The NetBSD Project

CVS log for pkgsrc/www/apache2/Attic/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / apache2

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.149, Tue Jun 10 15:22:18 2014 UTC (5 years, 2 months ago) by joerg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.148: +1 -1 lines
FILE REMOVED

Retire Apache 1.3 and 2.0.

Revision 1.148 / (download) - annotate - [select for diffs], Thu May 29 23:37:56 2014 UTC (5 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.147: +2 -2 lines
Diff to previous 1.147 (colored)

Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.

Revision 1.147 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:43 2014 UTC (5 years, 6 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.146: +2 -2 lines
Diff to previous 1.146 (colored)

Recursive PKGREVISION bump for OpenSSL API version bump.

Revision 1.146 / (download) - annotate - [select for diffs], Thu Dec 12 12:24:47 2013 UTC (5 years, 8 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4
Changes since 1.145: +4 -4 lines
Diff to previous 1.145 (colored)

When recursively chowning, ensure the -P flag is specified.  This is default
on BSD but not on strict POSIX implementations, leading to failures when
building as an unprivileged user in the presence of symlinks.

Fixes recent breakage on SunOS when the '-h' flag was removed for MirBSD.

Revision 1.145 / (download) - annotate - [select for diffs], Tue Dec 3 21:18:36 2013 UTC (5 years, 8 months ago) by bsiegert
Branch: MAIN
Changes since 1.144: +4 -4 lines
Diff to previous 1.144 (colored)

Remove -h from the chown commands in post-install. The chown manpage (on
MirBSD) says: "The -R and -h options are mutually exclusive."

Revision 1.144 / (download) - annotate - [select for diffs], Sun Dec 1 10:18:02 2013 UTC (5 years, 8 months ago) by ryoon
Branch: MAIN
Changes since 1.143: +2 -1 lines
Diff to previous 1.143 (colored)

Revbump from devel/apr update

Revision 1.143 / (download) - annotate - [select for diffs], Sun Aug 4 02:45:42 2013 UTC (6 years ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.142: +2 -6 lines
Diff to previous 1.142 (colored)

Update apache2 to 2.0.65.

Changes with Apache 2.0.65

  *) SECURITY: CVE-2013-1862 (cve.mitre.org)
     mod_rewrite: Ensure that client data written to the RewriteLog is
     escaped to prevent terminal escape sequences from entering the
     log file.  [Eric Covener, Jeff Trawick, Joe Orton]

  *) SECURITY: CVE-2012-0053 (cve.mitre.org)
     Fix an issue in error responses that could expose "httpOnly" cookies
     when no custom ErrorDocument is specified for status code 400.
     [Eric Covener]

  *) SECURITY: CVE-2012-0031 (cve.mitre.org)
     Fix scoreboard issue which could allow an unprivileged child process
     to cause the parent to crash at shutdown rather than terminate
     cleanly.  [Joe Orton]

  *) SECURITY: CVE-2011-3368 (cve.mitre.org)
     Reject requests where the request-URI does not match the HTTP
     specification, preventing unexpected expansion of target URLs in
     some reverse proxy configurations.  [Joe Orton]

  *) SECURITY: CVE-2011-3192 (cve.mitre.org)
     core: Fix handling of byte-range requests to use less memory, to avoid
     denial of service. If the sum of all ranges in a request is larger than
     the original file, ignore the ranges and send the complete file.
     bug#51714. [Jeff Trawick, Stefan Fritsch, Jim Jagielski, Ruediger Pluem,
     Eric Covener, <lowprio20 gmail.com>]

  *) SECURITY: CVE-2011-3607 (cve.mitre.org)
     Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
     is enabled, could allow local users to gain privileges via a .htaccess
     file. [Stefan Fritsch, Greg Ames]

       NOTE: it remains possible to exhaust all memory using a carefully
       crafted .htaccess rule, which will not be addressed in 2.0; enabling
       processing of .htaccess files authored by untrusted users is the root
       of such security risks.  Upgrade to httpd 2.2.25 or later to limit
       this specific risk.

  *) core: Add MaxRanges directive to control the number of ranges permitted
     before returning the entire resource, with a default limit of 200.
     [Eric Covener, Rainer Jung]

  *) Set 'Accept-Ranges: none' in the case Ranges are being ignored with
     MaxRanges none.  [Eric Covener, Rainer Jung]

  *) mod_rewrite: Allow merging RewriteBase down to subdirectories
     if new option 'RewriteOptions MergeBase' is configured.
     [Eric Covener]

  *) mod_rewrite: Fix the RewriteEngine directive to work within a
     location. Previously, once RewriteEngine was switched on globally,
     it was impossible to switch off. [Graham Leggett]

  *) mod_rewrite: Add "AllowAnyURI" option. bug#52774. [Joe Orton]

  *) htdigest: Fix buffer overflow when reading digest password file
     with very long lines. bug#54893. [Rainer Jung]

  *) mod_ssl: Add "SSLHonorCipherOrder" directive to enable the
     OpenSSL 0.9.7 flag which uses the server's cipher order rather
     than the client's.  bug#28665.
     [Jim Schneider <jschneid netilla.com>]

  *) mod_include: Prevent a case of SSI timefmt-smashing with filter chains
     including multiple INCLUDES filters. bug#39369 [Joe Orton]

  *) mod_rewrite: When evaluating a proxy rule in directory context, do
     escape the filename by default. bug#46428 [Joe Orton]

  *) Improve platform detection for bundled PCRE by updating config.guess
     and config.sub.  [Rainer Jung]

  *) ssl-std.conf: Disable AECDH ciphers in example config. bug#51363.
     [Rob Stradling <rob comodo com>]

  *) ssl-std.conf: Change the SSLCipherSuite default to a shorter,
     whitelist oriented definition.  [Rainer Jung, Kaspar Brand]

  *) ssl-std.conf: Only select old MSIE browsers for the downgrade
     in http/https behavior.  [Greg Stein, Stefan Fritsch]

Revision 1.142 / (download) - annotate - [select for diffs], Fri Jul 12 10:45:04 2013 UTC (6 years, 1 month ago) by jperkin
Branch: MAIN
Changes since 1.141: +2 -2 lines
Diff to previous 1.141 (colored)

Bump PKGREVISION of all packages which create users, to pick up change of
sysutils/user_* packages.

Revision 1.141 / (download) - annotate - [select for diffs], Fri May 31 12:42:30 2013 UTC (6 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.140: +2 -2 lines
Diff to previous 1.140 (colored)

Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

Revision 1.140 / (download) - annotate - [select for diffs], Wed Feb 6 23:21:05 2013 UTC (6 years, 6 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.139: +2 -2 lines
Diff to previous 1.139 (colored)

PKGREVISION bumps for the security/openssl 1.0.1d update.

Revision 1.139 / (download) - annotate - [select for diffs], Sun Dec 16 01:52:37 2012 UTC (6 years, 8 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.138: +2 -2 lines
Diff to previous 1.138 (colored)

recursive bump from cyrus-sasl libsasl2 shlib major bump.

Revision 1.138 / (download) - annotate - [select for diffs], Sun Oct 28 06:30:09 2012 UTC (6 years, 9 months ago) by asau
Branch: MAIN
Changes since 1.137: +1 -3 lines
Diff to previous 1.137 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.137 / (download) - annotate - [select for diffs], Wed Oct 3 21:58:27 2012 UTC (6 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.136: +2 -2 lines
Diff to previous 1.136 (colored)

Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.

Revision 1.136 / (download) - annotate - [select for diffs], Sun Dec 18 09:13:11 2011 UTC (7 years, 8 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.135: +6 -1 lines
Diff to previous 1.135 (colored)

Add a patch for CVE-2011-3192.

Bump PKGREVISION.

Revision 1.135 / (download) - annotate - [select for diffs], Wed Sep 14 17:51:51 2011 UTC (7 years, 11 months ago) by hans
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.134: +4 -4 lines
Diff to previous 1.134 (colored)

Use chown -h to explicitly not dereference any symlinks. Fixes build on SunOS.

Revision 1.134 / (download) - annotate - [select for diffs], Mon Nov 1 18:03:04 2010 UTC (8 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.133: +1 -2 lines
Diff to previous 1.133 (colored)

Changes 2.0.64:
* SECURITY: CVE-2010-1452 (cve.mitre.org)
  mod_dav: Fix Handling of requests without a path segment.
* SECURITY: CVE-2009-1891 (cve.mitre.org)
  Fix a potential Denial-of-Service attack against mod_deflate or other
  modules, by forcing the server to consume CPU time in compressing a
  large file after a client disconnects.
* SECURITY: CVE-2009-3095 (cve.mitre.org)
  mod_proxy_ftp: sanity check authn credentials.
* SECURITY: CVE-2009-3094 (cve.mitre.org)
  mod_proxy_ftp: NULL pointer dereference on error paths.
* SECURITY: CVE-2009-3555 (cve.mitre.org)
  mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
  attack when compiled against OpenSSL version 0.9.8m or later. Introduces
  the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
  and offer unsafe legacy renegotiation with clients which do not yet
  support the new secure renegotiation protocol, RFC 5746.
* SECURITY: CVE-2009-3555 (cve.mitre.org)
  mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
  for OpenSSL versions prior to 0.9.8l; reject any client-initiated
  renegotiations. Forcibly disable keepalive for the connection if there
  is any buffered data readable. Any configuration which requires
  renegotiation for per-directory/location access control is still
  vulnerable, unless using openssl 0.9.8l or later.
* SECURITY: CVE-2010-0434 (cve.mitre.org)
  Ensure each subrequest has a shallow copy of headers_in so that the
  parent request headers are not corrupted.  Elimiates a problematic
  optimization in the case of no request body.
* SECURITY: CVE-2008-2364 (cve.mitre.org)
  mod_proxy_http: Better handling of excessive interim responses
  from origin server to prevent potential denial of service and high
  memory usage.
* SECURITY: CVE-2010-0425 (cve.mitre.org)
  mod_isapi: Do not unload an isapi .dll module until the request
  processing is completed, avoiding orphaned callback pointers.
* SECURITY: CVE-2008-2939 (cve.mitre.org)
  mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
  the FTP URL. Discovered by Marc Bevand of Rapid7.
* Fix recursive ErrorDocument handling.
* mod_ssl: Do not do overlapping memcpy.
* Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass
  through on a 304 response.
* apxs: Fix -A and -a options to ignore whitespace in httpd.conf

Revision 1.133 / (download) - annotate - [select for diffs], Thu Mar 18 12:47:56 2010 UTC (9 years, 5 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.132: +3 -3 lines
Diff to previous 1.132 (colored)

Make sure abs_srcdir is patched for the DESTDIR case too. Bump revision.

Revision 1.132 / (download) - annotate - [select for diffs], Wed Feb 17 15:14:05 2010 UTC (9 years, 6 months ago) by joerg
Branch: MAIN
Changes since 1.131: +20 -16 lines
Diff to previous 1.131 (colored)

DESTDIR support

Revision 1.131 / (download) - annotate - [select for diffs], Sun Jan 17 12:02:48 2010 UTC (9 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored)

Recursive PKGREVISION bump for jpeg update to 8.

Revision 1.130 / (download) - annotate - [select for diffs], Fri Nov 27 13:28:11 2009 UTC (9 years, 8 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q4
Changes since 1.129: +2 -2 lines
Diff to previous 1.129 (colored)

Call the real shlibtool, not some non-existing copy. Bump revision.

Revision 1.129 / (download) - annotate - [select for diffs], Wed Aug 12 04:18:27 2009 UTC (10 years ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base, pkgsrc-2009Q3
Changes since 1.128: +2 -2 lines
Diff to previous 1.128 (colored)

Back out previous PKG_REVISION bump, hoping that it was in 40 minutes...

Revision 1.128 / (download) - annotate - [select for diffs], Wed Aug 12 03:38:28 2009 UTC (10 years ago) by taca
Branch: MAIN
Changes since 1.127: +2 -2 lines
Diff to previous 1.127 (colored)

Bump PKGREVISION reflecting update of devel/apr0.

Revision 1.127 / (download) - annotate - [select for diffs], Sat Sep 6 20:54:34 2008 UTC (10 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, cube-native-xorg-base, cube-native-xorg
Changes since 1.126: +2 -2 lines
Diff to previous 1.126 (colored)

Recursive PKGREVISION/ABI-depends bump for db4 4.6->4.7 update (shlib
name change).

Revision 1.125.4.1 / (download) - annotate - [select for diffs], Sun Aug 10 11:57:39 2008 UTC (11 years ago) by tron
Branch: pkgsrc-2008Q2
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored) next main 1.126 (colored)

Pullup ticket 2477 - requested by kefren
Security patch for apache2

Revisions pulled up:
- www/apache2/Makefile		1.126
- www/apache2/distinfo		1.54
- www/apache2/patches/patch-aq	1.5
---
Module Name:	pkgsrc
Committed By:	kefren
Date:		Sat Aug  9 20:33:38 UTC 2008

Modified Files:
	pkgsrc/www/apache2: Makefile distinfo
Added Files:
	pkgsrc/www/apache2/patches: patch-aq

Log Message:
CVE-2008-2939
bump PKGREVISION

Revision 1.126 / (download) - annotate - [select for diffs], Sat Aug 9 20:33:37 2008 UTC (11 years ago) by kefren
Branch: MAIN
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored)

CVE-2008-2939
bump PKGREVISION

Revision 1.125 / (download) - annotate - [select for diffs], Thu Jul 10 15:18:23 2008 UTC (11 years, 1 month ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, cwrapper
Branch point for: pkgsrc-2008Q2
Changes since 1.124: +13 -2 lines
Diff to previous 1.124 (colored)

Fix abs_srcdir definition as done in apache22. Also install
mkdir.sh as expected e.g. by www/ap2-fcgid. Bump revision.

Revision 1.121.2.1 / (download) - annotate - [select for diffs], Wed Jun 25 12:09:43 2008 UTC (11 years, 1 month ago) by tron
Branch: pkgsrc-2008Q1
Changes since 1.121: +2 -1 lines
Diff to previous 1.121 (colored) next main 1.122 (colored)

Pullup ticket #2434 - requested by he
Security patch for apache2

Revisions pulled up:
- devel/apr0/Makefile		1.5
- www/apache2/Makefile		1.124
- www/apache2/Makefile.common	1.26
---
    Module Name:	pkgsrc
    Committed By:	he
    Date:		Sun Jun 22 23:01:19 UTC 2008

    Modified Files:
	pkgsrc/devel/apr0: Makefile
	pkgsrc/www/apache2: Makefile Makefile.common

    Log Message:
    As indicated by comments on pkgsrc-c, move PKGREVISION setting to
    individual Makefile files and out of Makefile.common.

Revision 1.124 / (download) - annotate - [select for diffs], Sun Jun 22 23:01:19 2008 UTC (11 years, 1 month ago) by he
Branch: MAIN
Changes since 1.123: +2 -1 lines
Diff to previous 1.123 (colored)

As indicated by comments on pkgsrc-c, move PKGREVISION setting to
individual Makefile files and out of Makefile.common.

Revision 1.123 / (download) - annotate - [select for diffs], Mon May 26 02:13:25 2008 UTC (11 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.122: +3 -3 lines
Diff to previous 1.122 (colored)

Second round of explicit pax dependencies. As reminded by tnn@,
many packages used to use ${PAX}. Use the common way of directly calling
pax, it is created as tool after all.

Revision 1.122 / (download) - annotate - [select for diffs], Sat Apr 12 22:43:13 2008 UTC (11 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.121: +3 -6 lines
Diff to previous 1.121 (colored)

Convert to use PLIST_VARS instead of manually passing "@comment "
through PLIST_SUBST to the plist module.

Revision 1.121 / (download) - annotate - [select for diffs], Mon Jan 21 14:37:22 2008 UTC (11 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base
Branch point for: pkgsrc-2008Q1
Changes since 1.120: +1 -2 lines
Diff to previous 1.120 (colored)

Update apache package to 2.0.63.


Changes with Apache 2.0.63

  *) winnt_mpm: Resolve modperl issues by redirecting console mode stdout
     to /Device/Nul as the server is starting up, mirroring unix MPM's.
     PR: 43534  [Tom Donovan <Tom.Donovan acm.org>, William Rowe]

  *) winnt_mpm: Restore Win32DisableAcceptEx On directive and Win9x platform
     by recreating the bucket allocator each time the trans pool is cleared.
     PR: 11427 #16 (follow-on)  [Tom Donovan <Tom.Donovan acm.org>]

Changes with Apache 2.0.62 (not released)

  *) SECURITY: CVE-2007-6388 (cve.mitre.org)
     mod_status: Ensure refresh parameter is numeric to prevent
     a possible XSS attack caused by redirecting to other URLs.
     Reported by SecurityReason.  [Mark Cox, Joe Orton]

  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
     mod_imagemap: Fix a cross-site scripting issue.  Reported by JPCERT.
     [Joe Orton]

  *) Introduce the ProxyFtpDirCharset directive, allowing the administrator
     to identify a default, or specific servers or paths which list their
     contents in other-than ISO-8859-1 charset (e.g. utf-8). [Ruediger Pluem]

  *) log.c: Ensure Win32 resurrects its lost robust logger processes.
     [William Rowe]

  *) mpm_winnt: Eliminate wait_for_many_objects.  Allows the clean
     shutdown of the server when the MaxClients is higher then 257,
     in a more responsive manner [Mladen Turk, William Rowe]

  *) Add explicit charset to the output of various modules to work around
     possible cross-site scripting flaws affecting web browsers that do not
     derive the response character set as required by  RFC2616.  One of these
     reported by SecurityReason [Joe Orton]

  *) http_protocol: Escape request method in 405 error reporting.
     This has no security impact since the browser cannot be tricked
     into sending arbitrary method strings.  [Jeff Trawick]

  *) http_protocol: Escape request method in 413 error reporting.
     Determined to be not generally exploitable, but a flaw in any case.
     PR 44014 [Victor Stinner <victor.stinner inl.fr>]

Revision 1.120 / (download) - annotate - [select for diffs], Fri Jan 18 05:09:47 2008 UTC (11 years, 7 months ago) by tnn
Branch: MAIN
Changes since 1.119: +2 -2 lines
Diff to previous 1.119 (colored)

Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Revision 1.119 / (download) - annotate - [select for diffs], Sat Jan 12 11:36:30 2008 UTC (11 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.118: +2 -1 lines
Diff to previous 1.118 (colored)

db4 update related revision bump

Revision 1.114.2.1 / (download) - annotate - [select for diffs], Sat Sep 8 09:54:45 2007 UTC (11 years, 11 months ago) by ghen
Branch: pkgsrc-2007Q2
Changes since 1.114: +1 -2 lines
Diff to previous 1.114 (colored) next main 1.115 (colored)

Pullup ticket 2184 - requested by tron
security update for apache2

- pkgsrc/devel/apr0/Makefile				1.3
- pkgsrc/devel/apr0/distinfo				1.2
- pkgsrc/www/apache2/Makefile				1.118
- pkgsrc/www/apache2/Makefile.commom			1.22
- pkgsrc/www/apache2/PLIST				1.35
- pkgsrc/www/apache2/distinfo				1.51
- pkgsrc/www/apache2/patches/patch-ap			removed
- pkgsrc/www/apache2/patches/patch-aq			removed

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Sep  7 23:11:41 UTC 2007

   Modified Files:
	   pkgsrc/devel/apr0: Makefile distinfo
	   pkgsrc/www/apache2: Makefile Makefile.common PLIST distinfo

   Log Message:
   Update "apr" package to version 0.9.16.2.0.61 and "apache2" package
   to version 2.0.61.

   This update is a bug and security fix release. The following security
   problem hasn't been fixed in "pkgsrc" before:
   - CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
     parsing date-related headers.
---
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Sep  7 23:28:23 UTC 2007

   Removed Files:
	   pkgsrc/www/apache2/patches: patch-ap patch-aq

   Log Message:
   Remove obsolete patch files.

Revision 1.118 / (download) - annotate - [select for diffs], Fri Sep 7 23:11:40 2007 UTC (11 years, 11 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3
Changes since 1.117: +1 -2 lines
Diff to previous 1.117 (colored)

Update "apr" package to version 0.9.16.2.0.61 and "apache2" package
to version 2.0.61.

This update is a bug and security fix release. The following security
problem hasn't been fixed in "pkgsrc" before:
- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when
  parsing date-related headers.

Revision 1.117 / (download) - annotate - [select for diffs], Fri Sep 7 22:12:23 2007 UTC (11 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.116: +2 -2 lines
Diff to previous 1.116 (colored)

Convert packages that test and use USE_INET6 to use the options framework
and to support the "inet6" option instead.

Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files.  Replace:

	BUILD_DEFS+=	USE_INET6
with
	BUILD_DEFS+=	IPV6_READY

and teach the README-generation tools to look for that instead.

This nukes USE_INET6 from pkgsrc proper.  We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.

Revision 1.116 / (download) - annotate - [select for diffs], Tue Aug 28 23:57:06 2007 UTC (11 years, 11 months ago) by jnemeth
Branch: MAIN
Changes since 1.115: +2 -4 lines
Diff to previous 1.115 (colored)

PR/36855 - Michael -- don't create duplicate Listen directives

Revision 1.115 / (download) - annotate - [select for diffs], Wed Jul 4 20:55:03 2007 UTC (12 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.114: +3 -2 lines
Diff to previous 1.114 (colored)

Make it easier to build and install packages "unprivileged", where
the owner of all installed files is a non-root user.  This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.

(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
    unprivileged.mk.  These two variables are lists of other bmake
    variables that define package-specific users and groups.  Packages
    that have user-settable variables for users and groups, e.g. apache
    and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
    etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
    so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
    and ${UNPRIVILEGED_GROUP}.

(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.

Revision 1.114 / (download) - annotate - [select for diffs], Thu Jun 28 01:49:04 2007 UTC (12 years, 1 month ago) by lkundrak
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base
Branch point for: pkgsrc-2007Q2
Changes since 1.113: +2 -2 lines
Diff to previous 1.113 (colored)

Fixes for security issues and PKGREVISION bump;
CVE-2006-5752 XSS in mod_status with ExtendedStatus on
CVE-2007-1863 remote crash when mod_cache enabled

Revision 1.113 / (download) - annotate - [select for diffs], Sun Jun 10 06:14:18 2007 UTC (12 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)

Reorder include of devel/apr0/b3.mk to be before the refining
dependency is added, as the wildcard pattern in apr0 is necessary
to pick the right version of APR.

Revision 1.112 / (download) - annotate - [select for diffs], Fri Jun 8 12:25:06 2007 UTC (12 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.111: +2 -2 lines
Diff to previous 1.111 (colored)

PKGREVISION bump for db4 shlib name change.

Revision 1.111 / (download) - annotate - [select for diffs], Thu Feb 22 19:27:19 2007 UTC (12 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base, pkgsrc-2007Q1
Changes since 1.110: +2 -2 lines
Diff to previous 1.110 (colored)

Whitespace cleanup, courtesy of pkglint.
Patch provided by Sergey Svishchev in private mail.

Revision 1.110 / (download) - annotate - [select for diffs], Wed Jan 24 19:46:45 2007 UTC (12 years, 6 months ago) by epg
Branch: MAIN
Changes since 1.109: +2 -2 lines
Diff to previous 1.109 (colored)

devel/apr:
    Update to 1.2.8 (formerly in devel/apr1), no longer build from the
    httpd distfile.

devel/rapidsvn:
devel/subversion-base:
parallel/ganglia-monitor-core:
security/hydra:
www/apache2:
    Use devel/apr0.

www/apache22:
    Use devel/apr and devel/apr-util.

Revision 1.109 / (download) - annotate - [select for diffs], Tue Jan 23 15:45:44 2007 UTC (12 years, 6 months ago) by ghen
Branch: MAIN
Changes since 1.108: +4 -2 lines
Diff to previous 1.108 (colored)

Fix perl interpreter path for libexec/cgi-bin/printenv.  Bump PKGREVISION for
apache, apache2 and apache22.

Revision 1.108 / (download) - annotate - [select for diffs], Sat Dec 9 00:51:21 2006 UTC (12 years, 8 months ago) by xtraeme
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base, pkgsrc-2006Q4
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored)

There's no need for CONFLICT between apache2 and apache22,
cube said so.

Revision 1.107 / (download) - annotate - [select for diffs], Fri Dec 8 23:51:37 2006 UTC (12 years, 8 months ago) by xtraeme
Branch: MAIN
Changes since 1.106: +3 -3 lines
Diff to previous 1.106 (colored)

This package cannot co-exist with apache22, update CONFLICTS
properly.

Bump PKGREVISION.

Revision 1.106 / (download) - annotate - [select for diffs], Sun Nov 5 17:52:38 2006 UTC (12 years, 9 months ago) by adrianp
Branch: MAIN
Changes since 1.105: +4 -4 lines
Diff to previous 1.105 (colored)

Fix the path to libtool on build so that it gets set correctly in the
installed config_vars.mk.  Any package pulling in config_vars.mk will
now find libtool.
PKGREVISION++
ok'ed tron@

Revision 1.105 / (download) - annotate - [select for diffs], Wed Aug 30 06:16:27 2006 UTC (12 years, 11 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.104: +5 -3 lines
Diff to previous 1.104 (colored)

The directories for configuration files and log files are now set in the
config.layout file instead of CONFIGURE_ARGS, to avoid defining things
twice. No actual change, since the paths are still the same.

Added all necessary variables to BUILD_DEFS, as reported by pkglint.

Revision 1.104 / (download) - annotate - [select for diffs], Fri Jul 28 13:35:37 2006 UTC (13 years ago) by tron
Branch: MAIN
Changes since 1.103: +2 -1 lines
Diff to previous 1.103 (colored)

Make sure that the directory "share/httpd/manual/style/lang" is created
when installing a binary package. Problem pointed out by Lubomir Sedlacik
in private e-mail.

Bump package revision because of this fix.

Revision 1.103 / (download) - annotate - [select for diffs], Fri Jul 28 10:38:36 2006 UTC (13 years ago) by tron
Branch: MAIN
Changes since 1.102: +14 -14 lines
Diff to previous 1.102 (colored)

Update "apr" package to version 0.9.12.2.0.59 and "apache2" package
to version 2.0.59. Changes since *2.0.58:
- SECURITY: CVE-2006-3747 (cve.mitre.org)
  mod_rewrite: Fix an off-by-one security problem in the ldap scheme
  handling. For some RewriteRules this could lead to a pointer being
  written out of bounds.  Reported by Mark Dowd of McAfee.

Revision 1.102 / (download) - annotate - [select for diffs], Mon Jul 10 08:29:33 2006 UTC (13 years, 1 month ago) by rillig
Branch: MAIN
Changes since 1.101: +28 -28 lines
Diff to previous 1.101 (colored)

Fixed some pkglint warnings.

Revision 1.101 / (download) - annotate - [select for diffs], Sun May 7 12:35:27 2006 UTC (13 years, 3 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base, pkgsrc-2006Q2
Changes since 1.100: +2 -3 lines
Diff to previous 1.100 (colored)

Update "apr" package to version 0.9.12.2.0.58 and "apache" package
to version 2.0.58. Change since Apache relase 2.0.55:
- Legal: Restored original years in copyright notices.
- mod_cgid: run the get_suexec_identity hook within the request-handler
  instead of within cgid. Apache#36410.
- core: Prevent read of unitialized memory in ap_rgetline_core.
  Apache#39282.
- mod_proxy: Report the proxy server name correctly in the "Via:" header,
  when UseCanonicalName is Off. Apache#11971.
- mod_isapi: Various trivial code-fixes to permit mod_isapi to load and
  run on Unix.
- HTML-escape the Expect error message.  Not classed as security as
  an attacker has no way to influence the Expect header a victim will
  send to a target site.  Reported by Thiago Zaninotti
  <thiango nstalker.com>.
- SECURITY: CVE-2005-3357 (cve.mitre.org)
  mod_ssl: Fix a possible crash during access control checks if a
  non-SSL request is processed for an SSL vhost (such as the
  "HTTP request received on SSL port" error message when an 400
  ErrorDocument is configured, or if using "SSLEngine optional").
  Apache#37791.
- SECURITY: CVE-2005-3352 (cve.mitre.org)
  mod_imap: Escape untrusted referer header before outputting in HTML
  to avoid potential cross-site scripting.  Change also made to
  ap_escape_html so we escape quotes.  Reported by JPCERT.
- Add APR/APR-Util Compiled and Runtime Version numbers to the
  output of 'httpd -V'.
- Ensure that the proper status line is written to the client, fixing
  incorrect status lines caused by filters which modify r->status without
  resetting r->status_line, such as the built-in byterange filter.
- Default handler: Don't return output filter apr_status_t values.
  Apache#31759.
- mod_speling: Stop crashing with certain non-file requests.
- keep the Content-Length header for a HEAD with no response body.
  Apache#18757
- Modify apr[util] .h detection to avoid breakage on VPATH builds
  using Solaris make (amoung others) and avoid breakage in ./buildconf
  when srclib/apr[-util] are symlinks rather than directories proper.
- Avoid server-driven negotiation when a CGI script has emitted an
  explicit "Status:" header. Apache#38070.
- mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
  format is used. Apache#27787.
- mod_cache: Correctly handle responses with a 301 status. Apache#37347.
- mod_proxy_http: Prevent data corruption of POST request bodies when
  client accesses proxied resources with SSL. Apache#37145.
- Elimiated the NET_TIME filter, restructuring the timeout logic.
  This provides a working mod_echo on all platforms, and ensures any
  custom protocol module is at least given an initial timeout value
  based on the <VirtualHost > context's Timeout directive.
- mod_ssl: Correct issue where mod_ssl does not pick up the
  ssl-unclean-shutdown setting when configured. Apache#34452.
- Document the ReceiveBufferSize change done in r157583.
- mod_deflate: Merge the Vary header, instead of Setting it. Fixes
  applications that send the Vary Header themselves. Apache#37559.
- mod_dav: Fix a null pointer dereference in an error code path during the
  handling of MKCOL.
- mod_mime_magic: Handle CRLF-format magic files so that it works with
  the default installation on Windows.
- Write message to error log if AuthGroupFile cannot be opened.
  Apache#37566.
- Add ReceiveBufferSize directive to control the TCP receive buffer.
- mod_cache: Fix 'Vary: *' behavior to be RFC compliant. Apache#16125.
- Remove the base href tag from proxy_ftp, as it breaks relative
  links for clients not using an Authorization header.
- http_request.c: Add missing va_end call.
- Add httxt2dbm to support/ for creating RewriteMap DBM Files.
- support/check_forensic: Fix temp file usage
- Chunk filter: Fix chunk filter to create correct chunks in the case that
  a flush bucket is surrounded by data buckets.
- mod_cgi(d): Remove block on OPTIONS method so that scripts can
  respond to OPTIONS directly rather than via server default.
  Apache#15242
- Added new module mod_version, which provides version dependent
  configuration containers.
- Add core version query function (ap_get_server_revision) and
  accompanying ap_version_t structure (minor MMN bump).

Revision 1.100 / (download) - annotate - [select for diffs], Mon Apr 24 20:10:02 2006 UTC (13 years, 3 months ago) by tv
Branch: MAIN
Changes since 1.99: +7 -2 lines
Diff to previous 1.99 (colored)

Set APACHE_MODULES with ?= *before* bsd.prefs.mk, because that's the only
way that using APACHE_MODULES+= (additive) in mk.conf can work correctly.

Revision 1.99 / (download) - annotate - [select for diffs], Sun Apr 23 11:42:38 2006 UTC (13 years, 3 months ago) by adrianp
Branch: MAIN
Changes since 1.98: +37 -2 lines
Diff to previous 1.98 (colored)

Fix ownership permissions on installed files
Change behaviour of APACHE_MODULES and DFLT_APACHE_MODULES

If you do not define APACHE_MODULES this change will not impact you, the
default behaviour of the package modules has not been changed.

The new functionality is as follows:

1) If you need to add an additional module to be installed with apache
   you would use:

   APACHE_MODULES+= spelling

   This would include mod_spelling as a static module in addition to the
   default modules installed.

2) If you need a highly customised version of apache and would like to
   explicitly list which modules are installed by default you would use:

   APACHE_MODULES= spelling access auth include env autoindex

   This would install _only_ the listed modules as static modules with
   apache.

   If you use APACHE_MODULES= please read the apache documentation at:

	http://httpd.apache.org/docs/2.0/

   To determine which modules you will need to install to get the level
   of functionality you require. By default when using APACHE_MODULES=
   apache only includes with the following static modules:

	core.c
	prefork.c
	http_core.c
	mod_so.c

Revision 1.98 / (download) - annotate - [select for diffs], Sun Apr 23 00:12:42 2006 UTC (13 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)

Modify packages that set PKG_USERS and PKG_GROUPS to follow the new
syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47.

Revision 1.97 / (download) - annotate - [select for diffs], Sat Apr 22 09:22:16 2006 UTC (13 years, 4 months ago) by rillig
Branch: MAIN
Changes since 1.96: +4 -4 lines
Diff to previous 1.96 (colored)

Removed the superfluous "quotes" and 'quotes' from variables that don't
need them, for example RESTRICTED and SUBST_MESSAGE.*.

Revision 1.96 / (download) - annotate - [select for diffs], Thu Apr 6 06:22:53 2006 UTC (13 years, 4 months ago) by reed
Branch: MAIN
Changes since 1.95: +2 -2 lines
Diff to previous 1.95 (colored)

Over 1200 files touched but no revisions bumped :)

RECOMMENDED is removed. It becomes ABI_DEPENDS.

BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.

BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.

BUILDLINK_DEPENDS does not change.

IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".

Added to obsolete.mk checking for IGNORE_RECOMMENDED.

I did not manually go through and fix any aesthetic tab/spacing issues.

I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.

I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.

As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.

As discussed on tech-pkg.

I will commit to revbump, pkglint, pkg_install, createbuildlink separately.

Note that if you use wip, it will fail!  I will commit to pkgsrc-wip
later (within day).

Revision 1.95 / (download) - annotate - [select for diffs], Sun Feb 5 23:11:18 2006 UTC (13 years, 6 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.94 / (download) - annotate - [select for diffs], Wed Jan 25 18:08:33 2006 UTC (13 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored)

Add "pkg-config" to the list of tools required for building the
apache2" package. This should fix PR pkg/32622.

Revision 1.93 / (download) - annotate - [select for diffs], Tue Jan 24 07:32:45 2006 UTC (13 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)

Bump BUILDLINK_RECOMMENDED of textproc/expat to 2.0.0 because
of the shlib major bump.
PKGREVISION++ for the dependencies.

Revision 1.89.2.1 / (download) - annotate - [select for diffs], Sat Jan 21 16:44:05 2006 UTC (13 years, 7 months ago) by snj
Branch: pkgsrc-2005Q4
Changes since 1.89: +11 -2 lines
Diff to previous 1.89 (colored) next main 1.90 (colored)

Pullup ticket 1044 - requested by Matthias Scheler
security fix for apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile		1.91-1.92
- pkgsrc/www/apache2/distinfo		1.46
- pkgsrc/www/apache2/patches/patch-af	1.6

   Module Name:	pkgsrc
   Committed By:	ghen
   Date:		Thu Jan  5 10:01:20 UTC 2006

   Modified Files:
   	pkgsrc/www/apache: Makefile
   	pkgsrc/www/apache2: Makefile

   Log Message:
   Fix the default config and ServerRoot paths in apache and apache2 manpages,
   as suggested by PR pkg/32300, bump PKGREVISION.  Ok by tron, wiz.
---
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jan 21 13:02:21 UTC 2006

   Modified Files:
           pkgsrc/www/apache2: Makefile distinfo
   Added Files:
           pkgsrc/www/apache2/patches: patch-af

   Log Message:
   Add fix for CVE-2005-3357 from Apache bug report 37791.
   Bump package revision because of this fix.

Revision 1.92 / (download) - annotate - [select for diffs], Sat Jan 21 13:02:21 2006 UTC (13 years, 7 months ago) by tron
Branch: MAIN
Changes since 1.91: +2 -2 lines
Diff to previous 1.91 (colored)

Add fix for CVE-2005-3357 from Apache bug report 37791.
Bump package revision because of this fix.

Revision 1.91 / (download) - annotate - [select for diffs], Thu Jan 5 10:01:20 2006 UTC (13 years, 7 months ago) by ghen
Branch: MAIN
Changes since 1.90: +11 -2 lines
Diff to previous 1.90 (colored)

Fix the default config and ServerRoot paths in apache and apache2 manpages,
as suggested by PR pkg/32300, bump PKGREVISION.  Ok by tron, wiz.

Revision 1.90 / (download) - annotate - [select for diffs], Thu Dec 29 06:22:21 2005 UTC (13 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.89: +1 -2 lines
Diff to previous 1.89 (colored)

Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.82.2.4 / (download) - annotate - [select for diffs], Thu Dec 15 11:56:03 2005 UTC (13 years, 8 months ago) by salo
Branch: pkgsrc-2005Q3
Changes since 1.82.2.3: +2 -2 lines
Diff to previous 1.82.2.3 (colored) to branchpoint 1.82 (colored) next main 1.83 (colored)

Pullup ticket 959 - requested by Matthias Scheler
security fix for apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile		1.89
- pkgsrc/www/apache2/distinfo		1.45
- pkgsrc/www/apache2/patches/patch-ae	1.7

   Module Name:		pkgsrc
   Committed By:	tron
   Date:		Thu Dec 15 11:29:00 UTC 2005

   Modified Files:
   	pkgsrc/www/apache2: Makefile distinfo
   Added Files:
   	pkgsrc/www/apache2/patches: patch-ae

   Log Message:
   Add fix for security vulnerability reported in CVE-2005-3352 taken from
   Apache SVN repository. Bump package revision because of that.

Revision 1.89 / (download) - annotate - [select for diffs], Thu Dec 15 11:29:00 2005 UTC (13 years, 8 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)

Add fix for security vulnerability reported in CVE-2005-3352 taken from
Apache SVN repository. Bump package revision because of that.

Revision 1.88 / (download) - annotate - [select for diffs], Mon Dec 5 23:55:22 2005 UTC (13 years, 8 months ago) by rillig
Branch: MAIN
Changes since 1.87: +5 -5 lines
Diff to previous 1.87 (colored)

Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.

Revision 1.87 / (download) - annotate - [select for diffs], Mon Dec 5 20:51:11 2005 UTC (13 years, 8 months ago) by rillig
Branch: MAIN
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)

Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.82.2.3 / (download) - annotate - [select for diffs], Mon Oct 24 00:25:22 2005 UTC (13 years, 9 months ago) by seb
Branch: pkgsrc-2005Q3
Changes since 1.82.2.2: +2 -2 lines
Diff to previous 1.82.2.2 (colored) to branchpoint 1.82 (colored)

Pullup ticket 849 - requested by Johnny C. Lam
PLIST fix for www/apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile                                 1.86
- pkgsrc/www/apache2/PLIST                                    1.32

   Module Name:	pkgsrc
   Committed By:	jlam
   Date:		Sun Oct 23 20:14:43 UTC 2005

   Modified Files:
   	pkgsrc/www/apache2: Makefile PLIST

   Log Message:
   Add missing manpage to PLIST.  Bump PKGREVISION for binary package change.

Revision 1.86 / (download) - annotate - [select for diffs], Sun Oct 23 20:14:43 2005 UTC (13 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)

Add missing manpage to PLIST.  Bump PKGREVISION for binary package change.

Revision 1.82.2.2 / (download) - annotate - [select for diffs], Sun Oct 23 09:48:01 2005 UTC (13 years, 9 months ago) by seb
Branch: pkgsrc-2005Q3
Changes since 1.82.2.1: +4 -1 lines
Diff to previous 1.82.2.1 (colored) to branchpoint 1.82 (colored)

Pullup ticket 845 - requested by Matthias Scheler
Fix possible build problem for www/apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile                                 1.85

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Oct 21 10:31:18 UTC 2005

   Modified Files:
   	pkgsrc/www/apache2: Makefile

   Log Message:
   Require at least version 0.9.7.2.0.55 of the "apr" package because
   Apache 2.0.55 won't work with older versions. Bump package revision
   because of this dependence change.

   This fixes PR pkg/31872 by Carl Brewer.

Revision 1.85 / (download) - annotate - [select for diffs], Fri Oct 21 10:31:18 2005 UTC (13 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.84: +4 -1 lines
Diff to previous 1.84 (colored)

Require at least version 0.9.7.2.0.55 of the "apr" package because
Apache 2.0.55 won't work with older versions. Bump package revision
because of this dependence change.

This fixes PR pkg/31872 by Carl Brewer.

Revision 1.82.2.1 / (download) - annotate - [select for diffs], Tue Oct 18 21:21:27 2005 UTC (13 years, 10 months ago) by seb
Branch: pkgsrc-2005Q3
Changes since 1.82: +2 -3 lines
Diff to previous 1.82 (colored)

Pullup ticket 838 - requested by Matthias Scheler
sync devel/apr and www/apache2 with HEAD as precautionary/preventive step

Revisions pulled up:
- devel/apr/Makefile			1.37
- devel/apr/distinfo			1.16
- devel/apr/patches/patch-ao		1.3
- www/apache2/Makefile			1.84
- www/apache2/Makefile.common		1.19
- www/apache2/PLIST			1.31
- www/apache2/distinfo			1.43,1.44
- www/apache2/patches/patch-ac		1.6
- www/apache2/patches/patch-ae		removed
- www/apache2/patches/patch-af		removed
- www/apache2/patches/patch-ah		removed
- www/apache2/patches/patch-aj		removed
- www/apache2/patches/patch-ao		1.7

   Module Name:    pkgsrc
   Committed By:   joerg
   Date:           Tue Oct 11 20:10:35 UTC 2005

   Modified Files:
           pkgsrc/www/apache2: distinfo
   Added Files:
           pkgsrc/www/apache2/patches: patch-ao

   Log Message:
   Allow mod_ssl to build with OpenSSL 0.9.8. The patch is from
   Georg v. Zezschwitz on dev@httpd.apache.org.
---
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Mon Oct 17 10:28:46 UTC 2005

   Modified Files:
           pkgsrc/devel/apr: Makefile distinfo
           pkgsrc/devel/apr/patches: patch-ao
           pkgsrc/www/apache2: Makefile

   Log Message:
   Update "apr" package to version 0.9.7. Changes since version 0.9.6:
   - Fix crash in apr_dir_make_recursive() for relative path
     when the working directory has been deleted.  [Joe Orton]
   - Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT,
     returning APR_EBUSY.  [Ronen Mizrahi <ronen@tversity.com>]
   - Fix apr_file_read() to catch write failures when flushing pending
     writes for a buffered file.  [Joe Orton]
   - Fix apr_file_write() infinite loop on write failure for buffered
     files.  [Erik Huelsmann <ehuels gmail.com>]
   - Fix error handling where apr_uid_* and apr_gid_* could segfault
     or return APR_SUCCESS in failure cases.  Bug 34053.  [Joe Orton,
     Paul Querna]
   - Refactor Win32 condition variables code to address bugs 27654, 34336.
     [Henry Jen <henryjen ztune.net>, E Holyat <eholyat yahoo.com>]
   - Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows.  Bug 32177.
     [Sim <sgobbi datamanagement.it>, Jeff Trawick]
   - Fix detection of rwlocks on Mac OS X. [Aaron Bannert]
   - Fix issue with poll() followed by net I/O yielding EAGAIN on
     Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez]

   Update based on patches supplied by Ben Collver. Addresses first part
   of PR pkg/31817 by Zafer Aydogan.
---
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Mon Oct 17 10:37:11 UTC 2005

   Modified Files:
           pkgsrc/www/apache2: Makefile.common PLIST distinfo
           pkgsrc/www/apache2/patches: patch-ac
   Removed Files:
           pkgsrc/www/apache2/patches: patch-ae patch-af patch-ah patch-aj

   Log Message:
   Update "apache2" package to version 2.0.55. Changes since version 2.0.54:
   - worker MPM: Fix a memory leak which can occur after an aborted
     connection in some limited circumstances.  [Greg Ames]
   - mod_ldap: Fix Bug 36563. Keep track of the number of attributes
     retrieved from LDAP so that all of the values can be properly
     cached even if the value is NULL.
     [Brad Nicholes, Ondrej Sury <ondrej sury.org>]
   - Added TraceEnable [on|off|extended] per-server directive to alter
     the behavior of the TRACE method.  This addresses a flaw in proxy
     conformance to RFC 2616 - previously the proxy server would accept
     a TRACE request body although the RFC prohibited it.  The default
     remains 'TraceEnable on'.  [William Rowe]
   - Add ap_log_cerror() for logging messages associated with particular
     client connections.  [Jeff Trawick]
   - Correct mod_cgid's argv[0] so that the full path can be delved by the
     invoked cgi application, to conform to the behavior of mod_cgi.
     [Pradeep Kumar S <pradeep.smani gmail.com>]
   - mod_include: Fix possible environment variable corruption when
     using nested includes.  Bug 12655.  [Joe Orton]
   - Support the suppress-error-charset setting, as with Apache 1.3.x.
     Bug 31274.  [Jeff Trawick]
   - EBCDIC: Handle chunked input from client or, with proxy, origin
     server.  [Jeff Trawick]
   - Fix bad globbing comparison which could result in getting
     a directory listing when a file was requested. Bug 34512.
     [sean <infamous41md hotmail.com>]
   - Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker()
     was called even if mod_auth_ldap_check_user_id() was not
     (or if it didn't succeed) for non-authoritative cases.
     [Jim Jagielski]
   - mod_proxy: Fix over-eager handling of '%' for reverse proxies.
     Bug 15207.  [Jim Jagielski]
   - mod_ldap: Fix various shared memory cache handling bugs.
     Bug 34209.  [Joe Orton]
   - Fix a file descriptor leak when starting piped loggers.  Bug 33748.
     [Joe Orton]
   - mod_ldap: Avoid segfaults when opening connections if using a version
     of OpenLDAP older than 2.2.21.  Bug 34618.  [Brad Nicholes]
   - mod_ssl: Fix build with OpenSSL 0.9.8.  Bug 35757.  [William Rowe]
   - proxy HTTP: If a response contains both Transfer-Encoding and a
     Content-Length, remove the Content-Length and don't reuse the
     connection, mitigating some HTTP Response Splitting attacks.
     [Jeff Trawick]
   - Prevent hangs of child processes when writing to piped loggers at
     the time of graceful restart.  Bug 26467.  [Jeff Trawick]
   - SECURITY: CAN-2005-1268 (cve.mitre.org)
     mod_ssl: Fix off-by-one overflow whilst printing CRL information
     at "LogLevel debug" which could be triggered if configured
     to use a "malicious" CRL.  Bug 35081.  [Marc Stern <mstern csc.com>]
   - mod_userdir: Fix possible memory corruption issue.  Bug 34588.
     [David Leonard <dleonard vintela.com>]
   - worker mpm: don't take down the whole server for a transient
     thread creation failure. Bug 34514 [Greg Ames]
   - mod_rewrite: use buffered I/O to improve performance with large
     RewriteMap txt: files.  [Greg Ames]
   - proxy HTTP: Rework the handling of request bodies to handle
     chunked input and input filters which modify content length, and
     avoid spooling arbitrary-sized request bodies in memory.
     Bug 15859.  [Jeff Trawick]

   Patches supplied by Ben Collver. Addresses PR pkg/31817 by Zafer Aydogan.

Revision 1.84 / (download) - annotate - [select for diffs], Mon Oct 17 10:28:46 2005 UTC (13 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.83: +1 -2 lines
Diff to previous 1.83 (colored)

Update "apr" package to version 0.9.7. Changes since version 0.9.6:
- Fix crash in apr_dir_make_recursive() for relative path
  when the working directory has been deleted.  [Joe Orton]
- Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT,
  returning APR_EBUSY.  [Ronen Mizrahi <ronen@tversity.com>]
- Fix apr_file_read() to catch write failures when flushing pending
  writes for a buffered file.  [Joe Orton]
- Fix apr_file_write() infinite loop on write failure for buffered
  files.  [Erik Huelsmann <ehuels gmail.com>]
- Fix error handling where apr_uid_* and apr_gid_* could segfault
  or return APR_SUCCESS in failure cases.  PR 34053.  [Joe Orton,
  Paul Querna]
- Refactor Win32 condition variables code to address bugs 27654, 34336.
  [Henry Jen <henryjen ztune.net>, E Holyat <eholyat yahoo.com>]
- Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows.  PR 32177.
  [Sim <sgobbi datamanagement.it>, Jeff Trawick]
- Fix detection of rwlocks on Mac OS X. [Aaron Bannert]
- Fix issue with poll() followed by net I/O yielding EAGAIN on
  Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez]

Update based on patches supplied by Ben Collver. Addresses first part
of PR pkg/31817 by Zafer Aydogan.

Revision 1.83 / (download) - annotate - [select for diffs], Wed Sep 28 14:31:09 2005 UTC (13 years, 10 months ago) by rillig
Branch: MAIN
Changes since 1.82: +2 -2 lines
Diff to previous 1.82 (colored)

Removed trailing white-space.

Revision 1.75.2.3 / (download) - annotate - [select for diffs], Fri Sep 2 12:19:02 2005 UTC (13 years, 11 months ago) by salo
Branch: pkgsrc-2005Q2
Changes since 1.75.2.2: +2 -2 lines
Diff to previous 1.75.2.2 (colored) to branchpoint 1.75 (colored) next main 1.76 (colored)

Pullup ticket 732 - requested by Matthias Scheler
security fix for apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile		1.82
- pkgsrc/www/apache2/distinfo		1.41
- pkgsrc/www/apache2/patches/patch-ae	1.5

   Module Name:		pkgsrc
   Committed By:	tron
   Date:		Fri Sep  2 11:40:56 UTC 2005

   Modified Files:
   	pkgsrc/www/apache2: Makefile distinfo
   	pkgsrc/www/apache2/patches: patch-ae

   Log Message:
   Add patch from Apache SVN repository to fix weak client certificate
   validation reported in CAN-2005-2700. Bump package revision.

Revision 1.82 / (download) - annotate - [select for diffs], Fri Sep 2 11:40:56 2005 UTC (13 years, 11 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)

Add patch from Apache SVN repository to fix weak client certificate
validation reported in CAN-2005-2700. Bump package revision.

Revision 1.75.2.2 / (download) - annotate - [select for diffs], Mon Aug 29 09:26:03 2005 UTC (13 years, 11 months ago) by salo
Branch: pkgsrc-2005Q2
Changes since 1.75.2.1: +2 -2 lines
Diff to previous 1.75.2.1 (colored) to branchpoint 1.75 (colored)

Pullup ticket 721 - requested by Adrian Portelli
security fix for apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile		1.81
- pkgsrc/www/apache2/distinfo		1.40
- pkgsrc/www/apache2/patches/patch-ah	1.8
- pkgsrc/www/apache2/patches/patch-aj	1.3

   Module Name:		pkgsrc
   Committed By:	tron
   Date:		Sun Aug 28 08:36:55 UTC 2005

   Modified Files:
   	pkgsrc/www/apache2: Makefile distinfo
   Added Files:
   	pkgsrc/www/apache2/patches: patch-ah patch-aj

   Log Message:
   - Add security patch for CAN-2005-2491 from Apache SVN repository.
   - Add patch for high memory usage caused by "Byterange" support
     from Apache SVN repository.
   Bump package revision because of the above changes.

Revision 1.81 / (download) - annotate - [select for diffs], Sun Aug 28 08:36:55 2005 UTC (13 years, 11 months ago) by tron
Branch: MAIN
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored)

- Add security patch for CAN-2005-2491 from Apache SVN repository.
- Add patch for high memory usage caused by "Byterange" support
  from Apache SVN repository.
Bump package revision because of the above changes.

Revision 1.80 / (download) - annotate - [select for diffs], Tue Aug 23 11:48:51 2005 UTC (13 years, 11 months ago) by rillig
Branch: MAIN
Changes since 1.79: +2 -2 lines
Diff to previous 1.79 (colored)

The real user name in PKG_USERS does not need to be escaped with double
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.

Revision 1.79 / (download) - annotate - [select for diffs], Sat Aug 20 03:36:25 2005 UTC (14 years ago) by jlam
Branch: MAIN
Changes since 1.78: +4 -4 lines
Diff to previous 1.78 (colored)

The htdocs directory is under ${PREFIX}, so use REQD_DIRS instead of
MAKE_DIRS.  This causes the htdocs directory to be conditionally
removed every time, regardless of the value of PKG_CONFIG.  Bump the
PKGREVISION to 3.

Revision 1.78 / (download) - annotate - [select for diffs], Fri Aug 19 18:12:39 2005 UTC (14 years ago) by jlam
Branch: MAIN
Changes since 1.77: +4 -4 lines
Diff to previous 1.77 (colored)

Merge CONF_FILES/SUPPORT_FILES and CONF_FILES_PERMS/SUPPORT_FILES_PERMS
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files.  Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.

Revision 1.75.2.1 / (download) - annotate - [select for diffs], Mon Aug 8 18:47:04 2005 UTC (14 years ago) by snj
Branch: pkgsrc-2005Q2
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)

Pullup ticket 668 - requested by Matthias Scheler
security fix for apache2

Revisions pulled up:
- pkgsrc/www/apache2/Makefile		1.77
- pkgsrc/www/apache2/distinfo		1.39
- pkgsrc/www/apache2/patches/patch-ae	1.4
- pkgsrc/www/apache2/patches/patch-af	1.4

    Module Name:    pkgsrc
    Committed By:   tron
    Date:           Mon Aug  8 18:30:26 UTC 2005

    Modified Files:
            pkgsrc/www/apache2: Makefile distinfo
    Added Files:
            pkgsrc/www/apache2/patches: patch-ae patch-af

    Log Message:
    Add fixes for CAN-2005-1268 (not really a security problem) and
    CAN-2005-2088 from the Apache SVN repository.

Revision 1.77 / (download) - annotate - [select for diffs], Mon Aug 8 18:30:26 2005 UTC (14 years ago) by tron
Branch: MAIN
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)

Add fixes for CAN-2005-1268 (not really a security problem) and
CAN-2005-2088 from the Apache SVN repository.

Revision 1.76 / (download) - annotate - [select for diffs], Sat Jul 16 19:10:40 2005 UTC (14 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)

Remove some unnecessarily strong dependencies on perl that resulted
from including perl5/buildlink3.mk.  These packages just need the Perl
interpreter, and can just add "perl" to USE_TOOLS instead.

Revision 1.75 / (download) - annotate - [select for diffs], Sat May 21 04:10:18 2005 UTC (14 years, 3 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base
Branch point for: pkgsrc-2005Q2
Changes since 1.74: +5 -5 lines
Diff to previous 1.74 (colored)

SUBST_FILES.* must be relative to ${WRKSRC}.

Revision 1.74 / (download) - annotate - [select for diffs], Sat May 21 03:49:52 2005 UTC (14 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)

Move the PKGREVISION from the Makefile.common. It should be used
for revisions for a single package. I don't think this "suexec"
PKGREVISION was meant for the apr package, but since it was used
it is now there.

I noticed this problem when building wip/apachebench2 which has
nothing to do with suexec. Although, I did not make this change
for pkgsrc-wip's wip/apachebench2 since this is a work in progress.

Revision 1.73 / (download) - annotate - [select for diffs], Tue May 10 00:11:18 2005 UTC (14 years, 3 months ago) by jlam
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)

apr/buildlink3.mk defines PKG_BUILD_OPTIONS.apr as the result of the
PKG_OPTIONS computation for devel/apr.  Check that for the presence of
db4 instead.

Revision 1.72 / (download) - annotate - [select for diffs], Mon May 9 21:57:05 2005 UTC (14 years, 3 months ago) by dillo
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

Check if a variable is defined before matching against it in .if
Noted by kristerw.

Revision 1.71 / (download) - annotate - [select for diffs], Mon Apr 25 09:13:14 2005 UTC (14 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.70: +12 -14 lines
Diff to previous 1.70 (colored)

Changes 2.0.54:
  *) mod_cache: Add CacheIgnoreHeaders directive.
  *) mod_ldap: Added the directive LDAPConnectionTimeout to configure
     the ldap socket connection timeout value.
  *) Correctly export all mod_dav public functions.
  *) Add a build script to create a solaris package.
  *) worker MPM: Fix a problem which could cause httpd processes to
     remain active after shutdown.
  *) Unix MPMs: Shut down the server more quickly when child processes are
     slow to exit.
  *) Remove formatting characters from ap_log_error() calls.  These
     were escaped as fallout from CAN-2003-0020.
  *) mod_ssl: If SSLUsername is used, set r->user earlier.
  *) htdigest: Fix permissions of created files.
  *) core_input_filter: Move buckets to a persistent brigade instead of
     creating a new brigade. This stop a memory leak when proxying a
     Streaming Media Server.
  *) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid
     hiccups from additional path information passed in non-utf-8 format.

Revision 1.70 / (download) - annotate - [select for diffs], Mon Apr 18 14:35:57 2005 UTC (14 years, 4 months ago) by tron
Branch: MAIN
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

Remove custom "restart" code from startup script so that Apache really
gets restarted when "/etc/rc.d/apache restart" is used. This fixes
PR pkg/24179 for the "apache2" package.

Revision 1.69 / (download) - annotate - [select for diffs], Tue Apr 12 05:49:45 2005 UTC (14 years, 4 months ago) by martti
Branch: MAIN
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)

Updated apache to 2.0.53nb1

- added mkcert to help with certificate creation

Revision 1.68 / (download) - annotate - [select for diffs], Mon Apr 11 21:47:51 2005 UTC (14 years, 4 months ago) by tv
Branch: MAIN
Changes since 1.67: +1 -2 lines
Diff to previous 1.67 (colored)

Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.67 / (download) - annotate - [select for diffs], Mon Apr 11 18:56:05 2005 UTC (14 years, 4 months ago) by martti
Branch: MAIN
Changes since 1.66: +8 -2 lines
Diff to previous 1.66 (colored)

Install mkcert to help with certificate creation. The script was
taken from the ap-ssl package (which is for apache 1.3.x).

Revision 1.61.2.1 / (download) - annotate - [select for diffs], Thu Feb 10 15:22:24 2005 UTC (14 years, 6 months ago) by salo
Branch: pkgsrc-2004Q4
Changes since 1.61: +1 -2 lines
Diff to previous 1.61 (colored) next main 1.62 (colored)

Pullup ticket 277 - requested by Matthias Scheler
security fix for apache2

Revisions pulled up:
- pkgsrc/devel/apr/Makefile           1.31
- pkgsrc/devel/apr/distinfo           1.11
- pkgsrc/www/apache2/Makefile         1.66 (merged by hand)
- pkgsrc/www/apache2/Makefile.common  1.13
- pkgsrc/www/apache2/PLIST            1.27
- pkgsrc/www/apache2/distinfo         1.36 (merged by hand)
- pkgsrc/www/apache2/patches/patch-aa 1.14
- pkgsrc/www/apache2/patches/patch-as removed
- pkgsrc/www/apache2/patches/patch-at removed

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Wed Feb  9 14:52:12 UTC 2005

   Modified Files:
   	pkgsrc/devel/apr: Makefile distinfo

   Log Message:
   Update "apr" package to version 0.9.6.2.0.53. Changes since
   version 0.9.5.2.0.52:
   - Add apr_threadattr_stacksize_set() for overriding the default
     stack size for threads created by apr_thread_create().
   - Add an RPM spec file.
   - Add a build script to create a solaris package.
---
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Wed Feb  9 14:57:52 UTC 2005

   Modified Files:
   	pkgsrc/www/apache2: Makefile Makefile.common PLIST distinfo
   	pkgsrc/www/apache2/patches: patch-aa
   Removed Files:
   	pkgsrc/www/apache2/patches: patch-as patch-at

   Log Message:
   Update "apache2" package to version 2.0.53. Changes since version 2.0.52:
   - Fix --with-apr=/usr and/or --with-apr-util=/usr.  Bug report 29740.
     [Max Bowsher <maxb ukf.net>]
   - mod_proxy: Fix ProxyRemoteMatch directive.  Bug report 33170.
     [Rici Lake <rici ricilake.net>]
   - mod_proxy: Respect errors reported by pre_connection hooks.
     [Jeff Trawick]
   - --with-module can now take more than one module to be statically
     linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
     If the <modtype>-subdirectory doesn't exist it will be created and
     populated with a standard Makefile.in.  [Erik Abele]
   - Fix the RPM spec file so that an RPM build now works. An RPM
     build now requires system installations of APR and APR-util.
     Remove some arbitrary moving around of binaries - the RPM now
     maps to the ASF build of httpd.
     [Graham Leggett]
   - mod_dumpio, an I/O logging/dumping module, added to the
     modules/expermimental subdirectory.  [Jim Jagielski]
   - mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
     library handles special characters.  Bug report 24437.
     [Jess Holle]
   - Win32 MPM: Correct typo in debugging output.  [William Rowe]
   - conf: Remove AddDefaultCharset from the default configuration because
     setting a site-wide default does more harm than good.
     Bug report 23421. [Roy Fielding]
   - Add charset to example CGI scripts.  [Roy Fielding]
   - mod_ssl: fail quickly if SSL connection is aborted rather than
     making many doomed ap_pass_brigade calls.
     Bug report 32699.  [Joe Orton]
   - Remove compiled-in upper limit on LimitRequestFieldSize.
     [Bill Stoddard]
   - Start keeping track of time-taken-to-process-request again for
     mod_status if ExtendedStatus is enabled. [Jim Jagielski]
   - mod_proxy: Handle client-aborted connections correctly.
     Bug report 32443.  [Janne Hietamäki, Joe Orton]
   - Fix handling of files >2Gb on all platforms (or builds) where
     apr_off_t is larger than apr_size_t.
     Bug report 28898.  [Joe Orton]
   - mod_include: Fix bug which could truncate variable expansions
     of N*64 characters by one byte.  Bug report 32985.  [Joe Orton]
   - Correct handling of certain bucket types in ap_save_brigade, fixing
     possible segfaults in mod_cgi with #include virtual.
     Bug report 31247.  [Joe Orton]
   - Allow for the use of --with-module=foo:bar where the ./modules/foo
     directory is local only. Assumes, of course, that the required
     files are in ./modules/foo, but makes it easier to statically
     build/log "external" modules.  [Jim Jagielski]
   - Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that
     ldap authorization only modules have access to the util_ldap
     user cache without having to require ldap authentication as well.
     Bug report 31898.  [Jari Ahonen jah progress.com, Brad Nicholes]
   - mod_auth_ldap: Added the directive "Requires ldap-attribute" that
     allows the module to only authorize a user if the attribute value
     specified matches the value of the user object. Bug report 31913
     [Ryan Morgan <rmorgan pobox.com>]
   - SECURITY: CAN-2004-0942 (cve.mitre.org)
     Fix for memory consumption DoS in handling of MIME folded request
     headers.  [Joe Orton]
   - SECURITY: CAN-2004-0885 (cve.mitre.org)
     mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
     bypassed during an SSL renegotiation.  Bug report 31505.
     [Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton]
   - mod_ssl: Fail at startup rather than segfault at runtime if a
     client cert is configured with an encrypted private key.
     Bug report 24030.  [Joe Orton]
   - apxs: fix handling of -Wc/-Wl and "-o mod_foo.so".
     Bug report 31448 [Joe Orton]
   - mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
     [Jeff Trawick]
   - mod_cache: CacheDisable will only disable the URLs it was meant to
     disable, not all caching. Bug report 31128.
     [Edward Rudd <eddie omegaware.com>, Paul Querna]
   - mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
     cache responses.  [Justin Erenkrantz]
   - mod_rewrite: Handle per-location rules when r->filename is unset.
     Previously this would segfault or simply not match as expected,
     depending on the platform.  [Jeff Trawick]
   - mod_rewrite: Fix 0 bytes write into random memory position.
     Bug report 31036. [André Malo]
   - mod_disk_cache: Do not store aborted content.  Bug report 21492.
     [Rüdiger Plüm <r.pluem t-online.de>]
   - mod_disk_cache: Correctly store cached content type.
     Bug report 30278.
     [Rüdiger Plüm <r.pluem t-online.de>]
   - mod_ldap: prevent the possiblity of an infinite loop in the LDAP
     statistics display. Bug report 29216. [Graham Leggett]
   - mod_ldap: fix a bogus error message to tell the user which file
     is causing a potential problem with the LDAP shared memory cache.
     Bug report 31431 [Graham Leggett]
   - mod_disk_cache: Do not store hop-by-hop headers.  [Justin Erenkrantz]
   - Fix the re-linking issue when purging elements from the LDAP cache
     Bug report 24801.  [Jess Holle <jessh ptc.com>]
   - mod_disk_cache: Fix races in saving responses.  [Justin Erenkrantz]
   - Fix Expires handling in mod_cache.  [Justin Erenkrantz]
   - Alter mod_expires to run at a different filter priority to allow
     proper Expires storage by mod_cache.  [Justin Erenkrantz]

Revision 1.66 / (download) - annotate - [select for diffs], Wed Feb 9 14:57:52 2005 UTC (14 years, 6 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.65: +1 -2 lines
Diff to previous 1.65 (colored)

Update "apache2" package to version 2.0.53. Changes since version 2.0.52:
- Fix --with-apr=/usr and/or --with-apr-util=/usr.  Problem report 29740.
  [Max Bowsher <maxb ukf.net>]
- mod_proxy: Fix ProxyRemoteMatch directive.  Problem report 33170.
  [Rici Lake <rici ricilake.net>]
- mod_proxy: Respect errors reported by pre_connection hooks.
  [Jeff Trawick]
- --with-module can now take more than one module to be statically
  linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
  If the <modtype>-subdirectory doesn't exist it will be created and
  populated with a standard Makefile.in.  [Erik Abele]
- Fix the RPM spec file so that an RPM build now works. An RPM
  build now requires system installations of APR and APR-util.
  Remove some arbitrary moving around of binaries - the RPM now
  maps to the ASF build of httpd.
  [Graham Leggett]
- mod_dumpio, an I/O logging/dumping module, added to the
  modules/expermimental subdirectory.  [Jim Jagielski]
- mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
  library handles special characters.  Problem report 24437.
  [Jess Holle]
- Win32 MPM: Correct typo in debugging output.  [William Rowe]
- conf: Remove AddDefaultCharset from the default configuration because
  setting a site-wide default does more harm than good.
  Problem report 23421. [Roy Fielding]
- Add charset to example CGI scripts.  [Roy Fielding]
- mod_ssl: fail quickly if SSL connection is aborted rather than
  making many doomed ap_pass_brigade calls.
  Problem report 32699.  [Joe Orton]
- Remove compiled-in upper limit on LimitRequestFieldSize.
  [Bill Stoddard]
- Start keeping track of time-taken-to-process-request again for
  mod_status if ExtendedStatus is enabled. [Jim Jagielski]
- mod_proxy: Handle client-aborted connections correctly.
  Problem report 32443.  [Janne Hietamäki, Joe Orton]
- Fix handling of files >2Gb on all platforms (or builds) where
  apr_off_t is larger than apr_size_t.
  Problem report 28898.  [Joe Orton]
- mod_include: Fix bug which could truncate variable expansions
  of N*64 characters by one byte.  Problem report 32985.  [Joe Orton]
- Correct handling of certain bucket types in ap_save_brigade, fixing
  possible segfaults in mod_cgi with #include virtual.
  Problem report 31247.  [Joe Orton]
- Allow for the use of --with-module=foo:bar where the ./modules/foo
  directory is local only. Assumes, of course, that the required
  files are in ./modules/foo, but makes it easier to statically
  build/log "external" modules.  [Jim Jagielski]
- Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that
  ldap authorization only modules have access to the util_ldap
  user cache without having to require ldap authentication as well.
  Problem report 31898.  [Jari Ahonen jah progress.com, Brad Nicholes]
- mod_auth_ldap: Added the directive "Requires ldap-attribute" that
  allows the module to only authorize a user if the attribute value
  specified matches the value of the user object. Problem report 31913
  [Ryan Morgan <rmorgan pobox.com>]
- SECURITY: CAN-2004-0942 (cve.mitre.org)
  Fix for memory consumption DoS in handling of MIME folded request
  headers.  [Joe Orton]
- SECURITY: CAN-2004-0885 (cve.mitre.org)
  mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
  bypassed during an SSL renegotiation.  Problem report 31505.
  [Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton]
- mod_ssl: Fail at startup rather than segfault at runtime if a
  client cert is configured with an encrypted private key.
  Problem report 24030.  [Joe Orton]
- apxs: fix handling of -Wc/-Wl and "-o mod_foo.so".
  Problem report 31448 [Joe Orton]
- mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
  [Jeff Trawick]
- mod_cache: CacheDisable will only disable the URLs it was meant to
  disable, not all caching. Problem report 31128.
  [Edward Rudd <eddie omegaware.com>, Paul Querna]
- mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
  cache responses.  [Justin Erenkrantz]
- mod_rewrite: Handle per-location rules when r->filename is unset.
  Previously this would segfault or simply not match as expected,
  depending on the platform.  [Jeff Trawick]
- mod_rewrite: Fix 0 bytes write into random memory position.
  Problem report 31036. [André Malo]
- mod_disk_cache: Do not store aborted content.  Problem report 21492.
  [Rüdiger Plüm <r.pluem t-online.de>]
- mod_disk_cache: Correctly store cached content type.
  Problem report 30278.
  [Rüdiger Plüm <r.pluem t-online.de>]
- mod_ldap: prevent the possiblity of an infinite loop in the LDAP
  statistics display. Problem report 29216. [Graham Leggett]
- mod_ldap: fix a bogus error message to tell the user which file
  is causing a potential problem with the LDAP shared memory cache.
  Problem report 31431 [Graham Leggett]
- mod_disk_cache: Do not store hop-by-hop headers.  [Justin Erenkrantz]
- Fix the re-linking issue when purging elements from the LDAP cache
  Problem report 24801.  [Jess Holle <jessh ptc.com>]
- mod_disk_cache: Fix races in saving responses.  [Justin Erenkrantz]
- Fix Expires handling in mod_cache.  [Justin Erenkrantz]
- Alter mod_expires to run at a different filter priority to allow
  proper Expires storage by mod_cache.  [Justin Erenkrantz]

Revision 1.65 / (download) - annotate - [select for diffs], Mon Feb 7 08:37:22 2005 UTC (14 years, 6 months ago) by martin
Branch: MAIN
Changes since 1.64: +3 -3 lines
Diff to previous 1.64 (colored)

Make deflate a default module; bump pkgrevision.
This closes PR 26824. Approved by Johnny C. Lam.

Revision 1.64 / (download) - annotate - [select for diffs], Mon Jan 3 01:04:26 2005 UTC (14 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Add a patch missed in the previous commit.

Bump PKGREVISION becuase this patch will change the binary package.

Revision 1.63 / (download) - annotate - [select for diffs], Sat Jan 1 17:24:25 2005 UTC (14 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.62: +3 -2 lines
Diff to previous 1.62 (colored)

Always use ${PERL5} as a perl path, instead of depending on PrintPath.

Bump PKGREVISION.

Revision 1.62 / (download) - annotate - [select for diffs], Tue Dec 28 02:47:50 2004 UTC (14 years, 7 months ago) by reed
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)

The default location of the pkgsrc-installed rc.d scripts is now
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.

This is from ideas from Greg Woods and others.

Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).

Revision 1.61 / (download) - annotate - [select for diffs], Sat Dec 18 08:42:12 2004 UTC (14 years, 8 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base
Branch point for: pkgsrc-2004Q4
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored)

- Bump to nb5 to specifically address a new apache vuln:
  http://issues.apache.org/bugzilla/show_bug.cgi?id=31505
  http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
- Changes backported from apache CVS HEAD:
  http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_kernel.c?r1=1.110&r2=1.111
  http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_init.c?r1=1.128&r2=1.129

Revision 1.60 / (download) - annotate - [select for diffs], Tue Dec 7 22:25:50 2004 UTC (14 years, 8 months ago) by seb
Branch: MAIN
Changes since 1.59: +3 -3 lines
Diff to previous 1.59 (colored)

Classes must be appended to SUBST_CLASSES.

Revision 1.59 / (download) - annotate - [select for diffs], Tue Nov 30 23:21:43 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)

Modify the apxs(8) script to use ${APR_LIBTOOL} as the libtool to
build modules if APR_LIBTOOL is defined in the environment.  Force
the use of the libtool wrapper by module packages by setting APR_LIBTOOL
in apache2/buildlink3.mk.  Bump the PKGREVISION.

Revision 1.58 / (download) - annotate - [select for diffs], Fri Nov 26 23:07:58 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.57: +3 -2 lines
Diff to previous 1.57 (colored)

Pass DL_* flags to the compiler when linking httpd since it dlopens
shared modules.  Bump the PKGREVISION.

Revision 1.44.2.2 / (download) - annotate - [select for diffs], Fri Nov 26 19:59:05 2004 UTC (14 years, 8 months ago) by snj
Branch: pkgsrc-2004Q3
Changes since 1.44.2.1: +1 -1 lines
Diff to previous 1.44.2.1 (colored) to branchpoint 1.44 (colored) next main 1.45 (colored)

Pullup ticket 119 - requested by Jeremy C. Reed
security fix for apache2

Module Name:	pkgsrc
Committed By:	reed
Date:		Sat Oct  2 15:47:03 UTC 2004

Modified Files:
	pkgsrc/devel/apr: distinfo
	pkgsrc/www/apache2: Makefile Makefile.common distinfo
Removed Files:
	pkgsrc/www/apache2/patches: patch-ab

Log Message:
Update apache to apache-2.0.52.

Also added comment to www/apache2/Makefile.common to remind to
update checksum in devel/apr also.

No actual devel/apr changes seen.

Also removed www/apache2/patches/patch-ab because it is identical to
fix for security in new version.

Changes with Apache 2.0.52
  *) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
  *) Fix the global mutex crash when the global mutex is never allocated
     due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
  *) Fix a segfault in the LDAP cache when it is configured switched
     off. [Jess Holle <jessh ptc.com>]
  *) SECURITY: CAN-2004-0811 (cve.mitre.org)
     Fix merging of the Satisfy directive, which was applied to
     the surrounding context and could allow access despite configured
     authentication.  PR 31315.  [Rici Lake <rici ricilake.net>]
  *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
     is enabled.  Previously, such urls would still be rejected.
     [Jeff Trawick, Bill Stoddard]
  *) mod_mem_cache: Fixed race condition causing segfault because of memory being
     freed twice, or reused after being freed.
     [J. Clar, W. Stoddard, G. Ames]
  *) Add -l option to rotatelogs to let it use local time rather than
     UTC.  PR 24417.  [Ken Coar, Uli Zappe <uli ritual.org>]
  *) mod_log_config: Fix a bug which prevented request completion time
     from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
     processing.  PR 29696.  [Alois Treindl <alois astro.ch>]
---
Module Name:	pkgsrc
Committed By:	reed
Date:		Sat Oct  2 16:38:38 UTC 2004

Modified Files:
	pkgsrc/www/apache2: Makefile PLIST

Log Message:
Sort the share/httpd/manual entries in the PLIST.

Added 35 share/httpd/manual entries to PLIST. Most are .ko.euc-kr,
.ko, ja.euc-jp, and .ja files.

I don't know when these were added.

Bump PKGREVISION because now package has several more files.

Revision 1.57 / (download) - annotate - [select for diffs], Wed Nov 24 07:39:50 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.56: +6 -1 lines
Diff to previous 1.56 (colored)

There are additional headers installed if APACHE_MPM == "worker".
Handle this with the usual PLIST_SUBST magic.

Revision 1.56 / (download) - annotate - [select for diffs], Tue Nov 23 00:37:04 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.55: +7 -13 lines
Diff to previous 1.55 (colored)

We don't need to check for APR_USE_* or generate our own _APR_OPTIONS
variable since the apr/buildlink3.mk file does the right thing for us
already; we simply need to include it and check the value of
PKG_OPTIONS.apr.

Revision 1.55 / (download) - annotate - [select for diffs], Mon Nov 22 22:52:53 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.54: +20 -5 lines
Diff to previous 1.54 (colored)

* Create APACHE_MPM variable that can be either "prefork" or "worker"
  (defaulting to "prefork") that chooses the multi-processing model
  for apache to handle requests.  "Prefork" is the method used by
  Apache-1.3, which is non-threaded.  "Worker" uses threads to handle
  requests.

* Fix libtool usage in this package.  Apache uses libtool, but is
  hardcoded to use the libtool installed by devel/apr.  Patch the
  generated makefile fragment to use a local libtool instead, and
  allow the usual libtool wrapper to take its place.

Revision 1.54 / (download) - annotate - [select for diffs], Mon Nov 22 20:25:26 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.53: +5 -21 lines
Diff to previous 1.53 (colored)

Convert to use bsd.options.mk: APACHE_SUEXEC is now the "suexec" option.

Revision 1.53 / (download) - annotate - [select for diffs], Mon Nov 22 19:56:23 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.52: +5 -2 lines
Diff to previous 1.52 (colored)

Clarify that APACHE_MODULES is the list of modules that are linked
statically into the httpd executable.

Revision 1.52 / (download) - annotate - [select for diffs], Mon Nov 22 19:54:47 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.51: +8 -4 lines
Diff to previous 1.51 (colored)

Fix OpenLDAP detection after devel/apr was converted to use bsd.options.mk.

Revision 1.51 / (download) - annotate - [select for diffs], Mon Nov 22 07:12:53 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.50: +7 -9 lines
Diff to previous 1.50 (colored)

Use BUILDLINK_PREFIX.apr to refer to the installed location of the apr
package.  Also, remove the need for a separate SUEXEC_COMMENT variable.

Revision 1.50 / (download) - annotate - [select for diffs], Wed Nov 10 01:09:10 2004 UTC (14 years, 9 months ago) by epg
Branch: MAIN
Changes since 1.49: +2 -1 lines
Diff to previous 1.49 (colored)

Add --localstatedir=${VARBASE} to CONFIGURE_ARGS.

Revision 1.44.2.1 / (download) - annotate - [select for diffs], Tue Nov 2 10:47:01 2004 UTC (14 years, 9 months ago) by agc
Branch: pkgsrc-2004Q3
Changes since 1.44: +2 -1 lines
Diff to previous 1.44 (colored)

Security Pullup - requested by Havard Eidnes
security fix for apache2

	Module Name:    pkgsrc
	Committed By:   reed
	Date:           Thu Sep 23 21:07:25 UTC 2004

	Modified Files:
		pkgsrc/www/apache2: Makefile
	Added Files:
		pkgsrc/www/apache2/patches: patch-ab

	Log Message:
	Add patch for Apache security issue.

	2.0.51 had a regression where the Satisfy directive could take
	effect for different directories (and could bypass some access
	control).

	This patch is direct from Apache.

	Also bumped the package revision.
---
	Module Name:    pkgsrc
	Committed By:   grant
	Date:           Thu Sep 23 22:51:52 UTC 2004

	Modified Files:
		pkgsrc/www/apache2: distinfo

	Log Message:
	update checksum for patch-ab (hi, reed!)

Revision 1.49 / (download) - annotate - [select for diffs], Sun Oct 3 00:18:24 2004 UTC (14 years, 10 months ago) by tv
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

Libtool fix for PR pkg/26633, and other issues.  Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.

Revision 1.48 / (download) - annotate - [select for diffs], Sat Oct 2 16:38:38 2004 UTC (14 years, 10 months ago) by reed
Branch: MAIN
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)

Sort the share/httpd/manual entries in the PLIST.

Added 35 share/httpd/manual entries to PLIST. Most are .ko.euc-kr,
.ko, ja.euc-jp, and .ja files.

I don't know when these were added.

Bump PKGREVISION because now package has several more files.

Revision 1.47 / (download) - annotate - [select for diffs], Sat Oct 2 15:47:02 2004 UTC (14 years, 10 months ago) by reed
Branch: MAIN
Changes since 1.46: +1 -2 lines
Diff to previous 1.46 (colored)

Update apache to apache-2.0.52.

Also added comment to www/apache2/Makefile.common to remind to
update checksum in devel/apr also.

No actual devel/apr changes seen.

Also removed www/apache2/patches/patch-ab because it is identical to
fix for security in new version.

Changes with Apache 2.0.52
  *) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
  *) Fix the global mutex crash when the global mutex is never allocated
     due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
  *) Fix a segfault in the LDAP cache when it is configured switched
     off. [Jess Holle <jessh ptc.com>]
  *) SECURITY: CAN-2004-0811 (cve.mitre.org)
     Fix merging of the Satisfy directive, which was applied to
     the surrounding context and could allow access despite configured
     authentication.  PR 31315.  [Rici Lake <rici ricilake.net>]
  *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
     is enabled.  Previously, such urls would still be rejected.
     [Jeff Trawick, Bill Stoddard]
  *) mod_mem_cache: Fixed race condition causing segfault because of memory being
     freed twice, or reused after being freed.
     [J. Clar, W. Stoddard, G. Ames]
  *) Add -l option to rotatelogs to let it use local time rather than
     UTC.  PR 24417.  [Ken Coar, Uli Zappe <uli ritual.org>]
  *) mod_log_config: Fix a bug which prevented request completion time
     from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
     processing.  PR 29696.  [Alois Treindl <alois astro.ch>]

Revision 1.46 / (download) - annotate - [select for diffs], Tue Sep 28 17:59:55 2004 UTC (14 years, 10 months ago) by erh
Branch: MAIN
Changes since 1.45: +1 -2 lines
Diff to previous 1.45 (colored)

Not all ap-* packages are apache1.  Some work for either apache so don't force
a conflict.

Revision 1.45 / (download) - annotate - [select for diffs], Thu Sep 23 21:07:25 2004 UTC (14 years, 10 months ago) by reed
Branch: MAIN
Changes since 1.44: +2 -1 lines
Diff to previous 1.44 (colored)

Add patch for Apache security issue.

2.0.51 had a regression where the Satisfy directive could take
effect for different directories (and could bypass some access
control).

This patch is direct from Apache.

Also bumped the package revision.

Revision 1.44 / (download) - annotate - [select for diffs], Mon Sep 20 17:19:33 2004 UTC (14 years, 11 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base
Branch point for: pkgsrc-2004Q3
Changes since 1.43: +1 -2 lines
Diff to previous 1.43 (colored)

- Update apache to 2.0.51
- Remove patch-as and patch-ah as they are now outdated and included in the src

- ok'ed snj@, wiz@
- Thanks to epg@ for final check

This version of Apache is principally a bug fix release. Of particular note
is that 2.0.51 addresses five security vulnerabilities:

An input validation issue in IPv6 literal address parsing which can result
in a negative length parameter being passed to memcpy.
[CAN-2004-0786]

A buffer overflow in configuration file parsing could allow a local user to
gain the privileges of a httpd child if the server can be forced to parse a
carefully crafted .htaccess file.
[CAN-2004-0747]

A segfault in mod_ssl which can be triggered by a malicious remote server,
if proxying to SSL servers has been configured.
[CAN-2004-0751]

A potential infinite loop in mod_ssl which could be triggered given
particular timing of a connection abort.
[CAN-2004-0748]

A segfault in mod_dav_fs which can be remotely triggered by an indirect lock
refresh request.
[CAN-2004-0809]

For further details, see http://www.apache.org/dist/httpd/Announcement2.html
and http://apache.rmplc.co.uk/httpd/CHANGES_2.0.

Revision 1.43 / (download) - annotate - [select for diffs], Tue Sep 7 19:43:03 2004 UTC (14 years, 11 months ago) by adrianp
Branch: MAIN
Changes since 1.42: +2 -1 lines
Diff to previous 1.42 (colored)

Security update for apache2 with the changes backported from the
Apache CVS tree.

CAN-2004-0748
http://issues.apache.org/bugzilla/show_bug.cgi?id=29964
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.124&r2=1.125

CAN-2004-0751
http://issues.apache.org/bugzilla/show_bug.cgi?id=30134
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.125&r2=1.126

Revision 1.36.2.2 / (download) - annotate - [select for diffs], Mon Jul 26 07:22:52 2004 UTC (15 years ago) by agc
Branch: pkgsrc-2004Q2
Changes since 1.36.2.1: +2 -30 lines
Diff to previous 1.36.2.1 (colored) to branchpoint 1.36 (colored) next main 1.37 (colored)

Pullup ticket 63 to the pkgsrc-2004Q2 branch, requested by Grant Beattie

Complete ticket 57 - security fix for apache2

	Module Name:    pkgsrc
	Committed By:   adrianp
	Date:           Thu Jul 15 04:38:17 UTC 2004

	Modified Files:
		pkgsrc/www/apache2: Makefile PLIST
	Removed Files:
		pkgsrc/www/apache2: PLIST.deffiles

	Log Message:
	- Backout recent APACHE_DEFAULT_FILES build def as some ppl are having
	problems with it and it also looks like it might be breaking some
	apache related packages.

Revision 1.42 / (download) - annotate - [select for diffs], Sat Jul 17 00:18:31 2004 UTC (15 years, 1 month ago) by xtraeme
Branch: MAIN
Changes since 1.41: +8 -1 lines
Diff to previous 1.41 (colored)

Enable OpenLDAP support if APR_USE_OPENLDAP == [Yy][Ee][Ss].
(ldap and auth_ldap modules).

This closes PR pkg/26166.

Revision 1.41 / (download) - annotate - [select for diffs], Thu Jul 15 04:38:17 2004 UTC (15 years, 1 month ago) by adrianp
Branch: MAIN
Changes since 1.40: +2 -30 lines
Diff to previous 1.40 (colored)

- Backout recent APACHE_DEFAULT_FILES build def as some ppl are having
problems with it and it also looks like it might be breaking some
apache related packages.

Revision 1.40 / (download) - annotate - [select for diffs], Wed Jul 14 14:36:48 2004 UTC (15 years, 1 month ago) by seb
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

Fix PLIST issue.

As soon as PLIST_SRC is defined the "default" PLIST files are not
added to PLIST_SRC. So 'PLIST' has to be explicitly listed in the
APACHE_DEFAULT_FILES == "yes" case.

Revision 1.39 / (download) - annotate - [select for diffs], Wed Jul 14 13:21:37 2004 UTC (15 years, 1 month ago) by xtraeme
Branch: MAIN
Changes since 1.38: +6 -6 lines
Diff to previous 1.38 (colored)

s,/var,${VARBASE},g

Revision 1.36.2.1 / (download) - annotate - [select for diffs], Wed Jul 14 12:39:00 2004 UTC (15 years, 1 month ago) by agc
Branch: pkgsrc-2004Q2
Changes since 1.36: +64 -21 lines
Diff to previous 1.36 (colored)

Pullup ticket 57 to the pkgsrc-2004Q2 branch, requested by Grant Beattie.

Security and other bug fixes for apache2.

	Module Name:    pkgsrc
	Committed By:   adrianp
	Date:           Wed Jul 14 08:28:51 UTC 2004

	Modified Files:
		pkgsrc/www/apache2: Makefile Makefile.common PLIST buildlink3.mk
		    distinfo
		pkgsrc/www/apache2/patches: patch-aa
	Added Files:
		pkgsrc/www/apache2: PLIST.deffiles
	Removed Files:
		pkgsrc/www/apache2/patches: patch-as

	Log Message:
	- Update to apache 2.0.50
	- Add new build def APACHE_DEFAULT_FILES

and

	Module Name:    pkgsrc
	Committed By:   adrianp
	Date:           Wed Jul 14 08:31:12 UTC 2004

	Modified Files:
		pkgsrc/devel/apr: buildlink3.mk distinfo

	Log Message:
	- Update to apache 2.0.50
	- Add new build def APACHE_DEFAULT_FILES

Revision 1.38 / (download) - annotate - [select for diffs], Wed Jul 14 08:28:51 2004 UTC (15 years, 1 month ago) by adrianp
Branch: MAIN
Changes since 1.37: +64 -21 lines
Diff to previous 1.37 (colored)

- Update to apache 2.0.50
- Add new build def APACHE_DEFAULT_FILES

Changes with Apache 2.0.50

  *) SECURITY: CAN-2004-0493 (cve.mitre.org)
     Close a denial of service vulnerability identified by Georgi
     Guninski which could lead to memory exhaustion with certain
     input data.  [Jeff Trawick]

  *) mod_cgi: Handle output on stderr during script execution on Unix
     platforms; preventing deadlock when stderr output fills pipe buffer.
     Also fixes case where stderr from nph- scripts could be lost.
     PR 22030, 18348.  [Joe Orton, Jeff Trawick]

  *) mod_alias now emits a warning if it detects overlapping *Alias*
     directives.  [André Malo]

  *) mod_rewrite no longer turns forward proxy requests into reverse proxy
     requests. PR 28125  [ast domdv.de, André Malo]

  *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
     exported on Win32 and Netware as well (minor MMN bump).  PR 28523.
     [Edward Rudd <eddie omegaware.com>, André Malo]

  *) Restore the ability to disable the use of AcceptEx on Win9x systems
     automatically (broken in 2.0.49). PR 28529.  [André Malo]

  *) <VirtualHost myhost> now applies to all IP addresses for myhost
     instead of just the first one reported by the resolver.  This
     corrects a regression since 1.3.  [Jeff Trawick]

  *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
     against ServerRoot PR#26602 [Brad Nicholes]

  *) SECURITY: CAN-2004-0488 (cve.mitre.org)
     mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
     (trusted) client certificate subject DN which exceeds 6K in length.
     [Joe Orton]

  *) mod_dav_fs: Fix MKCOL response for missing parent collections, which
     caused issues for the Eclipse WebDAV extension.
     PR 29034.  [Joe Orton]

  *) mod_deflate: Fix memory consumption (which was proportional to the
     response size).  PR 29318.  [Joe Orton]

  *) mod_ssl: Log the errors returned on failure to load or initialize
     a crypto accelerator engine.  [Joe Orton]

  *) Allow RequestHeader directives to be conditional. PR 27951.
     [Vincent Deffontaines <vincent gryzor.com>, André Malo]

  *) Allow LimitRequestBody to be reset to unlimited. PR 29106
     [André Malo]

  *) Fix a bunch of cases where the return code of the regex compiler
     was not checked properly. This affects: mod_setenvif, mod_usertrack,
     mod_proxy, mod_proxy_ftp and core. PR 28218.  [André Malo]

  *) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
     small cache sizes.  PR 27751.  [Geoff Thorpe <geoff geoffthorpe.net>]

  *) Remove 2Gb log file size restriction on some 32-bit platforms.
     PR 13511.  [Joe Orton]

  *) mod_logio no longer removes the EOS bucket. PR 27928.
     [Bojan Smojver <bojan rexursive.com>]

  *) htpasswd no longer refuses to process files that contain empty
     lines.  [André Malo]

  *) Regression from 1.3: At startup, suexec now will be checked for
     availability, the setuid bit and user root. The works only if
     httpd is compiled with the shipped APR version (0.9.5).
     PR 28287.  [André Malo]

  *) Unix MPMs: Stop dropping connections when the file descriptor
     is at least FD_SETSIZE.  [Jeff Trawick]

  *) Fix handling of IPv6 numeric strings in mod_proxy.  [Jeff Trawick]

  *) mod_isapi: send_response_header() failed to copy status string's
     last character.  PR 20619.  [Jesse Pelton <jsp pkc.com>]

  *) Fix a segfault when requests for shared memory fails and returns
     NULL. Fix a segfault caused by a lack of bounds checking on the
     cache.  PR 24801.  [Graham Leggett]

  *) Throw an error message if an attempt is made to use the LDAPTrustedCA
     or LDAPTrustedCAType directives in a VirtualHost. PR 26390
     [Brad Nicholes]

  *) Fix a potential segfault if the bind password in the LDAP cache
     is NULL.  PR 28250.  [Jari Ahonen <jah progress.com>]

  *) Quotes cannot be used around require group and require dn
     directives, update the documentation to reflect this. Also add
     quotes around the dn and group within debug messages, to make it
     more obvious why authentication is failing if quotes are used in
     error.  PR 19304.  [Graham Leggett]

  *) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
     from escaping filters twice when the backslash character is used.
     PR 24437.  [Jess Holle <jessh ptc.com>]

  *) Overhaul handling of LDAP error conditions, so that the util_ldap_*
     functions leave the connections in a sane state after errors have
     occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
     27271 [Graham Leggett]

  *) mod_ldap calls ldap_simple_bind_s() to validate the user
     credentials.  If the bind fails, the connection is left
     in an unbound state.  Make sure that the ldap connection
     record is updated to show that the connection is no longer
     bound. [Brad Nicholes]

  *) Ensure that lines in the request which are too long are
     properly terminated before logging.
     [Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]

  *) Update the bind credentials for the cached LDAP connection to
     reflect the last bind.  This prevents util_ldap from creating
     unnecessary connections rather than reusing cached connections.
     [Brad Nicholes]

  *) mod_isapi: GetServerVariable returned improperly terminated header
     fields given "ALL_HTTP" or "ALL_RAW".  PR 20656.
     [Jesse Pelton <jsp pkc.com>]

  *) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
     size.  PR 20617.  [Jesse Pelton <jsp pkc.com>]

  *) mod_dav: Fix a problem that could cause crashes when manipulating
     locks on some platforms.  [Jeff Trawick]

  *) mod_headers no longer crashes if an empty header value should
     be added.  [André Malo]

  *) Fix segfault in mod_expires, which occured under certain
     circumstances. PR 28047.  [André Malo]

  *) htpasswd: use apr_temp_dir_get() and general cleanup
     [Guenter Knauf <eflash gmx.net>, Thom May]

  *) mod_ssl: Fix memory leak in session cache handling.  PR 26562
     [Madhusudan Mathihalli]

  *) mod_ssl: Fix potential segfaults when performing SSL shutdown from
     a pool cleanup.  PR 27945.  [Joe Orton]

  *) Add forensic logging module (mod_log_forensic).
     [Ben Laurie]

  *) logresolve: Allow size of log line buffer to be overridden at
     build time (MAXLINE).  PR 27793.  [Jeff Trawick]

  *) Fix the comment delimiter in htdbm so that it correctly parses the
     username comment.  Also add a terminate function to allow NetWare
     to pause the output before the screen is destroyed.
     [Guenter Knauf <eflash gmx.net>, Brad Nicholes]

  *) Fix crash when Apache was started with no Listen directives.
     [Michael Corcoran <mcorcoran warpsolutions.com>]

  *) core_output_filter: Fix bug that could result in sending
     garbage over the network when module handlers construct
     bucket brigades containing multiple file buckets all referencing
     the same open file descriptor. [Bojan Smojver]

  *) Fix memory corruption problem with ap_custom_response() function.
     The core per-dir config would later point to request pool data
     that would be reused for different purposes on different requests.
     [Jeff Trawick, based on an old 1.3 patch submitted by Will Lowe]

  *) Win32: Tweak worker thread accounting routines to eliminate
     server hang when number of Listen directives in httpd.conf
     is greater than or equal to the setting of ThreadsPerChild.
     [Bill Stoddard]

Revision 1.37 / (download) - annotate - [select for diffs], Sun Jun 27 16:34:25 2004 UTC (15 years, 1 month ago) by adrianp
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Fix suEXEC DOCPATH

Revision 1.36 / (download) - annotate - [select for diffs], Sat Jun 5 16:21:44 2004 UTC (15 years, 2 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base
Branch point for: pkgsrc-2004Q2
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)

Add patch from apache's CVS to fix SSL_Util_UUEncode_Binaty stack buffer
overflow vulnerability.

	http://www.securityfocus.com/bid/10355

Bump package revision.

Revision 1.35 / (download) - annotate - [select for diffs], Fri Mar 26 02:27:56 2004 UTC (15 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base, pkgsrc-2004Q1
Changes since 1.34: +2 -1 lines
Diff to previous 1.34 (colored)

PKGREVISION bump after openssl-security-fix-update to 0.9.6m.
Buildlink files: RECOMMENDED version changed to current version.

Revision 1.34 / (download) - annotate - [select for diffs], Mon Mar 22 19:50:16 2004 UTC (15 years, 5 months ago) by reed
Branch: MAIN
Changes since 1.33: +1 -2 lines
Diff to previous 1.33 (colored)

Update apache2 to 2.0.49. This includes various changes since last release
including:
  *) SECURITY: CAN-2004-0174 (cve.mitre.org)
     Fix starvation issue on listening sockets where a short-lived
     connection on a rarely-accessed listening socket will cause a
     child to hold the accept mutex and block out new connections until
     another connection arrives on that rarely-accessed listening socket.
     With Apache 2.x there is no performance concern about enabling the
     logic for platforms which don't need it, so it is enabled everywhere
     except for Win32.  [Jeff Trawick]

  *) SECURITY: CAN-2004-0113 (cve.mitre.org)
     mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
     PR 27106.  [Joe Orton]

  *) SECURITY: CAN-2003-0020 (cve.mitre.org)
     Escape arbitrary data before writing into the errorlog. Unescaped
     errorlogs are still possible using the compile time switch
     "-DAP_UNSAFE_ERROR_LOG_UNESCAPED".  [Geoffrey Young, Andr<E9> Malo]

Complete changelog is at http://www.apache.org/dist/httpd/CHANGES_2.0

Package changes include:

buildlink depends increased for apache2 (but not for apr).

apr package version changes, but APR_VERSION stays same.

more files installed and added to PLIST.
share/httpd/manual/search/manual-index.cgi removed from PLIST.
Also removing share/httpd/htdocs and share/httpd directories
removed from PLIST because already handled by MAKE_DIRS.
(I think this should use OWN_DIRS.)

(jlam@ said he would like this update done during freeze.)

Revision 1.33 / (download) - annotate - [select for diffs], Sun Mar 7 22:43:08 2004 UTC (15 years, 5 months ago) by minskim
Branch: MAIN
Changes since 1.32: +8 -8 lines
Diff to previous 1.32 (colored)

bl3ify.

Revision 1.32 / (download) - annotate - [select for diffs], Sat Feb 14 17:21:54 2004 UTC (15 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

LIBTOOL_OVERRIDE and SHLIBTOOL_OVERRIDE are now lists of shell globs
relative to ${WRKSRC}.  Remove redundant LIBTOOL_OVERRIDE settings that
are automatically handled by the default setting in bsd.pkg.mk.

Revision 1.31 / (download) - annotate - [select for diffs], Tue Jan 27 08:11:05 2004 UTC (15 years, 6 months ago) by grant
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

bump PKGREVISION after PLIST fix.

Revision 1.30 / (download) - annotate - [select for diffs], Wed Dec 3 15:40:02 2003 UTC (15 years, 8 months ago) by epg
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

PKGREVISION bumps due to apr bump (thanks Thomas Klausner).

Revision 1.29 / (download) - annotate - [select for diffs], Wed Nov 12 03:39:43 2003 UTC (15 years, 9 months ago) by jschauma
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Changes since 1.28: +2 -1 lines
Diff to previous 1.28 (colored)

PKGREVISION++ after openssl update.

Revision 1.28 / (download) - annotate - [select for diffs], Tue Oct 28 04:49:32 2003 UTC (15 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.27: +1 -2 lines
Diff to previous 1.27 (colored)

upgrade to 2.0.48

Changes with Apache 2.0.48

  *) SECURITY [CAN-2003-0789]: mod_cgid: Resolve some mishandling of
     the AF_UNIX socket used to communicate with the cgid daemon and
     the CGI script.  [Jeff Trawick]
  *) SECURITY [CAN-2003-0542]: Fix buffer overflows in mod_alias and
     mod_rewrite which occurred if one configured a regular expression
     with more than 9 captures.  [André Malo]
  *) mod_include: fix segfault which occured if the filename was not
     set, for example, when processing some error conditions.
     PR 23836.  [Brian Akins <bakins@web.turner.com>, André Malo]
  *) fix the config parser to support <Foo>..</Foo> containers (no
     arguments in the opening tag) supported by httpd 1.3. Without
     this change mod_perl 2.0's <Perl> sections are broken.
     ["Philippe M. Chiasson" <gozer@cpan.org>]
  *) mod_cgid: fix a hash table corruption problem which could
     result in the wrong script being cleaned up at the end of a
     request.  [Jeff Trawick]
  *) Update httpd-*.conf to be clearer in describing the connection
     between AddType and AddEncoding for defining the meaning of
     compressed file extensions. [Roy Fielding]
  *) mod_rewrite: Don't die silently when failing to open RewriteLogs.
     PR 23416.  [André Malo]
  *) mod_rewrite: Fix mod_rewrite's support of the [P] option to send
     rewritten request using "proxy:". The code was adding multiple "proxy:"
     fields in the rewritten URI. PR: 13946.
     [Eider Oliveira <eider@bol.com.br>]
  *) cache_util: Fix ap_check_cache_freshness to check max_age, smax_age, and
     expires as directed in RFC 2616. [Thomas Castelle tcastelle@generali.fr]
  *) Ensure that ssl-std.conf is generated at configure time, and switch
     to using the expanded config variables to work the same as
     httpd-std.conf PR: 19611
     [Thom May]
  *) mod_ssl: Fix segfaults after renegotiation failure. PR 21370
     [Hartmut Keil <Hartmut.Keil@adnovum.ch>]
  *) mod_autoindex: If a directory contains a file listed in the
     DirectoryIndex directive, the folder icon is no longer replaced
     by the icon of that file. PR 9587.
     [David Shane Holden <dpejesh@yahoo.com>]
  *) Fixed mod_usertrack to not get false positive matches on the
     user-tracking cookie's name.  PR 16661.
     [Manni Wood <manniwood@planet-save.com>]
  *) mod_cache: Fix the cache code so that responses can be cached
     if they have an Expires header but no Etag or Last-Modified
     headers. PR 23130.
     [bjorn@exoweb.net]
  *) mod_log_config: Fix %b log format to write really "-" when 0 bytes
     were sent (e.g. with 304 or 204 response codes).  [Astrid Keler]
  *) Modify ap_get_client_block() to note if it has seen EOS.
     [Justin Erenkrantz]
  *) Fix a bug, where mod_deflate sometimes unconditionally compressed the
     content if the Accept-Encoding header contained only other tokens than
     "gzip" (such as "deflate"). PR 21523.  [Joe Orton, André Malo]
  *) Avoid an infinite recursion, which occured if the name of an included
     config file or directory contained a wildcard character. PR 22194.
     [André Malo]
  *) mod_ssl: Fix a problem setting variables that represent the
     client certificate chain.  PR 21371  [Jeff Trawick]
  *) Unix: Handle permissions settings for flock-based mutexes in
     unixd_set_global|proc_mutex_perms().  Allow the functions to be
     called for any type of mutex.  PR 20312  [Jeff Trawick]
  *) ab: Work over non-loopback on Unix again. PR 21495. [Jeff Trawick]
  *) Fix a misleading message from the some of the threaded MPMs when
     MaxClients has to be lowered due to the setting of ServerLimit.
     [Jeff Trawick]
  *) Lower the severity of the "listener thread didn't exit" message
     to debug, as it is of interest only to developers.  PR 9011
     [Jeff Trawick]
  *) MPMs: The bucket brigades subsystem now honors the MaxMemFree setting.
     [Cliff Woolley, Jean-Jacques Clar]
  *) Install config.nice into the build/ directory to make
     minor version upgrades easier. [Joshua Slive]
  *) Fix mod_deflate so that it does not call deflate() without checking
     first whether it has something to deflate. (Currently this causes
     deflate to generate a fatal error according to the zlib spec.)
     PR 22259. [Stas Bekman]
  *) mod_ssl: Fix FakeBasicAuth for subrequest.  Log an error when an
     identity spoof is encountered.
     [Sander Striker]
  *) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory
     containing the .htaccess file is requested without a trailing slash.
     PR 20195.  [André Malo]
  *) ab: Overlong credentials given via command line no longer clobber
     the buffer.  [André Malo]
  *) mod_deflate: Don't attempt to hold all of the response until we're
     done.  [Justin Erenkrantz]
  *) Assure that we block properly when reading input bodies with SSL.
     PR 19242.  [David Deaves <David.Deaves@dd.id.au>, William Rowe]
  *) Update mime.types to include latest IANA and W3C types.  [Roy Fielding]
  *) mod_ext_filter: Set additional environment variables for use by
     the external filter.  PR 20944.  [Andrew Ho, Jeff Trawick]
  *) Fix buildconf errors when libtool version changes.  [Jeff Trawick]
  *) Remember an authenticated user during internal redirects if the
     redirection target is not access protected and pass it
     to scripts using the REDIRECT_REMOTE_USER environment variable.
     PR 10678, 11602.  [André Malo]
  *) mod_include: Fix a trio of bugs that would cause various unusual
     sequences of parsed bytes to omit portions of the output stream.
     PR 21095. [Ron Park <ronald.park@cnet.com>, André Malo, Cliff Woolley]
  *) Update the header token parsing code to allow LWS between the
     token word and the ':' seperator.  [PR 16520]
     [Kris Verbeeck <kris.verbeeck@advalvas.be>, Nicel KM <mnicel@yahoo.com>]
  *) Eliminate creation of a temporary table in ap_get_mime_headers_core()
     [Joe Schaefer <joe+gmane@sunstarsys.com>]
  *) Added FreeBSD directory layout. PR 21100.
     [Sander Holthaus <info@orangexl.com>, André Malo]
  *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
     response. PR 21085. [Glenn Nielsen <glenn@apache.org>, André Malo]
  *) mod_rewrite: Perform child initialization on the rewrite log lock.
     This fixes a log corruption issue when flock-based serialization
     is used (e.g., FreeBSD).  [Jeff Trawick]
  *) Don't respect the Server header field as set by modules and CGIs.
     As with 1.3, for proxy requests any such field is from the origin
     server; otherwise it will have our server info as controlled by
     the ServerTokens directive.  [Jeff Trawick]

Revision 1.27 / (download) - annotate - [select for diffs], Sat Oct 11 13:40:20 2003 UTC (15 years, 10 months ago) by grant
Branch: MAIN
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)

bump PKGREVISIONs after bump of expat BUILDLINK_DEPENDS.

Revision 1.26 / (download) - annotate - [select for diffs], Wed Jul 2 17:58:41 2003 UTC (16 years, 1 month ago) by jmmv
Branch: MAIN
Changes since 1.25: +6 -1 lines
Diff to previous 1.25 (colored)

Avoid hardcoding /usr/pkg in patch files.

Revision 1.25 / (download) - annotate - [select for diffs], Thu May 29 01:06:00 2003 UTC (16 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.24: +1 -2 lines
Diff to previous 1.24 (colored)

remove PKGREVISION(oops)

Revision 1.24 / (download) - annotate - [select for diffs], Sun May 25 10:10:34 2003 UTC (16 years, 2 months ago) by epg
Branch: MAIN
Changes since 1.23: +2 -1 lines
Diff to previous 1.23 (colored)

Forgot to bump PKGREVISION.

Revision 1.23 / (download) - annotate - [select for diffs], Sun May 25 08:58:10 2003 UTC (16 years, 2 months ago) by epg
Branch: MAIN
Changes since 1.22: +10 -18 lines
Diff to previous 1.22 (colored)

Split some stuff out into a new Makefile.common so that the new
deve/apr package can use it.  Depend on the new apr package.

Approved by jlam@netbsd.org.

Revision 1.22 / (download) - annotate - [select for diffs], Thu May 22 09:44:42 2003 UTC (16 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.21: +4 -3 lines
Diff to previous 1.21 (colored)

Commit patch from Jeremy C. Reed that should fix PR 20000.

Revision 1.21 / (download) - annotate - [select for diffs], Thu Apr 3 08:27:08 2003 UTC (16 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

upgrade to 2.0.45.  security bug fixes

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132
- file descriptor leak to child process (i.e. cgi)

Revision 1.20 / (download) - annotate - [select for diffs], Sun Feb 23 15:55:58 2003 UTC (16 years, 5 months ago) by jmmv
Branch: MAIN
Changes since 1.19: +3 -4 lines
Diff to previous 1.19 (colored)

Use MASTER_SITE_APACHE.

Revision 1.19 / (download) - annotate - [select for diffs], Tue Jan 28 22:04:27 2003 UTC (16 years, 6 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-6-1-base, netbsd-1-6-1
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

Instead of including bsd.pkg.install.mk directly in a package Makefile,
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES".  This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile.  Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.

Revision 1.18 / (download) - annotate - [select for diffs], Tue Jan 28 14:21:56 2003 UTC (16 years, 6 months ago) by martti
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Updated apache2 to 2.0.44 (patch provided by Eric Gillespie in pkg/20086)

* lots of bug fixes

Revision 1.17 / (download) - annotate - [select for diffs], Mon Dec 9 20:23:42 2002 UTC (16 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.16: +2 -1 lines
Diff to previous 1.16 (colored)

Note conflict between apr-devel and apache2 packages.

Revision 1.10.4.1 / (download) - annotate - [select for diffs], Sat Oct 12 17:34:24 2002 UTC (16 years, 10 months ago) by agc
Branch: netbsd-1-6
Changes since 1.10: +2 -3 lines
Diff to previous 1.10 (colored) next main 1.11 (colored)

Pull up the following revisions

Makefile 1.12, 1.15-1.16
PLIST 1.7-1.9
distinfo 1.10-1.12
patches/patch-aa 1.7
patches/patch-al 1.2
patches/patch-an 1.4
patches/patch-ao 1.4

of pkgsrc/www/apache2 files to the netbsd-1-6 pkgsrc branch.

Requested by Manuel Bouyer.

They update apache2 to 2.0.43 for security issues.  Tested by Manuel on
1.6/sparc with IPv6 connectivity.

Revision 1.16 / (download) - annotate - [select for diffs], Fri Oct 4 02:35:51 2002 UTC (16 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

upgrade to 2.0.43.

Changes with Apache 2.0.43

  *) SECURITY: [CAN-2002-0840] HTML-escape the address produced by
     ap_server_signature() against this cross-site scripting
     vulnerability exposed by the directive 'UseCanonicalName Off'.
     Also HTML-escape the SERVER_NAME environment variable for CGI
     and SSI requests.  It's safe to escape as only the '<', '>',
     and '&' characters are affected, which won't appear in a valid
     hostname.  Reported by Matthew Murphy <mattmurphy@kc.rr.com>.
     [Brian Pane]

  *) Fix a core dump in mod_cache when it attemtped to store uncopyable
     buckets. This happened, for instance, when a file to be cached
     contained SSI tags to execute a CGI script (passed as a pipe
     bucket). [Paul J. Reder]

  *) Ensure that output already available is flushed to the network
     when the content-length filter realizes that no new output will
     be available for a while.  This helps some streaming CGIs as
     well as some other dynamically-generated content.  [Jeff Trawick]

  *) Fix a mutex problem in mod_ssl session cache support which
     could lead to an infinite loop.  PR 12705
     [amund.elstad@ergo.no (Amund Elstad), Jeff Trawick]

  *) SECURITY: Allow POST requests and CGI scripts to work when DAV
     is enabled on the location.  [Ryan Bloom]

  *) Allow the UserDir directive to accept a list of directories.
     This matches what Apache 1.3 does.  Also add documentation for
     this feature. [Jay Ball <jay@veggiespam.com>]

  *) New Module: mod_logio. adds the ability to log bytes sent and
     received. [Bojan Smojver <bojan@rexursive.com>]

  *) SuExec needs to use the same default directory as the rest of
     server, namely /usr/local/apache2.
     [SangBeom han <sbhan@os.korea.ac.kr>]

  *) Get mod_auth_ldap to retry connections on LDAP_SERVER_DOWN.
     [Thomas Bennett <thomas.bennett@eds.com>, Graham Leggett]

  *) Make sure the contents of the WWW-Authenticate header is
     passed on a 4xx error by proxy. Previously all headers
     were dropped, resulting in the browser being unable to
     authenticate. [Dr Richard Reiner <rreiner@fscinternet.com>,
     Richard Danielli <rdanielli@fscinternet.com>, Graham Wiseman
     <gwiseman@fscinternet.com>, David Henderson
     <dhenderson@fscinternet.com>]

  *) Make mod_cache's CacheMaxStreamingBuffer directive work
     properly for virtual hosts that override server-wide mod_cache
     setttings.  [Matthieu Estrade <estrade-m@ifrance.com>]

  *) Add -p option to apxs to allow programs to be compiled with apxs.
     [Justin Erenkrantz]

Revision 1.15 / (download) - annotate - [select for diffs], Wed Oct 2 13:10:02 2002 UTC (16 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

upgrade to 2.0.42.

---
Changes with Apache 2.0.42

  *) mod_dav: Check for versioning hooks before using them.
     [Greg Stein]

Changes with Apache 2.0.41

  *) The protocol version (eg: HTTP/1.1) in the request line parsing
     is now case insensitive. [Jim Jagielski]

  *) Allow AddOutputFilterByType to add multiple filters per directive.
     [Justin Erenkrantz]

  *) Remove warnings with Sun's Forte compiler.  [Justin Erenkrantz]

  *) Fixed mod_disk_cache's generation of 304s
     [Kris Verbeeck <Kris.Verbeeck@ubizen.com>]

  *) Add support for using fnmatch patterns in the final path
     segment of an Include statement (eg.. include /foo/bar/*.conf).
     and remove the noise on stderr during config dir processing.
     [Joe Orton <jorton@redhat.com>]

  *) mod_cache: cache_storage.c. Add the hostname and any request
     args to the key generated for caching. This provides a unique
     key for each virtual host and for each request with unique
     args. [Paul J. Reder, args code provided by Kris Verbeeck]

  *) mod_cache: Do not cache responses to GET requests with query
     URLs if the origin server does not explicitly provide an
     Expires header on the response (RFC 2616 Section 13.9)
     [Kris Verbeeck krisv@be.ubizen.com]

  *) Fix memory leak in core_output_filter.  [Justin Erenkrantz]

  *) Update OpenSSL detection to work on Darwin.
     [Sander Temme <sctemme@covalent.net>]

  *) Update the xslt and css to give the documentation a more
     modern style.
     [André Malo <nd@perlig.de>, Gernot Winkler <greh@o3media.de>]

  *) Fix some bucket memory leaks in the chunking code
     [Joe Schaefer <joe+apache@sunstarsys.com>]

  *) Add ModMimeUsePathInfo directive.  [Justin Erenkrantz]

  *) mod_cache: added support for caching streamed responses (proxy,
     CGI, etc) with optional CacheMaxStreamingBuffer setting [Brian Pane]

  *) Add image/x-icon to httpd.conf PR 10993.
     [Ian Holsman, Peter Bieringer <pb@bieringer.de>]

  *) Fix FileETags none operation.  PR 12207.
     [Justin Erenkrantz, Andrew Ho <andrew@tellme.com>]

  *) Restored the experimental leader/followers MPM to working
     condition and converted its thread synchronization from
     mutexes to atomic CAS.  [Brian Pane]

  *) Fix Logic on non-html file removal in mod_deflate
     [Kris Verbeeck <Kris.Verbeeck@ubizen.com>]

  *) Fix "ab -g"'s truncated year: the last digit was cut off.
     [Leon Brocard <acme@astray.com>]

  *) mod_rewrite can now sets cookies in err_headers, uses the correct
     expiry date, and can now set the path as well
     PR 12132,12181,12172.
     [Ian Holsman / Rob Cromwell <apachechangelog@robcromwell.com>]

  *) The content-length filter no longer tries to buffer up
     the entire output of a long-running request before sending
     anything to the client.  [Brian Pane]

  *) Win32: Lower the default stack size from 1MB to 256K. This will
     allow around 8000 threads to be started per child process.
     'EDITBIN /STACK:size apache.exe' can be used to change this
     value directly in the apache.exe executable.
     [Bill Stoddard]

  *) Win32: Implement ThreadLimit directive in the Windows MPM.
     [Bill Stoddard]

  *) Remove CacheOn config directive since it is set but never checked.
     No sense wasting cycles on unused code. Besides, the only truly
     bug free code is deleted code. :)   [Paul J. Reder]

  *) BufferLogs are now run-time enabled, and the log_config now has 2 new
     callbacks to allow a 3rd party module to actually do the writing of the
     log file [Ian Holsman]

  *) Correct ISAPIReadAheadBuffer to default to 49152, per mod_isapi docs.
     [André Malo, Astrid Keler <kess@kess-net.de>]

  *) Fix Segfault in mod_cache. [Kris Verbeeck <Kris.Verbeeck@ubizen.com>]

  *) Fix a null pointer dereference in the merge_env_dir_configs
     function of the mod_env module. PR 11791
     [Paul J. Reder]

  *) New option to ServerTokens 'maj[or]'. Only show the major version
     Also Surfaced this directive in the standard config (default FULL)
     [Ian Holsman]

  *) Change mod_rewrite to use apr-util's dbm support for dbm rewrite
     maps.  The dbm type (e.g., ndbm, gdbm) can be specified on the
     RewriteMap directive.  PR 10644  [Jeff Trawick]

  *) Fixed mod_rewrite's RewriteMap prg: support so that request/response
     pairs will no longer get out of sync with each other.  PR 9534
     [Cliff Woolley]

  *) Fixes required to get quoted and escaped command args working in
     mod_ext_filter. PR 11793 [Paul J. Reder]

  *) mod-proxy: handle proxied responses with no status lines
     [JD Silvester <jsilves@uwo.ca>, Brett Huttley <brett@huttley.net>]

  *) Fix bug where environment or command line arguments containing
     non-ASCII-7 characters would cause the Win32 child process creation
     to fail.  PR 11854  [William Rowe]

  *) Bug #11213.. make module loading error messages more informative
     [Ian Darwin <Ian779@darwinsys.com>]

  *) thread safety & proxy-ftp [Alexey Panchenko alexey@liwest.ru, Ian Holsman]

  *) mod_disk_cache works much better. This module should still
     be considered experimental. [Eric Prud'hommeaux]

  *) Performance improvement for keepalive requests: when setting
     aside a small file for potential concatenation with the next
     response on the connection, set aside the file descriptor rather
     than copying the file into the heap.  [Brian Pane]

Revision 1.14 / (download) - annotate - [select for diffs], Fri Sep 20 19:51:53 2002 UTC (16 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.13: +4 -3 lines
Diff to previous 1.13 (colored)

* shlibtool is not there, so don't LIBTOOL_OVERRIDE it
* Copy the real libtool, not the libtool buildlink2 wrapper, to
  ${PREFIX}/share/httpd/build.  This fixes pkg/18349 by YAMAMOTO Takashi
  <yamt@mwd.biglobe.ne.jp>.

Revision 1.13 / (download) - annotate - [select for diffs], Thu Sep 19 09:04:29 2002 UTC (16 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.12: +1 -5 lines
Diff to previous 1.12 (colored)

Take advantage of the auto-generation and installation of rc.d scripts.

Revision 1.12 / (download) - annotate - [select for diffs], Thu Aug 29 14:12:27 2002 UTC (16 years, 11 months ago) by martti
Branch: MAIN
Changes since 1.11: +2 -3 lines
Diff to previous 1.11 (colored)

Updated apache to 2.0.40

  *  SECURITY: [CAN-2002-0661] Close a very significant security hole that
     applies only to the Win32, OS2 and Netware platforms.  Unix was not
     affected, Cygwin may be affected.  Certain URIs will bypass security
     and allow users to invoke or access any file depending on the system
     configuration.  Without upgrading, a single .conf change will close
     the vulnerability.  Add the following directive in the global server
     httpd.conf context before any other Alias or Redirect directives;
         RedirectMatch 400 "\\\.\."
     Reported by Auriemma Luigi <bugtest@sitoverde.com>.
     [Brad Nicholes]

  *  SECURITY:  Close a path-revealing exposure in multiview type
     map negotiation (such as the default error documents) where the
     module would report the full path of the typemapped .var file when
     multiple documents or no documents could be served based on the mime
     negotiation.  Reported by Auriemma Luigi <bugtest@sitoverde.com>.
     [CAN-2002-0654]  [William Rowe]

  *  SECURITY:  Close a path-revealing exposure in cgi/cgid when we
     fail to invoke a script.  The modules would report "couldn't create
     child process /path-to-script/script.pl" revealing the full path
     of the script.  Reported by Jim Race <jrace@qualys.com>.
     [CAN-2002-0654]  [Bill Stoddard]

  *  More bug fixes (see the CHANGES file)

Revision 1.11 / (download) - annotate - [select for diffs], Sun Aug 25 21:51:53 2002 UTC (16 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.10: +11 -13 lines
Diff to previous 1.10 (colored)

Merge packages from the buildlink2 branch back into the main trunk that
have been converted to USE_BUILDLINK2.

Revision 1.6.2.4 / (download) - annotate - [select for diffs], Sun Aug 25 21:22:07 2002 UTC (16 years, 11 months ago) by jlam
Branch: buildlink2
Changes since 1.6.2.3: +16 -18 lines
Diff to previous 1.6.2.3 (colored) next main 1.7 (colored)

Merge changes in the main trunk into the buildlink2 branch for those
packages that have been converted to USE_BUILDLINK2.

Revision 1.10 / (download) - annotate - [select for diffs], Tue Jul 30 18:40:15 2002 UTC (17 years ago) by wiz
Branch: MAIN
CVS Tags: netbsd-1-6-RELEASE-base, buildlink2-base
Branch point for: netbsd-1-6
Changes since 1.9: +16 -19 lines
Diff to previous 1.9 (colored)

Update apache packages with some common changes:
Give Apache a user and group by default, not only with suexec.
The variables for this have changed from APACHE_SUEXEC_USER and
APACHE_SUEXEC_GROUP to APACHE_USER and APACHE_GROUP.
Mention 'Apache' in COMMENT.
Use variables for the version number instead of copying it around.
Bump PKGREVISION.

For apache{,6}:
Change paths to /var/httpd instead of /var/spool/httpd.
Honour STRIPFLAG.
Add --without-confadjust as configure argument.
Enable the 'define' module.

For apache:
Enable proxy module on NOPIC platforms.

Some of these changes are based on pkg/17469 by Greg A. Woods, some on
comments by Johnny Lam.

Reviewed by Johnny Lam.

Revision 1.6.2.3 / (download) - annotate - [select for diffs], Sun Jun 23 19:03:28 2002 UTC (17 years, 2 months ago) by jlam
Branch: buildlink2
Changes since 1.6.2.2: +5 -4 lines
Diff to previous 1.6.2.2 (colored)

Merge from pkgsrc-current to buildlink2 branch.

Revision 1.6.2.2 / (download) - annotate - [select for diffs], Fri Jun 21 23:05:46 2002 UTC (17 years, 2 months ago) by jlam
Branch: buildlink2
Changes since 1.6.2.1: +2 -2 lines
Diff to previous 1.6.2.1 (colored)

Rename USE_BUILDLINK2_ONLY to USE_BUILDLINK2 for less verbosity.  Also
convert a few more packages to use the buildlink2 framework.

Revision 1.9 / (download) - annotate - [select for diffs], Tue Jun 18 23:58:07 2002 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
CVS Tags: pkgviews-base, pkgviews
Changes since 1.8: +4 -4 lines
Diff to previous 1.8 (colored)

upgrade to 2.0.39, which should correct chunk encoding security issue.

Changes with Apache 2.0.39
  *) Fixed a build problem in htpasswd.c on Win32.
     [Guenter Knauf <eflash@gmx.net>, Cliff Woolley]
Changes with Apache 2.0.38
  *) Rewrite htpasswd to use APR.  The removes the annoying warning about
     tmpnam being unsafe.   [Ryan Bloom]
  *) We must set the MIME-type for .shtml files to text/html if we want them
     to be parsed for SSI tags.  Add the config for that to the default
     config file so that it is easier to enable .shtml parsing.
     [Dave Dyer <ddyer@real-me.net>]
  *) Fixed a problem with 'make install' on ReliantUnix.
     [Jean-frederic Clere <jfrederic.clere@fujitsu-siemens.com>]
  *) Make the default_handler catch all requests that aren't served by
     another handler.  This also gets us to return a 404 if a directory
     is requested, there is no DirectoryIndex, and mod_autoindex isn't
     loaded.  [Justin Erenkrantz]
  *) Fixed the handling of nested if-statements in shtml files.
     PR 9866  [Brian Pane]
  *) Allow 'make install DESTDIR=/path'.  This allows packagers to install
     into a directory different from the one that was configured.  This
     also mirrors the root= feature from 1.3.  We cannot use prefix=,
     because both APR and APR-util resolve their installation paths at
     configuration time.  This means that there is no variable prefix
     to replace.  [Andreas Hasenack <andreas@netbank.com.br>]
  *) AIX 4.3.2 and above: Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
     These levels of AIX don't have a thundering herd problem with
     accept().  [Jeff Trawick]
  *) prefork MPM: Ignore mutex errors during graceful restart.  For
     certain types of mutexes (particularly SysV semaphores), we
     should expect to occasionally fail to obtain or release the
     mutex during restart processing.  [Jeff Trawick]
  *) Fix install-bindist.sh so that it finds any perl instead of just
     early perl 5.x versions.  This is consistent with a build/install
     from source, and it allows the perl scripts installed by a bindist
     to work on systems with perl 5.6.  [Jeff Trawick]
  *) Fix apxs so that the makefile created by "apxs -g" works on AIX and
     Tru64 (and probably some other platforms).  [Jeff Trawick]
  *) Allow CGI scripts to return their Content-Length.  This also fixes a
     hang on HEAD requests seen on certain platforms (such as FreeBSD).
     [Justin Erenkrantz]
  *) Added log rotation based on file size to the RotateLog support
     utility. [Brad Nicholes]
  *) Fix some casting in mod_rewrite which broke random maps.
     PR 9770  [Allan Edwards, Greg Ames, Jeff Trawick]
Changes with Apache 2.0.37
  *) allow POST method over SSL when per-directory client cert
     authentication is used with 'SSLOptions +OptRenegotiate' enabled
     and a client cert was found in the ssl session cache.
  *) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
     session cache when there is no cert chain in the cache.  prior to
     the fix this situation would result in a FORBIDDEN response and
     error message "Cannot find peer certificate chain"
     [Doug MacEachern]
  *) ap_finalize_sub_req_protocol() shouldn't send an EOS bucket if
     one was already sent.  PR 9644  [Jeff Trawick]
  *) Fix the display of the default name for the mime types config
     file.  PR 9729  [Matthew Brecknell <mbrecknell@orchestream.com>]
  *) Fix the working directory *for WinNT/2K/XP services only* to
     change to the Apache directory (one level above the location
     of Apache.exe, in the case that Apache.exe resides in bin/.)
     Solves the case of ServerRoot /foo paths where /foo was not
     on the same drive as /winnt/system32.  [William Rowe]
  *) Make 2.0's "AcceptMutex" startup message now "completely"
     match how 1.3 does it. [Jim Jagielski]
  *) Implement a fixed size memory cache using a priority queue
     [Ian Holsman]
  *) Fix apxs to allow "apxs -q installbuilddir" and to allow
     querying certain other variables from config_vars.mk.  PR 9316
     [Jeff Trawick]
  *) Added the "detached" attribute to the cgi_exec_info_t internals
     so that Win32 and Netware won't create a new window or console
     for each CGI invoked.  PR 8387
     [Brad Nicholes, William Rowe]
  *) Consolidated the command line parameters and attributes that are
     manipulated by the optional function ap_cgi_build_command() in
     mod_cgi into a single structure.
     [Brad Nicholes]
  *) Get rid of uninitialized value errors with "apxs -q" on certain
     variables.  [Stas Bekman <stas@stason.org>]
  *) Fix apxs to allow it to work when the build directory is somewhere
     besides server-root/build.  PR 8453
     [Jeff Trawick and a host of others]
  *) Allow ap_discard_request_body to be called multiple times in the
     same request.  Essentially, ap_http_filter keeps track of whether
     it has sent an EOS bucket up the stack, if so, it will only ever
     send an EOS bucket for this request.
     [Ryan Bloom, Justin Erenkrantz, Greg Stein]
  *) Remove all special mod_ssl URIs.  This also fixes the bug where
     redirecting (.*) will allow an SSL protected page to be viewed
     without SSL.  [Ryan Bloom]
  *) Fix the binary build install script so that the build logic
     created by "apxs -g" will work when the user has a binary
     build.  [Jeff Trawick]
  *) Allow instdso.sh to work with full paths to the shared module.
     [Justin Erenkrantz]
  *) NetWare: Enabled CGI functionality and added mod_cgi as a built
     in module for NetWare  [Brad Nicholes]
  *) Changed cgi and piped log behavior to accept 65536 characters
     on Win32 (matching Linux) before deadlocking between outputing
     client stdin, slurping the output from stdout and then the stderr
     stream.  PR 8179  [William Rowe]
  *) Fixed Win32 wintty.exe support to assure the window title is valid.
     Elimiates possible gpfault or garbage title without the -t option.
     [William Rowe]
  *) Rewrite mod_cgi, mod_cgid, and mod_proxy input handling to use
     brigades and input filters.  [Justin Erenkrantz]
  *) Allow ap_http_filter (HTTP_IN) to return EOS when there is no request
     body.  [Justin Erenkrantz]

  *) NetWare: Piping log entries through RotateLogs using the
     CustomLogs directive is finally supported now that we have
     the pipes and spawning functionality working.
     [Brad Nicholes]
  *) Detect overflow when reading the hex bytes forming a chunk line.
     [Aaron Bannert]
  *) Allow RewriteMap prg:'s to take command-line arguments.  PR 8464.
     [James Tait <JTait@wyrddreams.demon.co.uk>]
  *) Correctly return 413 when an invalid chunk size is given on
     input.  Also modify ap_discard_request_body to not do anything
     on sub-requests or when the connection will be dropped.
     [Justin Erenkrantz]
  *) Fix the TIME_* SSL var lookups to be threadsafe.  PR 9469.
     [Cliff Woolley]
  *) Ensure that apr_brigade_write() flushes in all of the cases that
     it should to avoid conditions in some modules that could cause
     large amounts of data to be buffered.  [Cliff Woolley]
  *) Fix problem where mod_cache/mod_disk_cache was incorrectly
     stripping the content_type from cached responses.
     [Bill Stoddard]
  *) apachectl passes through any httpd options.  Note: apachectl
     should be used in preference to httpd since it ensures that any
     appropriate environment variables have been set up.
     [Jeff Trawick]
  *) Fix the combination of mod_cgid, mod_setuexec, and mod_userdir.
     PR 7810  [Colm MacCarthaigh <colmmacc@redbrick.dcu.ie>]
  *) Fix suexec execution of CGI scripts from mod_include.
     PR 7791, 8291  [Colm MacCarthaigh <colmmacc@redbrick.dcu.ie>]
  *) Fix segfaults at startup on some platforms when mod_auth_digest,
     mod_suexec, or mod_ssl were used as DSO's due to the way they
     were tracking the current init phase since DSO's get completely
     unloaded and reloaded between phases.  PR 9413.
     [Tsuyoshi Sasamoto <nazonazo@super.win.ne.jp>, Brad Nicholes]
  *) Fix mod_include's handling of regular expressions in
     "<!--#if" directives [Julius Gawlas <julius_gawlas@hp.com>]
  *) Fix the worker MPM deadlock problem  [Brian Pane]
  *) Modify the module documentation to allow for translations.
     [Yoshiki Hayashi, Joshua Slive]
  *) Fix a file permissions problem which prevented mod_disk_cache
     from working on Unix.  [Jeff Trawick]
  *) Add "-k start|restart|graceful|stop" support to httpd for the Unix
     MPMs.  These have semantics very similar to the old apachectl
     commands of the same name.  [Justin Erenkrantz, Jeff Trawick]
  *) Make sure that the runtime dir is created by make install.
     PR 9233.  [Jeff Trawick]
  *) Fix an unusual set of ./configure arguments that could cause
     mod_http to be built as a DSO, which it currently doesn't
     support.  PR 9244.
     [Cliff Woolley, Robin Johnson <robbat2@orbis-terrarum.net>]
  *) Win32: Fix bug in apr_sendfile() that caused incorrect operation
     of the %X, %b and %B logformat options. PR 8253, 8996.
     [Bill Stoddard]
  *) If content-encoding is already present, do not run deflate (PR 9222)
     [Kazuhisa ASADA <kaz@asada.sytes.net>]
  *) The APLOG_NOERRNO flag to ap_log_[r]error() is now deprecated.
     It is currently ignored and it will be removed in a future release
     of Apache.  [Jeff Trawick]
  *) Removed documentation references to the no-longer-supported
     "make certificate" feature of mod_ssl for Apache 1.3.x.  Test
     certificates, if truly desired, can be generated using openssl
     commands.  PR 8724.  [Cliff Woolley]
  *) Remove SSLLog and SSLLogLevel directives in favor of having
     mod_ssl use the standard ErrorLog directives.  [Justin Erenkrantz]
  *) OS/390: LIBPATH no longer has to be manually uncommented in
     envvars to get apachectl to set up httpd properly.  [Jeff Trawick]
  *) mod_isapi: All mod_isapi directives, excluding ISAPICacheFile,
     may now be specified to the <File/Directory > container, rather
     than by vhost.  [William Rowe]
  *) mod_isapi: Experimental support for faux async support for ISAPI
     modules.  [William Rowe]
  *) mod_isapi: Major refactoring of the code to rely on apr internals
     rather than MS APIs (using our own mod_isapi.h headers for ISAPI
     symbol definitions.)  [William Rowe]
  *) mod_isapi: Fixed the return string length from GetServerVariable
     callback, it was not including the trailing null in the consumed
     buffer size.  This was particularly bad for Delphi 6.0 users.
     PR 8934  [Sebastian Hantsch <sebastian.hantsch@gmx.de>]
  *) Fixed Win32 builds for Microsoft VisualStudio 7.0 (.net).
     [William Rowe]
  *) Make apxs look in the correct directory for envvars.  It was
     broken when sbindir != bindir.  PR 8869
     [Andreas Sundström <sunkan@zappa.cx>]
  *) Fix mod_deflate corruption when using multiple buckets.  PR 9014.
     [Asada Kazuhisa <kaz@asada.sytes.net>]
  *) Performance enhancements for access logger when using
     default timestamp formatting  [Brian Pane]
  *) Added EnableMMAP config directive to enable the server
     administrator to disable memory-mapping of delivered files
     on a per-directory basis.  [Brian Pane]
  *) Performance enhancements for mod_setenvif  [Brian Pane]
  *) Fix a mod_ssl build problem on OS/390.  [Jeff Trawick]
  *) Fixed If-Modified-Since on Win32, which would give false positives
     because of the sub-second resolution of file timestamps on that
     platform.  [Cliff Woolley]
  *) Reverse the hook ordering for mod_userdir and mod_alias so
     that Alias/ScriptAlias will override Userdir.  PR 8841
     [Joshua Slive]
  *) Move mod_deflate out of experimental and into filters.
     [Justin Erenkrantz]
  *) Get proxy CONNECT basically working.  [Jeff Trawick]
  *) Fix mod_rewrite hang when APR uses SysV Semaphores and
     RewriteLogLevel is set to anything other than 0.  PR: 8143
     [Aaron Bannert, Cliff Woolley]
  *) Fix byterange requests from returning 416 when using dynamic data
     (such as filters like mod_include).  [Justin Erenkrantz]
  *) Allow mod_rewrite's set of "int:" internal RewriteMap functions
     to be extended by third-party modules via an optional function.
     [Tahiry Ramanamampanoharana <nomentsoa@hotmail.com>, Cliff Woolley]
  *) Fix mod_include expression parser's handling of unquoted strings
     followed immediately by a closing paren.  PR 8462.  [Brian Pane]
  *) Remove autom4te.cache in 'make distclean'.
     [Thom May <thom@planetarytramp.net>]
  *) Fix generated httpd.conf to respect layout for LoadModule lines.
     PR 8170.  [Thom May <thom@planetarytramp.net>]
  *) Win32: During a graceful restart, threads in the new process
     were accessing scoreboard slots still in use by active threads in
     the the old process. [Bill Stoddard]

Revision 1.8 / (download) - annotate - [select for diffs], Sat Jun 1 14:21:47 2002 UTC (17 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.7: +2 -1 lines
Diff to previous 1.7 (colored)

Add german mirror to master site list.

Revision 1.7 / (download) - annotate - [select for diffs], Sat Jun 1 13:18:01 2002 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.6: +3 -3 lines
Diff to previous 1.6 (colored)

upgrade to 2.0.36. (this is still a leaf package so it shouldn't affect others)

Changes with Apache 2.0.36

  *) Close sockets on worker MPM when doing a graceless restart.
     [Aaron Bannert]

  *) Reverted a minor optimization in mod_ssl.c that used the vhost ID
     as the session id context rather that a MD5 hash of that vhost ID,
     because it caused very long vhost id's to be unusable with mod_ssl.
     PR 8572.  [Cliff Woolley]

  *) Fix the link to the description of the CoredumpDirectory
     directive in the server-wide document.  PR 8643.  [Jeff Trawick]

  *) Fixed SHMCB session caching.  [Aaron Bannert, Cliff Woolley]

  *) Synced with remaining changes from mod_ssl 2.8.8-1.3.24:
     - Avoid SIGBUS on sparc machines with SHMCB session caches
     - Allow whitespace between the pipe and the name of the
     program in SSLLog "| /path/to/program".  [Cliff Woolley]

  *) Introduce mod_ext_filter and mod_deflate experimental modules
     to the Win32 build (zlib sources must be in srclib\zlib.)
     [William Rowe]

  *) Changes to the worker MPM's queue management and thread
     synchronization code to reduce mutex contention  [Brian Pane]

  *) Don't install *.in configuration files since we already install
     *-std.conf files.  [Aaron Bannert]

  *) Many improvements to the threadpool MPM.  [Aaron Bannert]

  *) Fix subreqs that are promoted via fast_redirect from having invalid
     frec->r structures.  This would cause subtle errors later on in
     request processing such as seen in PR 7966.  [Justin Erenkrantz]

  *) More efficient pool recycling logic for the worker MPM [Brian Pane]

  *) Modify the worker MPM to not accept() new connections until
     there is an available worker thread. This prevents queued
     connections from starving for processing time while long-running
     connections were hogging all the available threads.  [Aaron Bannert]

  *) Convert the worker MPM's fdqueue from a LIFO back into a FIFO.
     [Aaron Bannert]

  *) Get basic HTTP proxy working on EBCDIC machines.  [Jeff Trawick]

  *) Allow mod_unique_id to work on systems with no IPv4 address
     corresponding to their host name.  [Jeff Trawick]

  *) Fix suexec behavior with user directories.  PR 7810.
     [Colm <colmmacc@redbrick.dcu.ie>]

  *) Reject a blank UserDir directive since it is ambiguous.  PR 8472.
     [Justin Erenkrantz]

  *) Make mod_mime use case-insensitive matching when examining
     extensions on all platforms.  PR 8223.  [Justin Erenkrantz]

  *) Add an intelligent error message should no proxy submodules be
     valid to handle a request. PR 8407 [Graham Leggett]

  *) Major improvements in concurrent processing for AB by enabling
     non-blocking connect()s and preventing APR from doing blocking
     read()s. Also implement fatal error checking for apr_recv().
     [Aaron Bannert]

  *) Fix Win32 NTFS Junctions (symlinks).  PR 8014  [William Rowe]

  *) Fix Win32 'short name' aliases in httpd.conf directives.
     PR 8009  [William Rowe]

  *) Fix generation of default httpd.conf when the layout paths are
     disjoint.  PR 7979, 8227.  [Justin Erenkrantz]

  *) Swap downgrade-1.0 and force-response-1.0 conditional checks so
     that downgraded responses can have force-response.  PR 8357.
     [Justin Erenkrantz]

  *) Fix perchild MPM so that it can be configured with the move to the
     experimental directory.  [Scott Lamb <slamb@slamb.org>]

  *) Fix perchild MPM so that it uses ap_gname2id for groups instead of
     ap_uname2id. [Scott Lamb <slamb@slamb.org>]

  *) Fix AcceptPathInfo. PR 8234  [Cliff Woolley]

  *) [Security] Added the APLOG_TOCLIENT flag to ap_log_rerror() to
     explicitly tell the server that warning messages should be sent
     to the client in addition to being recorded in the error log.
     Prior to this change, ap_log_rerror() always sent warning
     messages to the client. In one case, a faulty CGI script caused
     the server to send a warning message to the client that contained
     the full path to the CGI script. This could be considered a
     minor security exposure. [Bill Stoddard]

  *) mod_autoindex output when SuppressRules was specified would
     omit the first carriage return so the first item in the list
     would appear to the right of the column headings instead of
     underneath them. PR 8016  [David Shane Holden <dpejesh@yahoo.com>]

  *) Moved the call to apr_mmap_dup outside the error branch so
     that it would actually get called. This fixes a core dump
     at init everytime you use the MMapFile directive. PR 8314
     [Paul J. Reder]

  *) Trigger an error when a LoadModule directive attempts to
     load a module which is built-in.  This is a common error when
     switching from a DSO build to a static build.  [Jeff Trawick]

  *) Change instdso.sh to use libtool --install everywhere and then
     clean up some stray files and symlinks that libtool leaves around
     on some platforms.  This gets subversion building properly since
     it needed a re-link to be performed by libtool at install time,
     and the old instdso.sh logic to simply cp the DSO didn't handle
     that requirement.  [Sander Striker]

  *) Allow VPATH builds to succeed when configured from an empty
     directory.  [Thom May <thom@planetarytramp.net>]

  *) Fix 'control reaches end of non-void function' warning in
     server/log.c.  [Ben Collins-Sussman <sussman@collab.net>]

  *) Perchild MPM is now correctly deemed as experimental and is now
     located in server/mpm/experimental.  [Justin Erenkrantz]

  *) Fix segfault in mod_mem_cache when garabge collecting an expired
     cache entry.  [Bill Stoddard]

  *) Introduced -E startup_logfile_name option to httpd to allow admins
     to begin logging errors immediately.  This provides Win32 users
     an alternative to sending startup errors to the event viewer, and
     allows other daemon tool authors an alternative to logging to stderr.
     [William Rowe]

  *) Fix subreqs with non-defined Content-Types being served improperly.
     [Justin Erenkrantz]

  *) Merge in latest GNU config.guess and config.sub files.  PR 7818.
     [Justin Erenkrantz]

  *) Move 100 - Continue support to the HTTP_IN filter so that filters
     are guaranteed to support 100 - Continue logic without any
     intervention.  [Justin Erenkrantz]

  *) Add HTTP chunked input trailer support.  [Justin Erenkrantz]

  *) Rename and export get_mime_headers as ap_get_mime_headers.
     [Justin Erenkrantz]

  *) Allow empty Host: header arguments.  PR 7441.  [Justin Erenkrantz]

  *) Properly substitute sbindir as httpd's location in apachectl.  PR 7840.
     [Andreas Hasenack <andreas@netbank.com.br>]

  *) Allow Win32 shebang scripts to follow the path (or omit the .exe
     suffix from the shebang command), and allow ScriptInterpreterSource
     Registry or RegistryStrict to override shebang lines, as 1.3 did.
     PR 8004  [William Rowe]

  *) worker MPM: Fix a situation where a child exited without releasing
     the accept mutex.  Depending on the OS and mutex mechanism this
     could result in a hang.  [Jeff Trawick]

  *) Update the instructions for how to get started with mod_example.
     [Stas Bekman]

  *) Fix PidFile to default to rel_runtimedir instead of
     rel_logfiledir.  PR 7841.  [Andreas Hasenack <andreas@netbank.com.br>]

  *) Win32: Fix problem that caused rapid performance degradation
     when number of connecting clients exceeded ThreadsPerChild.
     [Bill Stoddard]

  *) Fixed a segfault parsing large SSIs on non-mmap systems.
     [Brian Havard]

  *) Proxy was bombing out every second keepalive request, caused by a
     stray CRLF before the second response's status line. Proxy now
     tries to read one more line if it encounters a CRLF where it
     expected a status. PR 10010 [Graham Leggett]

  *) Deprecated the apr_lock.h API. Please see the following files
     for the improved thread and process locking and signaling:
     apr_proc_mutex.h, apr_thread_mutex.h, apr_thread_rwlock.h,
     apr_thread_cond.h, and apr_global_mutex.h.  [Aaron Bannert]

  *) Change mod_status to use scoreboard accessor functions so it can
     be used in any MPM without having to be recompiled.
     [Ryan Morgan <rmorgan@covalent.net>]

  *) Fix parsing of some AP_DECLARE_DATA declarations so that the filter
     handle declarations are recognized.  This fixes problems loading
     mod_autoindex on some platforms.  [Brian Havard]

  *) add optional fixup hook to proxy [Daniel Lopez <daniel@covalent.net>]

  *) Remind the admin about the User and Group directives when we are
     unable to set permissions on a semaphore.  PR 7812  [Jeff Trawick]

  *) fix possible compilation problem in ssl_engine_kernel.c. PR 7802
     [Doug MacEachern]

  *) fix possible infinite loop in mod_ssl triggered by certain
     netscape clients [Doug MacEachern]

  *) fix ProxyPass when frontend is https and backend is http
     [Doug MacEachern]

  *) Add DASL support to mod_dav
     [Sung Kim <hunkim@cse.ucsc.edu>]

Revision 1.6.2.1 / (download) - annotate - [select for diffs], Sat May 11 02:09:28 2002 UTC (17 years, 3 months ago) by jlam
Branch: buildlink2
Changes since 1.6: +10 -13 lines
Diff to previous 1.6 (colored)

First pass at conversion of various packages to use the buildlink2
framework.  Add many buildlink2.mk files to add to the framework.  Please
see buildlink2.txt for more details.

Revision 1.6 / (download) - annotate - [select for diffs], Tue Apr 16 20:07:09 2002 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
Branch point for: buildlink2
Changes since 1.5: +28 -24 lines
Diff to previous 1.5 (colored)

Fix up the example config files by replacing the pathnames with hier(7)
equivalents, and adding "Listen 0.0.0.0:${port}" for port=80,443.  Also
move the --with-ssl configure option into the _AP_CFG_ARGS table.

Revision 1.5 / (download) - annotate - [select for diffs], Tue Apr 16 17:41:54 2002 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.4: +32 -6 lines
Diff to previous 1.4 (colored)

Add the ability to specify the list of Apache modules to link statically
into the httpd binary.  This may be adjusted by setting APACHE_MODULES in
/etc/mk.conf and defaults to ${DFLT_APACHE_MODULES}, which contains:

	all proxy proxy_connect proxy_ftp proxy_http ssl

A complete list of which modules may be built into the Apache httpd server
may be found in the Apache documentation either in the distributed tarball
or on the Apache website (http://httpd.apache.org).  An example for adding
mod_deflate is:

	APACHE_MODULES=	${DFLT_APACHE_MODULES} deflate

The implementation of this feature uses two tables, _AP_DEPENDS and
_AP_CFG_ARGS, indexed by the module name and that specify respectively
any additional dependencies or configure script options needed for building
the module.

Revision 1.4 / (download) - annotate - [select for diffs], Mon Apr 15 18:35:29 2002 UTC (17 years, 4 months ago) by kei
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

apache version 2 is released officially (not beta now).

Revision 1.3 / (download) - annotate - [select for diffs], Sat Apr 13 21:35:50 2002 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.2: +36 -54 lines
Diff to previous 1.2 (colored)

--------------------------------------------------------------------------------
Update www/apache2 to 2.0.35, the first stable release of Apache 2.x.
Pkgsrc changes include:

  *) Compiling the included modules statically.  Add-ons will be built
     dynamically.
  *) Match improvements to www/apache rc.d script.
  *) Automatically add "Listen 0.0.0.0:80" to the sample config files as the
     default install of NetBSD is IPv4/IPv6 and we want the default install of
     Apache to work out-of-the-box.
  *) Automatically reset the User and Group directives to match the ones for
     suEXEC in the config files to ease the use of suEXEC in Apache.

Changes from version 2.0.32 beta include:

  *) Small bug fixes across the board.
  *) Bug fixes to the various MPMs.
  *) Performance improvements.
  *) Fixes for mod_include errors on boundary conditions
  *) Bug fixes for mod_proxy to prevent hangs and for RFC2616 compliance.
  *) Improvements to mod_dav for improved API and for RFC 3253 compliance
  *) Improvemants to mod_ssl to support SSL proxy and RSA SSLC 1.x/2.x
  *) Greatly improve mod_cache (disk/mem) [this is disabled in pkgsrc]
  *) New scoreboard file implementation that is readable by 3rd-party apps.
  *) Allow all Perchild directives to accept either numerical UID/GID
     or logical user/group names.
  *) Add support for macro expansion within the variable names in
     <!--#echo--> and <!--#set--> directives
  *) Implement SSLSessionCache shmht and shmcb.
  *) New directive ProxyIOBufferSize. Sets the size of the buffer used
     when reading from a remote HTTP server in proxy.
  *) Scrap CacheMaxExpireMin and CacheDefaultExpireMin. Change
     CacheMaxExpire and CacheDefaultExpire to use seconds rather than
     hours.
  *) New Directive SSIUndefinedEcho. to change the '(none)' echoed
     for a undefined variable.
  *) Introduce PassPhraseDialog "|/path/to/pipe" mechanism to mod_ssl.
  *) New Directive for mod_proxy: ProxyRemoteMatch.
  *) Fix IPv6 name-based virtual hosts.
  *) Introduce AddOutputFilterByType directive.

Revision 1.2 / (download) - annotate - [select for diffs], Tue Mar 5 23:56:22 2002 UTC (17 years, 5 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Changes since 1.1: +135 -39 lines
Diff to previous 1.1 (colored)

Update www/apache2 to 2.0.32 beta.  Pkgsrc changes from the previous version
include:

  *) Move the binaries back into ${PREFIX}/sbin to match the locations
     for www/apache.

  *) Build the Apache modules (including mod_ssl) so that apache2 has
     the same functionality as apache.

  *) Support shared modules on platforms that support them.  Otherwise,
     link the modules statically into the server.

  *) Support suEXEC in the same way as for www/apache.

  *) Honor PKG_SYSCONFDIR.

  *) Add a rc.d-style control script based on www/apache/files/apache.sh.

  *) Strongly buildlinkify again after previous changes broke it.

Relevant changes from version 2.0.28 beta include:

  *) A ton of bug fixes in both the main server code and the module code
     (it _is_ a beta release following a previous beta release).

  *) Several performance and memory optimizations.

  *) The Location: response header field, used for external
     redirect, *must* be an absoluteURI.  The Redirect directive
     tested for that, but RedirectMatch didn't -- it would allow
     almost anything through.  Now it will try to turn an abs_path
     into an absoluteURI, but it will correctly varf like Redirect
     if the final redirection target isn't an absoluteURI.

  *) Add several new mod_proxy directives:
     ProxyTimeout, ProxyPreserveHost, ProxyPass.

  *) FTP directory listings are now always retrieved in ASCII mode.
     The FTP proxy properly escapes URI's and HTML in the generated
     listing, and escapes the path components when talking to the FTP
     server.

  *) Add FileETag directive to allow configurable control of what
     data are used to form ETag values for file-based URIs.

  *) Introduced the ForceLanguagePriority directive, to prevent
     returning MULTIPLE_CHOICES or NONE_ACCEPTABLE in some cases,
     when using Multiviews.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Mar 5 23:24:06 2002 UTC (17 years, 5 months ago) by jlam
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Reimport pkgsrc/www/apache-current as pkgsrc/www/apache2.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Mar 5 23:24:06 2002 UTC (17 years, 5 months ago) by jlam
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>