

Revision 1.53 / (download) - annotate - [select for diffs], Sun Jul 30 11:17:51 2006 UTC (13 years, 4 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.52: +7 -7 lines
Diff to previous 1.52 (colored)

Update to 1.3.37:

Changes with Apache 1.3.37

  *) SECURITY: CVE-2006-3747 (cve.mitre.org)
     mod_rewrite: Fix an off-by-one security problem in the ldap scheme
     handling.  For some RewriteRules this could lead to a pointer being
     written out of bounds.  Reported by Mark Dowd of McAfee.
     [Mark Cox]

Revision 1.52 / (download) - annotate - [select for diffs], Wed Jul 19 22:45:14 2006 UTC (13 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.51: +7 -8 lines
Diff to previous 1.51 (colored)

Update to 1.3.36:

Changes with Apache 1.3.36

  *) Reverted SVN rev #396294 due to unwanted regression.
     The new feature introduced in 1.3.35 (Allow usage of the
     "Include" configuration directive within previously "Include"d
     files) has been removed in the meantime.
     (http://svn.apache.org/viewcvs?rev=396294&view=rev)

Changes with Apache 1.3.35

  *) SECURITY: CVE-2005-3352 (cve.mitre.org)
     mod_imap: Escape untrusted referer header before outputting in HTML
     to avoid potential cross-site scripting.  Change also made to
     ap_escape_html so we escape quotes.  Reported by JPCERT.
     [Mark Cox]

  *) core: Allow usage of the "Include" configuration directive within
     previously "Include"d files. [Colm MacCarthaigh]

  *) HTML-escape the Expect error message.  Not classed as security as
     an attacker has no way to influence the Expect header a victim will
     send to a target site.  Reported by Thiago Zaninotti [Mark Cox]

  *) mod_cgi: Remove block on OPTIONS method so that scripts can
     respond to OPTIONS directly rather than via server default.
     [Roy Fielding] PR 15242

Revision 1.51 / (download) - annotate - [select for diffs], Tue Feb 21 22:44:17 2006 UTC (13 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base, pkgsrc-2006Q1-base, pkgsrc-2006Q1
Branch point for: pkgsrc-2006Q2
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)

Fix config file handling; fix CHECK_PLIST build. Bump PKGREVISION.

Revision 1.50 / (download) - annotate - [select for diffs], Mon Jan 9 13:40:34 2006 UTC (13 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)

In patch-al, DragonFly has to be spelled in lower case.

Revision 1.49 / (download) - annotate - [select for diffs], Mon Jan 9 00:51:03 2006 UTC (13 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.48: +3 -2 lines
Diff to previous 1.48 (colored)

Fix httpd linkage on DragonFly: -Wl,-E is needed, otherwise ap-php
can't use ap_block_alarms. Bump revision.

Problem noticed by Justin Sherrill on DragonFly's bugs list.

Revision 1.46.2.2 / (download) - annotate - [select for diffs], Thu Dec 15 13:36:32 2005 UTC (13 years, 11 months ago) by salo
Branch: pkgsrc-2005Q3
Changes since 1.46.2.1: +2 -1 lines
Diff to previous 1.46.2.1 (colored) to branchpoint 1.46 (colored) next main 1.47 (colored)

Pullup ticket 960 - requested by Matthias Scheler
security fix for apache

Revisions pulled up:
- pkgsrc/www/apache/Makefile		1.176
- pkgsrc/www/apache/distinfo		1.48
- pkgsrc/www/apache/patches/patch-ap	1.7

   Module Name:		pkgsrc
   Committed By:	tron
   Date:		Thu Dec 15 12:57:30 UTC 2005

   Modified Files:
   	pkgsrc/www/apache: Makefile distinfo
   Added Files:
   	pkgsrc/www/apache/patches: patch-ap

   Log Message:
   Add fix for security vulnerability reported in CVE-2005-3352 taken from
   Apache SVN repository. Bump package revision because of that.

Revision 1.48 / (download) - annotate - [select for diffs], Thu Dec 15 12:57:30 2005 UTC (13 years, 11 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base, pkgsrc-2005Q4
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)

Add fix for security vulnerability reported in CVE-2005-3352 taken from
Apache SVN repository. Bump package revision because of that.

Revision 1.46.2.1 / (download) - annotate - [select for diffs], Wed Oct 19 22:04:48 2005 UTC (14 years, 1 month ago) by salo
Branch: pkgsrc-2005Q3
Changes since 1.46: +7 -7 lines
Diff to previous 1.46 (colored)

Pullup ticket 842 - requested by Manuel Bouyer
security update for apache

Revisions pulled up:
- pkgsrc/www/apache/Makefile		1.173
- pkgsrc/www/apache/distinfo		1.47
- pkgsrc/www/apache/PLIST		1.14
- pkgsrc/www/ap-ssl/Makefile		1.92
- pkgsrc/www/ap-ssl/distinfo		1.30

   Module Name:		pkgsrc
   Committed By:	bouyer
   Date:		Wed Oct 19 20:30:21 UTC 2005

   Modified Files:
   	pkgsrc/www/apache: Makefile distinfo

   Log Message:
   Update to 1.3.34. This is a security fix release, fix pkg/31868 by
   Zafer Aydogan. Changes from 1.3.33:
     *) hsregex: fix potential core dumping on 64 bit machines, such as
        AMD64. bug 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>]

     *) SECURITY: core: If a request contains both Transfer-Encoding and
        Content-Length headers, remove the Content-Length, mitigating some
        HTTP Request Splitting/Spoofing attacks.  This has no impact on
        mod_proxy_http, yet affects any module which supports chunked
        encoding yet fails to prefer T-E: chunked over the Content-Length
        purported value.  [Paul Querna, Joe Orton]

     *) Added TraceEnable [on|off|extended] per-server directive to alter
        the behavior of the TRACE method.  This addresses a flaw in proxy
        conformance to RFC 2616 - previously the proxy server would accept
        a TRACE request body although the RFC prohibited it.  The default
        remains 'TraceEnable on'.
        [William Rowe]

     *) mod_digest: Fix another nonce string calculation issue.
        [Eric Covener]
---
   Module Name:		pkgsrc
   Committed By:	bouyer
   Date:		Wed Oct 19 20:33:44 UTC 2005

   Modified Files:
   	pkgsrc/www/ap-ssl: Makefile distinfo

   Log Message:
   Update to mod_ssl 2.8.25. The only change is support for apache 1.3.34.
---
   Module Name:		pkgsrc
   Committed By:	bouyer
   Date:		Wed Oct 19 21:42:59 UTC 2005

   Modified Files:
   	pkgsrc/www/apache: PLIST

   Log Message:
   Add missing entry for a new file. Pointed out by Lubomir Sedlacik.
   Close enouth to the package update to not bump pkgrevision.

Revision 1.47 / (download) - annotate - [select for diffs], Wed Oct 19 20:30:21 2005 UTC (14 years, 1 month ago) by bouyer
Branch: MAIN
Changes since 1.46: +7 -7 lines
Diff to previous 1.46 (colored)

Update to 1.3.34. This is a security fix release, fix pkg/31868 by
Zafer Aydogan. Changes from 1.3.33:
  *) hsregex: fix potential core dumping on 64 bit machines, such as
     AMD64. PR 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>]

  *) SECURITY: core: If a request contains both Transfer-Encoding and
     Content-Length headers, remove the Content-Length, mitigating some
     HTTP Request Splitting/Spoofing attacks.  This has no impact on
     mod_proxy_http, yet affects any module which supports chunked
     encoding yet fails to prefer T-E: chunked over the Content-Length
     purported value.  [Paul Querna, Joe Orton]

  *) Added TraceEnable [on|off|extended] per-server directive to alter
     the behavior of the TRACE method.  This addresses a flaw in proxy
     conformance to RFC 2616 - previously the proxy server would accept
     a TRACE request body although the RFC prohibited it.  The default
     remains 'TraceEnable on'.
     [William Rowe]

  *) mod_digest: Fix another nonce string calculation issue.
     [Eric Covener]

Revision 1.46 / (download) - annotate - [select for diffs], Fri Sep 16 13:53:57 2005 UTC (14 years, 2 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Changes since 1.45: +4 -4 lines
Diff to previous 1.45 (colored)

Update ap-ssl to version 2.8.24.

- Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require"
  was not enforced in per-location context if "SSLVerifyClient optional"
  was configured in the global virtual host configuration.

Sync apache with the latest ap-ssl.

Revision 1.45 / (download) - annotate - [select for diffs], Mon Aug 22 16:19:01 2005 UTC (14 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.44: +3 -2 lines
Diff to previous 1.44 (colored)

Add DragonFly support.

(An httpd service was only briefly tested.)

Revision 1.44 / (download) - annotate - [select for diffs], Mon Feb 28 23:30:48 2005 UTC (14 years, 9 months ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base, pkgsrc-2005Q2, pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

Update apache to apache_1-3.33nb3:
    Previously rc.d/apache was updated to run stop & start for restart.
    '/etc/rc.d/apache restart' then picked up startssl if apache was not
    running, but if apache was running it has a large chance of the
    start running before the stop completes, leaving no httpd running.
    Instead, add a restartssl option to apachectl, and use it.

Revision 1.43 / (download) - annotate - [select for diffs], Thu Feb 24 14:08:28 2005 UTC (14 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.42: +4 -1 lines
Diff to previous 1.42 (colored)

Add RMD160 checksums.

Revision 1.36.2.2 / (download) - annotate - [select for diffs], Wed Dec 1 00:25:56 2004 UTC (15 years ago) by salo
Branch: pkgsrc-2004Q3
Changes since 1.36.2.1: +18 -20 lines
Diff to previous 1.36.2.1 (colored) to branchpoint 1.36 (colored) next main 1.37 (colored)

Pullup ticket 141 - requested by David Brownlee
security fix for apache

        Module Name:	pkgsrc
        Committed By:	tron
        Date:		Mon Oct 25 08:44:16 UTC 2004

        Modified Files:
        	pkgsrc/www/apache: Makefile PLIST distinfo
        Removed Files:
        	pkgsrc/www/apache/patches: patch-ap

        Log Message:
        Update "apache" package to version 1.3.32. Changes since version 1.3.31:
        - mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
          [michael teitler <michael.teitler cetelem.fr>,
           Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
        - mod_rewrite: Fix 0 bytes write into random memory position.
          PR 31036. [André Malo]
        - mod_digest: Fix nonce string calculation since 1.3.31 which
          would force re-authentication for every connection if
          AuthDigestRealmSeed was not configured.  PR 30920.  [Joe Orton]
        - Trigger an error when a LoadModule directive attempts to
          load a module which is built-in.  This is a common error when
          switching from a DSO build to a static build.
          [Jeff Trawick, Geoffrey Young]
        - Fix trivial bug in mod_log_forensic that caused the child
          to seg fault when certain invalid requests were fired at it with
          forensic logging is enabled.  PR 29313.
          [Will Slater <Will Slater orbisuk.com>]
        - Fix memory leak in the cache handling of mod_rewrite. PR 27862.
          [chunyan sheng <shengperson yahoo.com>, André Malo]
        - mod_rewrite no longer confuses the RewriteMap caches if
          different maps defined in different virtual hosts use the
          same map name. PR 26462.  [André Malo]
        - mod_setenvif: Remove "support" for Remote_User variable which
          never worked at all. PR 25725.  [André Malo]
        - mod_usertrack: Escape the cookie name before pasting into the
          regexp.  [André Malo]
        - Win32: Improve error reporting after a failed attempt to spawn a
          piped log process or rewrite map process.  [Jeff Trawick]
        - SECURITY: CAN-2004-0492 (cve.mitre.org)
          Reject responses from a remote server if sent an invalid (negative)
          Content-Length.  [Mark Cox]
        - Fix a bunch of cases where the return code of the regex compiler
          was not checked properly. This affects mod_usertrack and
          core. PR 28218.  [André Malo]
        - No longer breaks mod_dav, frontpage and others.  Repair a patch
          in 1.3.31 which prevented discarding the request body for requests
          that will be keptalive but are not currently keptalive. PR 29237.
          [Jim Jagielski, Rasmus Lerdorf]
        - COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT.
          It controls how UseCanonicalName Off determines the port value if
          the client doesn't provide one in the Host header. If defined during
          compilation, UseCanonicalName Off will use the physical port number to
          generate the canonical name. If not defined, it tries the current Port
          value followed by the default port for the current scheme.
          [Jim Jagielski]
---
        Module Name:	pkgsrc
        Committed By:	abs
        Date:		Fri Oct 29 13:48:31 UTC 2004

        Modified Files:
        	pkgsrc/www/apache: Makefile distinfo
        	pkgsrc/www/apache/patches: patch-aa patch-ab patch-ac patch-ad
                    patch-ae patch-af patch-ag patch-ah patch-ai patch-aj
                    patch-ak patch-am patch-ao
        Removed Files:
        	pkgsrc/www/apache/patches: patch-al

        Log Message:
        Update apache to 1.3.33

        The main security vulnerabilities addressed in 1.3.33 are:

            * CAN-2004-0940 (cve.mitre.org)
              Fix potential buffer overflow with escaped characters in SSI
              tag string.
            * CAN-2004-0492 (cve.mitre.org)
              Reject responses from a remote server if sent an invalid
              (negative) Content-Length.

        New features

            * Win32: Improve error reporting after a failed attempt to
              spawn a piped log process or rewrite map process.
            * Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It
              controls how UseCanonicalName Off determines the port value if
              the client doesn't provide one in the Host header. If defined
              during compilation, UseCanonicalName Off will use the physical
              port number to generate the canonical name. If not defined, it
              tries the current Port value followed by the default port for
              the current scheme.

        The following bugs were found in Apache 1.3.31 (or earlier) and
        have been fixed in Apache 1.3.33:

            * mod_rewrite: Fix query string handling for proxied URLs.
              PR 14518.
            * mod_rewrite: Fix 0 bytes write into random memory position.
              PR 31036.
            * mod_digest: Fix nonce string calculation since 1.3.31 which
              would force re-authentication for every connection if
              AuthDigestRealmSeed was not configured. PR 30920.
            * Fix trivial bug in mod_log_forensic that caused the child to
              seg fault when certain invalid requests were fired at it with
              forensic logging is enabled. PR 29313.
            * No longer breaks mod_dav, frontpage and others. Repair a
              patch in 1.3.31 which prevented discarding the request body
              for requests that will be keptalive but are not currently
              keptalive. PR 29237.
---
        Module Name:	pkgsrc
        Committed By:	salo
        Date:		Mon Nov 15 19:13:41 UTC 2004

        Modified Files:
        	pkgsrc/www/apache/patches: patch-ai

        Log Message:
        Revert rev 1.9, do not expand @INSTALL@, it's done in post-patch.
        (hi abs!)
---
        Module Name:	pkgsrc
        Committed By:	tron
        Date:		Tue Nov 16 08:23:45 UTC 2004

        Modified Files:
        	pkgsrc/www/apache: distinfo

        Log Message:
        Regen after "patch-ai" was changed. (hi salo!)

Revision 1.42 / (download) - annotate - [select for diffs], Fri Nov 26 18:52:47 2004 UTC (15 years ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)

Pass the DL_* flags to the compiler when building httpd so that dlopen
will work correctly on NetBSD-2.x.  This should fix PR pkg/29398.

Revision 1.41 / (download) - annotate - [select for diffs], Tue Nov 16 08:23:45 2004 UTC (15 years ago) by tron
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)

Regen after "patch-ai" was changed. (hi salo!)

Revision 1.40 / (download) - annotate - [select for diffs], Fri Oct 29 13:48:31 2004 UTC (15 years, 1 month ago) by abs
Branch: MAIN
Changes since 1.39: +16 -17 lines
Diff to previous 1.39 (colored)

Update apache to 1.3.33

The main security vulnerabilities addressed in 1.3.33 are:

    * CAN-2004-0940 (cve.mitre.org)
      Fix potential buffer overflow with escaped characters in SSI tag string.
    * CAN-2004-0492 (cve.mitre.org)
      Reject responses from a remote server if sent an invalid
      (negative) Content-Length.

New features

    * Win32: Improve error reporting after a failed attempt to
      spawn a piped log process or rewrite map process.
    * Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It
      controls how UseCanonicalName Off determines the port value if
      the client doesn't provide one in the Host header. If defined
      during compilation, UseCanonicalName Off will use the physical
      port number to generate the canonical name. If not defined, it
      tries the current Port value followed by the default port for
      the current scheme.

The following bugs were found in Apache 1.3.31 (or earlier) and
have been fixed in Apache 1.3.33:

    * mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
    * mod_rewrite: Fix 0 bytes write into random memory position. PR 31036.
    * mod_digest: Fix nonce string calculation since 1.3.31 which
      would force re-authentication for every connection if
      AuthDigestRealmSeed was not configured. PR 30920.
    * Fix trivial bug in mod_log_forensic that caused the child to
      seg fault when certain invalid requests were fired at it with
      forensic logging is enabled. PR 29313.
    * No longer breaks mod_dav, frontpage and others. Repair a
      patch in 1.3.31 which prevented discarding the request body
      for requests that will be keptalive but are not currently
      keptalive. PR 29237.

Revision 1.39 / (download) - annotate - [select for diffs], Mon Oct 25 08:44:16 2004 UTC (15 years, 1 month ago) by tron
Branch: MAIN
Changes since 1.38: +5 -6 lines
Diff to previous 1.38 (colored)

Update "apache" package to version 1.3.32. Changes since version 1.3.31:
- mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
  [michael teitler <michael.teitler cetelem.fr>,
   Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
- mod_rewrite: Fix 0 bytes write into random memory position.
  PR 31036. [André Malo]
- mod_digest: Fix nonce string calculation since 1.3.31 which
  would force re-authentication for every connection if
  AuthDigestRealmSeed was not configured.  PR 30920.  [Joe Orton]
- Trigger an error when a LoadModule directive attempts to
  load a module which is built-in.  This is a common error when
  switching from a DSO build to a static build.
  [Jeff Trawick, Geoffrey Young]
- Fix trivial bug in mod_log_forensic that caused the child
  to seg fault when certain invalid requests were fired at it with
  forensic logging is enabled.  PR 29313.
  [Will Slater <Will Slater orbisuk.com>]
- Fix memory leak in the cache handling of mod_rewrite. PR 27862.
  [chunyan sheng <shengperson yahoo.com>, André Malo]
- mod_rewrite no longer confuses the RewriteMap caches if
  different maps defined in different virtual hosts use the
  same map name. PR 26462.  [André Malo]
- mod_setenvif: Remove "support" for Remote_User variable which
  never worked at all. PR 25725.  [André Malo]
- mod_usertrack: Escape the cookie name before pasting into the
  regexp.  [André Malo]
- Win32: Improve error reporting after a failed attempt to spawn a
  piped log process or rewrite map process.  [Jeff Trawick]
- SECURITY: CAN-2004-0492 (cve.mitre.org)
  Reject responses from a remote server if sent an invalid (negative)
  Content-Length.  [Mark Cox]
- Fix a bunch of cases where the return code of the regex compiler
  was not checked properly. This affects mod_usertrack and
  core. PR 28218.  [André Malo]
- No longer breaks mod_dav, frontpage and others.  Repair a patch
  in 1.3.31 which prevented discarding the request body for requests
  that will be keptalive but are not currently keptalive. PR 29237.
  [Jim Jagielski, Rasmus Lerdorf]
- COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT.
  It controls how UseCanonicalName Off determines the port value if
  the client doesn't provide one in the Host header. If defined during
  compilation, UseCanonicalName Off will use the physical port number to
  generate the canonical name. If not defined, it tries the current Port
  value followed by the default port for the current scheme.
  [Jim Jagielski]

Revision 1.38 / (download) - annotate - [select for diffs], Mon Oct 18 09:28:08 2004 UTC (15 years, 1 month ago) by tron
Branch: MAIN
Changes since 1.37: +3 -3 lines
Diff to previous 1.37 (colored)

Use "mod_ssl-2.8.20" sources for SSL hooks, bump package revision.

Revision 1.36.2.1 / (download) - annotate - [select for diffs], Thu Sep 30 13:58:22 2004 UTC (15 years, 2 months ago) by agc
Branch: pkgsrc-2004Q3
Changes since 1.36: +2 -1 lines
Diff to previous 1.36 (colored)

Pullup ticket 114, requested by Matthias Scheler.

Security fix for apache

	Modified Files:
		pkgsrc/www/apache: Makefile distinfo
	Added Files:
		pkgsrc/www/apache/patches: patch-ap

	Log Message:
	Apply fix for security vulnerability in proxy module reported in
	CAN-2004-0492. Bump package revision package of this.

Revision 1.37 / (download) - annotate - [select for diffs], Fri Sep 24 06:04:00 2004 UTC (15 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.36: +2 -1 lines
Diff to previous 1.36 (colored)

Apply fix for security vulnerability in proxy module reported in
CAN-2004-0492. Bump package revision package of this.

Revision 1.35.2.1 / (download) - annotate - [select for diffs], Tue Jul 20 21:56:58 2004 UTC (15 years, 4 months ago) by agc
Branch: pkgsrc-2004Q2
Changes since 1.35: +3 -3 lines
Diff to previous 1.35 (colored) next main 1.36 (colored)

Pull up ticket 62 to the pkgsrc-2004Q2 branch, requested by Grant Beattie.

Security fix for ap-ssl and apache:

	Module Name:    pkgsrc
	Committed By:   tron
	Date:           Sat Jul 17 12:44:28 UTC 2004

	Modified Files:
		pkgsrc/www/apache: Makefile distinfo

	Log Message:
	Use "mod_ssl-2.8.19" sources for SSL hooks, bump package revision.

and

	Module Name:    pkgsrc
	Committed By:   tron
	Date:           Sat Jul 17 12:43:37 UTC 2004

	Modified Files:
		pkgsrc/www/ap-ssl: Makefile distinfo

	Log Message:
	Update "ap-ssl" package to version 2.8.19:
	- Fix ssl_log() related format string vulnerability in mod_proxy
	  hook functions.

Revision 1.36 / (download) - annotate - [select for diffs], Sat Jul 17 12:44:28 2004 UTC (15 years, 4 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base
Branch point for: pkgsrc-2004Q3
Changes since 1.35: +3 -3 lines
Diff to previous 1.35 (colored)

Use "mod_ssl-2.8.19" sources for SSL hooks, bump package revision.

Revision 1.30.2.3 / (download) - annotate - [select for diffs], Mon May 31 10:38:14 2004 UTC (15 years, 6 months ago) by grant
Branch: pkgsrc-2004Q1
Changes since 1.30.2.2: +3 -3 lines
Diff to previous 1.30.2.2 (colored) to branchpoint 1.30 (colored) next main 1.31 (colored)

Pull up revision 1.35 (requested by taca in ticket #33):

Compile with version 2.8.18 of "mod_ssl" instead with the (reported to
be vulnerable) version 2.8.17. Bump package revision because of this.

Revision 1.35 / (download) - annotate - [select for diffs], Sun May 30 12:37:15 2004 UTC (15 years, 6 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base
Branch point for: pkgsrc-2004Q2
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)

Compile with version 2.8.18 of "mod_ssl" instead with the (reported to
be vulnerable) version 2.8.17. Bump package revision because of this.

Revision 1.30.2.2 / (download) - annotate - [select for diffs], Wed May 26 10:55:57 2004 UTC (15 years, 6 months ago) by grant
Branch: pkgsrc-2004Q1
Changes since 1.30.2.1: +6 -9 lines
Diff to previous 1.30.2.1 (colored) to branchpoint 1.30 (colored)

Pull up revisions 1.33-1.34 (requested by taca in ticket #31):

Update apache package to 1.3.31.
Regenerate patch-aa to obtain correct offsets so this works with
Linux 'patch'.

Revision 1.34 / (download) - annotate - [select for diffs], Thu May 13 21:21:27 2004 UTC (15 years, 7 months ago) by abs
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

Regenerate patch-aa to obtain correct offsets so this works with Linux 'patch'.
No functional change (other than building again on Linux)

Revision 1.33 / (download) - annotate - [select for diffs], Thu May 13 11:39:09 2004 UTC (15 years, 7 months ago) by taca
Branch: MAIN
Changes since 1.32: +5 -9 lines
Diff to previous 1.32 (colored)

Update apache package to 1.3.31.


                     Apache 1.3.31 Major changes

  Security vulnerabilities

     * CAN-2003-0987 (cve.mitre.org)
       In mod_digest, verify whether the nonce returned in the client
       response is one we issued ourselves.  This problem does not affect
       mod_auth_digest.

     * CAN-2003-0020 (cve.mitre.org)
       Escape arbitrary data before writing into the errorlog.

     * CAN-2004-0174 (cve.mitre.org)
       Fix starvation issue on listening sockets where a short-lived
       connection on a rarely-accessed listening socket will cause a
       child to hold the accept mutex and block out new connections until
       another connection arrives on that rarely-accessed listening socket.

     * CAN-2003-0993 (cve.mitre.org)
       Fix parsing of Allow/Deny rules using IP addresses without a
       netmask; issue is only known to affect big-endian 64-bit
       platforms

  New features

   New features that relate to specific platforms:

     * Linux 2.4+: If Apache is started as root and you code
       CoreDumpDirectory, core dumps are enabled via the prctl() syscall.

   New features that relate to all platforms:

     * Add mod_whatkilledus and mod_backtrace (experimental) for
       reporting diagnostic information after a child process crash.

     * Add fatal exception hook for running diagnostic code after a
       crash.

     * Forensic logging module added (mod_log_forensic)

     * '%X' is now accepted as an alias for '%c' in the
       LogFormat directive. This allows you to configure logging
       to still log the connection status even with mod_ssl

  Bugs fixed

   The following noteworthy bugs were found in Apache 1.3.29 (or earlier)
   and have been fixed in Apache 1.3.31:

     * Fix memory corruption problem with ap_custom_response() function.
       The core per-dir config would later point to request pool data
       that would be reused for different purposes on different requests.

     * mod_usertrack no longer inspects the Cookie2 header for
       the cookie name. It also no longer overwrites other cookies.

     * Fix bug causing core dump when using CookieTracking without
       specifying a CookieName directly.

     * UseCanonicalName off was ignoring the client provided
       port information.

Revision 1.30.2.1 / (download) - annotate - [select for diffs], Tue Apr 27 08:14:40 2004 UTC (15 years, 7 months ago) by agc
Branch: pkgsrc-2004Q1
Changes since 1.30: +4 -1 lines
Diff to previous 1.30 (colored)

Pull up security fix to the pkgsrc-2004Q1 branch.

Requested by taca in ticket pkgsrc-16 (and 12, I think).

"Add three patches to resolve security issue:
SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog

The three patches are from Apache cvs.
http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/

Also bump PKGREVISION too."

Revision 1.32 / (download) - annotate - [select for diffs], Mon Apr 26 20:06:58 2004 UTC (15 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.31: +2 -1 lines
Diff to previous 1.31 (colored)

Convert to use bdb.buildlink3.mk and fix sources so that we can use db4.

Revision 1.31 / (download) - annotate - [select for diffs], Wed Apr 7 22:35:01 2004 UTC (15 years, 8 months ago) by tron
Branch: MAIN
Changes since 1.30: +4 -1 lines
Diff to previous 1.30 (colored)

Fix patch checksums and bump package revision again because the security
patches weren't applied before.

Revision 1.30 / (download) - annotate - [select for diffs], Sat Feb 28 22:15:30 2004 UTC (15 years, 9 months ago) by snj
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base
Branch point for: pkgsrc-2004Q1
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Use ${CHGRP} instead of chgrp.  From Georg Schwarz in PR pkg/24594.

Revision 1.29 / (download) - annotate - [select for diffs], Sun Nov 2 05:36:56 2003 UTC (16 years, 1 month ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Changes since 1.28: +5 -9 lines
Diff to previous 1.28 (colored)

Updated apache to 1.3.29.

Major changes since 1.3.28:

  Security vulnerabilities

     * CAN-2003-0542 (cve.mitre.org)
       Fix buffer overflows in mod_alias and mod_rewrite which occurred if
       one configured a regular expression with more than 9 captures.

  Bugs fixed

   The following noteworthy bugs were found in Apache 1.3.28 (or earlier)
   and have been fixed in Apache 1.3.29:

     * Within ap_bclose(), ap_pclosesocket() is now called
     * consistently
       for sockets and ap_pclosef() for files.  Also, closesocket()
       is used consistenly to close socket fd's.  The previous
       confusion between socket and file fd's would cause problems
       with some applications now that we proactively close fd's to
       prevent leakage.

     * Fixed mod_usertrack to not get false positive matches on the
       user-tracking cookie's name.

     * Prevent creation of subprocess Zombies when using CGI wrappers
       such as suEXEC and cgiwrap.

Revision 1.28 / (download) - annotate - [select for diffs], Wed Oct 29 10:43:23 2003 UTC (16 years, 1 month ago) by cube
Branch: MAIN
Changes since 1.27: +5 -1 lines
Diff to previous 1.27 (colored)

Import security fix from 1.3.29 distribution for a buffer overflow in
mod_rewrite and mod_alias, referenced CAN-2003-0542. Bump PKGREVISION.

Revision 1.25.2.1 / (download) - annotate - [select for diffs], Tue Aug 5 11:44:34 2003 UTC (16 years, 4 months ago) by grant
Branch: netbsd-1-6-1
Changes since 1.25: +5 -5 lines
Diff to previous 1.25 (colored) next main 1.26 (colored)

Pull up revisions 1.26-1.27 (requested by tron in ticket #1380):

Update to 1.3.27nb4: compile with mod-ssl-2.8.14.
Remove quite some lint while here.

Update "apache" package to version 1.3.28.

Revision 1.27 / (download) - annotate - [select for diffs], Sat Jul 19 12:31:06 2003 UTC (16 years, 4 months ago) by tron
Branch: MAIN
Changes since 1.26: +5 -5 lines
Diff to previous 1.26 (colored)

Update "apache" package to version 1.3.28. Changes since version 1.3.27:
- SECURITY: CAN-2003-0460 (cve.mitre.org)
  Fix the rotatelogs support program on Win32 and OS/2 to ignore
  special control characters received over the pipe.  Previously
  such characters could cause it to quit logging and exit.
  [André Malo]
- Prevent the server from crashing when entering infinite loops. The
  new LimitInternalRecursion directive configures limits of subsequent
  internal redirects and nested subrequests, after which the request
  will be aborted.  PR 19753 (and probably others).
  [William Rowe, Jeff Trawick, Jim Jagielski, André Malo]
- Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
  response. PR 21085. [Glenn Nielsen <glenn@apache.org>, André Malo]
- Removed BIND_NOSTART from HP/UX shl_load() logic for loadable
  Apache modules, so that statics are initialized when the module
  is loaded (especially critical for c++ modules on HPUX.)
  [William Rowe, Noah Arliss <narliss@netegrity.com>]
- Win32 build system changes; always recompile buildmark.c (used for
  Apache -v 'server built' messages) even when Apache is built from
  within the IDE; build test_char.h and uri_delims.h from within the
  ApacheCore.dsp project.  PR 12706.  [William Rowe]
- Introduce Win32 .pdb diagnostic symbols into the Apache 1.3 build
  (as created in Apache 2.0.45 and later.)  Makes debugging and
  analysis of crash dumps and Dr. Watson logs trivial.  Requires the
  Win32 binary builder to set aside the exact .pdb files that match
  the released binaries (.exe/.so files) for reference by users and
  developers.  [William Rowe]
- Make sure the accept mutex is released before calling child exit
  hooks and cleanups.  Otherwise, modules can segfault in such code
  and, with pthread mutexes, leave the server deadlocked.  Even if
  the module doesn't segfault, if it performs extensive processing
  it can temporarily prevent the server from accepting new
  connections.  [Jeff Trawick]
- Fix mod_rewrite's handling of absolute URIs. The escaping routines
  now work scheme dependent and the query string will only be
  appended if supported by the particular scheme.  [André Malo]
- Use appropriate language codes for Czech (cs) and Traditional Chinese
  (zh-tw) in default config files. PR 9427.  [André Malo]
- Don't block synchronous signals (e.g., SIGSEGV) while waiting for
  and holding a pthread accept mutex.  [Jeff Trawick]
- AIX: Change the default accept mechanism from pthread back to
  fcntl.  Idle child cleanup doesn't work when the child selected
  for termination by the parent is waiting on a pthread mutex, and
  because the AIX kernel's notion of hot process is apparently the
  same as Apache's, it is common for the Apache parent to continually
  select a child for termination that the kernel will leave waiting
  on the mutex for extended periods of time.  There are other
  concerns with pthread mutexes as well, such as the ability to
  deadlock the server if a child process segfaults while holding the
  mutex.  [Jeff Trawick]
- Fix a pair of potential buffer overflows in htdigest
  [Martin Schulze <joey@infodrom.org>, Thom May]
- A newly created child now has a start_time of 0, to prevent
  mod_status from displaying a bogus value for the "time to
  process most recent request" column for freshly-started children
  in a previously-used scoreboard slot. [Martin Kraemer]
- When using Redirect in directory context, append requested query
  string if there's no one supplied by configuration. PR 10961.
  [André Malo]
- Fix path handling of mod_rewrite, especially on non-unix systems.
  There was some confusion between local paths and URL paths.
  PR 12902.  [André Malo]
- backport from 2.x series: Prevent endless loops of internal redirects
  in mod_rewrite by aborting after exceeding a limit of internal redirects.
  The limit defaults to 10 and can be changed using the RewriteOptions
  directive. PR 17462.  [André Malo]
- Use the correct locations of srm.conf and access.conf when tailoring
  the httpd.conf during the install process. PR 9446.
  [Stanislav Brabec <utx@penguin.cz>]
- suexec: Be more pedantic when cleaning environment. Clean it
  immediately after startup. PR 2790, 10449.
  [Jeff Stewart <jws@purdue.edu>, André Malo]
- Fix apxs to insert LoadModule/AddModule directives only outside of
  sections. PR 8712, 9012.  [André Malo]
- Fix suexec compile error under SUNOS4, where strerror() doesn't
  exist. PR 5913, 9977.
  [Jonathan W Miner <Jonathan.W.Miner@lmco.com>]
- Unix build: Add support for environment variable
  EXTRA_LDFLAGS_SHLIB, which allows the user to add to the hard-coded
  ld flags specified for DSOs.  Compare with the existing LDFLAGS_SHLIB
  environment variable, which allows the user to completely replace the
  hard-coded ld flags specified for DSOs.  [Jeff Trawick]
- mod_auth_digest no longer tries to guess AuthDigestDomain, if it's
  not specified. Now it assumes "/" as already documented. PR 16937.
  [André Malo]
- In configure always assume suexec-umask to be an octal value by
  prepending a "0". PR 16984.  [André Malo]
- Fix typo in suexec -V output. PR 9034.
  [Youichirou Koga <y-koga@apache.or.jp>]
- Fix bug where 'Satisfy Any' without an AuthType resulted in an
  "Internal Server Error" response. PR 9076.  [André Malo]
- mod_rewrite: Allow "RewriteEngine Off" even if no
  "Options FollowSymlinks" (or SymlinksIfOwnermatch) is set.
  PR 12395.  [André Malo]
- Change the log messages for setsockopt(TCP_NODELAY) and
  getsockname() failures to log the client IP address and to
  change the log level to debug.  [Jeff Trawick]
- Correction to mod_negotation for Win32, OS2, Netware etc, where
  case insensitive requests such as the HEADER or README search
  from autoindex would fail to match HEADER.html (because the
  system internally looked for the case-sensitive header.* pattern.)
  PR 7300 [William Rowe]
- Correction to mod_autoindex so that only text/* files (prefering
  /html, then /plain, then some other flavor) can be recovered
  from a multiview-based HEADER or README subrequest.
  [William Rowe]
- Improvements to mod_usertrack that allows for a regular (verbose)
  as well as "compact" version of the tracking cookie (the new
  'CookieFormat' directive), and the ability to prepend a string
  to the cookie via the 'CookiePrefix' directive.
  [Pål Løberg <pallo@initio.no>, with cleanup by Jim Jagielski]
- Certain 3rd party modules would bypass the Apache API and not
  invoke ap_cleanup_for_exec() before creating sub-processes.
  To such a child process, Apache's file descriptors (lock
  fd's, log files, sockets) were accessible, allowing them
  direct access to Apache log file etc.  Where the OS allows,
  we now add proactive close functions to prevent these file
  descriptors from leaking to the child processes.
  [Jim Jagielski, Martin Kraemer]
- Prevent obscenely large values of precision in ap_vformatter
  from clobbering a buffer. [Sander Striker, Jim Jagielski]
- NetWare: implemented ap_os_default_port() to resolve the
  correct default port based on the request method. This fixes
  a URL reconstruction problem on a redirect.
  [Pavel Novy (novy@feld.cvut.cz)]
- Added new ap_register_cleanup_ex() API function which allows
  for a "magic" cleanup function to be run at register time
  rather than at cleanup time. Also added the
  ap_note_cleanups_for_(socket|fd|file)_ex() API functions
  which allows for control over whether that magic cleanup
  should be called or not. This does not change the default
  behavior of the non-"ex" function (eg: ap_register_cleanup).
  [Jim Jagielski, concept by Ben Laurie]
- PORT: Take advantage of OpenBSD's arc4random() function for the
  initial secret [Henning Brauer <hb-apache-dev at bsws.de>]
- If Listen directive is not a port, but just an IP, emit an
  error condition as this case is ambiguous.
  [Rich Bowen, Justin Erenkrantz, Cliff Woolley]
- Update timeout algorithm in free_proc_chain. If a subprocess
  did not exit immediately, the thread would sleep for 3 seconds
  before checking the subprocess exit status again. In a very
  common case when the subprocess was an HTTP server CGI script,
  the CGI script actually exited a fraction of a second into the 3
  second sleep, which effectively limited the server to serving one
  CGI request every 3 seconds across a persistent connection.
  PRs 6961, 8664 [Bill Stoddard]
- mod_setenvif: Add SERVER_ADDR special keyword to allow
  envariable setting according to the server IP address
  which received the request.  [Ken Coar]
- PORT: Enable SINGLE_LISTEN_UNSERIALIZED_ACCEPT for AIX 4.3.2
  and above.  Update AIX configure logic to allow higher AIX
  release numbers without having to change Apache.
  [Jeff Trawick]

Revision 1.26 / (download) - annotate - [select for diffs], Thu Apr 10 08:25:21 2003 UTC (16 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.25: +3 -3 lines
Diff to previous 1.25 (colored)

Update to 1.3.27nb4: compile with mod-ssl-2.8.14.
Remove quite some lint while here.

Revision 1.25 / (download) - annotate - [select for diffs], Mon Jan 20 22:58:26 2003 UTC (16 years, 10 months ago) by jschauma
Branch: MAIN
CVS Tags: netbsd-1-6-1-base
Branch point for: netbsd-1-6-1
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Make this use ${CHOWN}, ${CHMOD}, ${XARGS} and ${FIND}, rather than the
hard-coded commands, which may not be in the PATH depending on the operating
system.  This partly addresses PR pkg/19804.

Revision 1.24 / (download) - annotate - [select for diffs], Fri Oct 25 09:00:29 2002 UTC (17 years, 1 month ago) by tron
Branch: MAIN
Changes since 1.23: +3 -3 lines
Diff to previous 1.23 (colored)

Update "apache" package to version 1.3.27nb1 which is now based version
2.8.12-1.3.27 of "mod_ssl" module so that one doesn't need two version
of the "mod_ssl" sources to build "apache".

Revision 1.21.6.1 / (download) - annotate - [select for diffs], Fri Oct 11 21:09:05 2002 UTC (17 years, 2 months ago) by agc
Branch: netbsd-1-6
Changes since 1.21: +5 -5 lines
Diff to previous 1.21 (colored) next main 1.22 (colored)

Pullup the following versions:

ap-ssl/Makefile 1.61
ap-ssl/distinfo 1.14
apache/Makefile 1.108
apache/PLIST 1.7
apache/distinfo 1.23

to the netbsd-1-6 branch of pkgsrc.

Requested by Manuel Bouyer.

These patches update apache and ap-ssl for securities issues.  Tested
on one 1.6 and 2 1.5.3 servers with a few other modules (ap-php,
ap-roaming) without problems.

Revision 1.23 / (download) - annotate - [select for diffs], Fri Oct 4 19:14:03 2002 UTC (17 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.22: +5 -5 lines
Diff to previous 1.22 (colored)

Update "apache" package to version 1.3.27. This version fixes many bugs
discovered in version 1.3.26 including these security fixes:
- SECURITY: CAN-2002-0840 (cve.mitre.org)
  Prevent a cross-site scripting vulnerability in the default
  error page.  The issue could only be exploited if the directive
  UseCanonicalName is set to Off and a server is being run at
  a domain that allows wildcard DNS.  [Matthew Murphy]
- SECURITY CAN-2002-0843 (cve.mitre.org)
  Fix some possible overflows in ab.c that could be exploited by
  a malicious server. Reported by David Wagner. [Jim Jagielski]
- SECURITY CAN-2002-0839 (cve.mitre.org)
  Add the new directive 'ShmemUIDisUser'. By default, Apache
  will no longer set the uid/gid of SysV shared memory scoreboard
  to User/Group, and it will therefore stay the uid/gid of
  the parent Apache process. This is actually the way it should
  be, however, some implementations may still require this, which
  can be enabled by 'ShmemUIDisUser On'.  Reported by iDefense.
  [Jim Jagielski]

Revision 1.22 / (download) - annotate - [select for diffs], Sun Aug 25 18:40:18 2002 UTC (17 years, 3 months ago) by jlam
Branch: MAIN
Changes since 1.21: +1 -1 lines
Diff to previous 1.21 (colored)

Merge changes in packages from the buildlink2 branch that have
buildlink2.mk files back into the main trunk.  This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.

Revision 1.15.2.2 / (download) - annotate - [select for diffs], Thu Aug 22 11:12:56 2002 UTC (17 years, 3 months ago) by jlam
Branch: buildlink2
Changes since 1.15.2.1: +3 -3 lines
Diff to previous 1.15.2.1 (colored) to branchpoint 1.15 (colored) next main 1.16 (colored)

Merge changes from pkgsrc-current into the buildlink2 branch for the
packages that have buildlink2.mk files.

Revision 1.21 / (download) - annotate - [select for diffs], Mon Jun 24 16:26:19 2002 UTC (17 years, 5 months ago) by taca
Branch: MAIN
CVS Tags: pkgviews-base, pkgviews, netbsd-1-6-RELEASE-base, buildlink2-base
Branch point for: netbsd-1-6
Changes since 1.20: +3 -3 lines
Diff to previous 1.20 (colored)

Update to mod_ssl to 2.8.10.  Since apache package contains it,
bump PKGREVISION.


  Changes with mod_ssl 2.8.10 (19-Jun-2002 to 24-Jun-2002)

   *) Fixed off-by-one buffer overflow bug in the compatibility
      functionality (mapping of old directives to new ones).

   *) Fixed memory leak in processing of CA certificates.

   *) In case there is actually a certificate chain in the session cache,
      we now use the value of SSL_get_peer_certificate(ssl) to verify as
      it will have been removed from the chain before it was put in the
      cache.

   *) Seed the PRNG with a maximum of 1K from the internal scoreboard.

Revision 1.15.2.1 / (download) - annotate - [select for diffs], Sun Jun 23 19:03:26 2002 UTC (17 years, 5 months ago) by jlam
Branch: buildlink2
Changes since 1.15: +7 -6 lines
Diff to previous 1.15 (colored)

Merge from pkgsrc-current to buildlink2 branch.

Revision 1.20 / (download) - annotate - [select for diffs], Thu Jun 20 17:12:37 2002 UTC (17 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.19: +3 -2 lines
Diff to previous 1.19 (colored)

- Add share/httpd/htdocs/index.html.lb.utf8 to PLIST.
- Prevent chown whole files under ${PREFIX}/share/httpd.

Revision 1.19 / (download) - annotate - [select for diffs], Wed Jun 19 11:03:59 2002 UTC (17 years, 5 months ago) by jdolecek
Branch: MAIN
Changes since 1.18: +3 -3 lines
Diff to previous 1.18 (colored)

update for now-available mod_ssl-2.8.9-1.3.26

Revision 1.18 / (download) - annotate - [select for diffs], Wed Jun 19 10:31:01 2002 UTC (17 years, 5 months ago) by jdolecek
Branch: MAIN
Changes since 1.17: +1 -2 lines
Diff to previous 1.17 (colored)

g/c patch-an, this is fixed by Apache 1.3.26 different way

Revision 1.17 / (download) - annotate - [select for diffs], Wed Jun 19 10:17:59 2002 UTC (17 years, 5 months ago) by jdolecek
Branch: MAIN
Changes since 1.16: +3 -3 lines
Diff to previous 1.16 (colored)

Update apache to 1.3.26.

Custom mod_ssl eapi patch used for now, since update of mod_ssl for 1.3.26
isn't available yet.

This fixes the CAN-2002-0392 (mitre.org) [CERT VU#944335] security
issue. For full list of changes, see
	http://www.apache.org/dist/httpd/CHANGES_1.3

Revision 1.16 / (download) - annotate - [select for diffs], Tue Jun 18 01:45:36 2002 UTC (17 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)

http chunk transfer vulnerability
http://httpd.apache.org/info/security_bulletin_20020617.txt

Revision 1.15 / (download) - annotate - [select for diffs], Tue Apr 2 14:13:02 2002 UTC (17 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Changes since 1.14: +6 -6 lines
Diff to previous 1.14 (colored)

Update www/apache to 1.3.24 with EAPI patch from mod_ssl-2.8.8-1.3.24.
Relevant changes from version 1.3.23 include:

     * Prevent invalid client hostnames from appearing in the log file.
     * Various mod_proxy improvements, such as the new ProxyIOBufferSize
       directive.
     * The new ''IgnoreCase' keyword to the IndexOptions directive.
     * mod_rewrite's 'rnd' was broken and has been fixed.
     * The '-S' option of 'apxs' was not able to handle quotes; also 'apxs'
       is now rebuilt when options are changed.
     * proxy now correctly handles Cookies and X-Cache headers.
     * Fixed a problem in TPF when we were using the wrong subpool when
       opening the error log.
     * pthread accept() mutexes on Solaris were broken (since we were
       not linking against pthread)

Revision 1.14 / (download) - annotate - [select for diffs], Thu Mar 28 17:17:08 2002 UTC (17 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.13: +2 -1 lines
Diff to previous 1.13 (colored)

Fix build on arm-elf.

Revision 1.13 / (download) - annotate - [select for diffs], Thu Feb 28 05:45:33 2002 UTC (17 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.12: +4 -3 lines
Diff to previous 1.12 (colored)

Update www/apache to 1.3.23nb1.  Changes from version 1.3.23 include using
the EAPI patches from modssl-2.8.7-1.3.23.  Also, link against the MM
Shared Memory library (devel/libmm) to provide shared memory support in
Apache/EAPI.  For example, this allows mod_ssl to use a high-performance
RAM-based session cache instead of a disk-based one.

Revision 1.12 / (download) - annotate - [select for diffs], Fri Feb 1 16:04:39 2002 UTC (17 years, 10 months ago) by jlam
Branch: MAIN
Changes since 1.11: +8 -8 lines
Diff to previous 1.11 (colored)

Update apache to 1.3.23 with the EAPI patch from mod_ssl-2.8.6-1.3.23.

   The main new features in 1.3.23 (compared to 1.3.22) are:

     * HTTP/1.1 support for mod_proxy.
     * Other mod_proxy improvements.
     * The new 'FileETag' directive to allow one to build the
       format of the ETag via runtime directives.
     * Addition of a 'filter callback' function to enable modules to
       intercept the output byte stream for dynamic page caching.

   The following bugs were found in Apache 1.3.22 and have been fixed in
   Apache 1.3.23:

     * Fix incorrect "Content-Length" header in the 416 response.
     * Revert mod_negotation's handling of path_info and query_args
       to the 1.3.20 behavior (PRs: 8628, 8582, 8538).
     * Prevent an Apache module from being loaded or added twice due
       to duplicate LoadModule or AddModule directives.

Revision 1.11 / (download) - annotate - [select for diffs], Tue Jan 1 06:12:05 2002 UTC (17 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Fix installation so that existing config files are preserved when building
from source instead of installing from a binary package (problem noted in
private email by George Coulouris <george@coulouris.org>.  Also move the
ownership of SSL-related config directories to the www/ap-ssl package.

Revision 1.10 / (download) - annotate - [select for diffs], Thu Nov 15 05:32:56 2001 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

Fix installation when an old config file exists.

Revision 1.9 / (download) - annotate - [select for diffs], Mon Oct 22 18:02:52 2001 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

Don't do the dance with ROOT_GROUP.  Apache extension modules installed by
apxs are now installed with "${INSTALL} -c -o ${LIBOWN} -g ${LIBGRP}",
which should do the right thing regardless of the platform.  ${INSTALL} is
replaced with the full path to the install program used by pkgsrc, which
should be /usr/bin/install on NetBSD, and /usr/ucb/install on Solaris.

This should fix pkg/14232 by Pierre Bourgin.

Revision 1.8 / (download) - annotate - [select for diffs], Fri Oct 19 09:52:23 2001 UTC (18 years, 1 month ago) by veego
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

Define a ROOT_GROUP, which defaults to root on SunOS, otherwise to wheel.
Using -o 0 and -g 0 doesn't work with the ucb install on Solaris.

Revision 1.7 / (download) - annotate - [select for diffs], Wed Oct 17 19:17:00 2001 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.6: +9 -9 lines
Diff to previous 1.6 (colored)

Update apache to 1.3.22.  Relevant changes from version 1.3.20 include
using the pkgsrc expat library instead of the builtin one (this is to
avoid conflicts between expat libraries when an expat XML parser is loaded
by either mod_perl or mod_php), and:

  Security vulnerabilities

     * A vulnerability was found in the split-logfile support program. A
       request with a specially crafted Host: header could allow any file
       with a .log extension on the system to be written to.
     * A vulnerability was found when Multiviews are used to negotiate
       the directory index. In some configurations, requesting a URI with
       a QUERY_STRING of M=D could return a directory listing rather than
       the expected index page.

  General bug fixes and improvements

     * Bug fixes
     * The supplied icons are now also distributed in PNG format
     * New directives have been added to the mod_usertrack module, The
       first, CookieDomain, can be used to customise the Domain
       attribute.
     * A new directive, AcceptMutex, allows run-time configuration of the
       mutex type used for accept serialization.
     * mod_auth has been enhanced to allow access to a document to be
       controlled based on the owner of the file being served.
     * A new directive, AcceptFilter, has been added to control BSD
       accept filters at run-time. The functionality can postpone the
       requirement for a child process to handle a new connection until
       an HTTP request has arrived, therefore increasing the number of
       connections that a given number of child processes can handle

Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 16 04:11:06 2001 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)

Update apache{,6} to 1.3.20nb1.  Changes from version 1.3.20 are:

On NetBSD, we need to link libgcc.a whole-archive so that certain symbols
from the C++ implementation (__get_eh_context, etc.) referenced by DSOs
written in C++ will resolve correctly.  This makes php4-sablot work with
mod_php4.so (from ap-php4) on ELF platforms when loaded by Apache's httpd.

Revision 1.5 / (download) - annotate - [select for diffs], Sat Jun 9 06:36:42 2001 UTC (18 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.4: +8 -7 lines
Diff to previous 1.4 (colored)

Update apache to 1.3.20.  Relevant changes from version 1.3.19 include:

   NetBSD Packages Collection (pkgsrc) changes:
     * Modify French page in same way as the English page.  Translation
       provided by Remi Zara <remi_zara@mac.com> in private e-mail.
     * Use EAPI patches from mod_ssl-2.8.4-1.3.20.
     * Unify repeated SED replacement info for config.layout, apache.sh,
       DEINSTALL, and INSTALL into one location, FILES_SUBST.
     * Modify patch to apxs to use 0:0 instead of root:wheel, as some
       non-NetBSD systems don't have a wheel group.

   The general bug fixes:
     * Eliminate a potential segfault if an invalid floating point value
       is passed to the ap_snprintf() function, on platforms supporting
       isnan() and isinf().
     * Fix a possible segfault at startup in the detection of a default
       ServerName or IP string when no ServerName was specified.
     * Fixed mod_proxy to retain empty headers, as allowed by RFC2068.
     * Properly resolve the location of ndbm on Linux and some glibc2
       builds, where ndbm.h is in the nonstandard db1/ subdir.

   The main new features include:
     * Enhanced rotatelogs to allow a UTC offset to be specified, and
       the format logfile names with human-readable date/time stamps.
     * Added the NOESCAPE (NS) flag to RewriteRule, to disable *all*
       normal URI escaping.  Note incautious use can give unexpected
       results or introduce security risks.
     * Added the '\' character to RewriteRule to allow escaping of
       special characters.  Allows embedding of both the '$' and '%'
       characters in the results, so 'foo\$1' translates to 'foo$1'
       rather than 'foo\<value of $1>'.
     * Added the -V flag to suexec, to display the compile-time settings
       with which it was built.  (Only valid for root or the HTTPD_USER
       username.)
     * Introduced EBCDIC conversion configuration options, controlling the
       conversion based on MIME type or file suffix.

Revision 1.4 / (download) - annotate - [select for diffs], Mon May 14 14:02:02 2001 UTC (18 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)

Update apache to 1.3.19nb2.  The only change from version 1.3.19nb1 is using
the updated EAPI patches from mod_ssl-2.8.3-1.3.19 which includes the
following fix:

   *) Fixed EAPI context usage in http_request.c: a context pointer
      potentially can be NULL requests and can cause a segfault if
      dereferenced.

Revision 1.3 / (download) - annotate - [select for diffs], Sun Apr 29 20:42:28 2001 UTC (18 years, 7 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)

Update apache to 1.3.19nb1.  Changes from 1.3.19 include using mod_ssl
2.8.2 patches and more thorough use of APACHE_SYSCONFDIR setting.

Revision 1.2 / (download) - annotate - [select for diffs], Fri Apr 20 12:02:33 2001 UTC (18 years, 7 months ago) by skrll
Branch: MAIN
Changes since 1.1: +7 -4 lines
Diff to previous 1.1 (colored)

Move to sha1 digests, and add distfile sizes.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Apr 17 12:12:29 2001 UTC (18 years, 7 months ago) by agc
Branch: MAIN

+ move the distfile digest/checksum value from files/md5 to distinfo
+ move the patch digest/checksum values from files/patch-sum to distinfo

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>