[BACK]Return to distinfo CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / www / apache24

File: [cvs.NetBSD.org] / pkgsrc / www / apache24 / distinfo (download)

Revision 1.13, Tue Mar 18 20:09:08 2014 UTC (5 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.12: +4 -4 lines

Changes 2.4.9:
*) mod_ssl: Work around a bug in some older versions of OpenSSL that
   would cause a crash in SSL_get_certificate for servers where the
   certificate hadn't been sent.
*) mod_lua: Add a fixups hook that checks if the original request is intended
   for LuaMapHandler. This fixes a bug where FallbackResource invalidates the
   LuaMapHandler directive in certain cases by changing the URI before the map
   handler code executes

Changes 2.4.8:
*) SECURITY: CVE-2014-0098 (cve.mitre.org)
   Clean up cookie logging with fewer redundant string parsing passes.
   Log only cookies with a value assignment. Prevents segfaults when
   logging truncated cookies.
*) SECURITY: CVE-2013-6438 (cve.mitre.org)
   mod_dav: Keep track of length of cdata properly when removing
   leading spaces. Eliminates a potential denial of service from
   specifically crafted DAV WRITE requests
*) core: Support named groups and backreferences within the LocationMatch,
   DirectoryMatch, FilesMatch and ProxyMatch directives. (Requires
   non-ancient PCRE library)
*) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
   TE/CL conflicts.
*) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping
   execution when a handler is already set.
*) mod_ssl: Do not perform SNI / Host header comparison in case of a
   forward proxy request.
*) mod_ssl: Remove the hardcoded algorithm-type dependency for the
   SSLCertificateFile and SSLCertificateKeyFile directives, to enable
   future algorithm agility, and deprecate the SSLCertificateChainFile
   directive (obsoleted by SSLCertificateFile).
*) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore,
   and IgnoreInherit to allow RewriteRules to be pushed from parent scopes
   to child scopes without explicitly configuring each child scope.
*) prefork: Fix long delays when doing a graceful restart.
*) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
   5+ instead of just for FreeBSD 5.
*) mod_proxy_wstunnel: Avoid busy loop on client errors, drop message
   IDs 02445, 02446, and 02448 to TRACE1 from DEBUG.
*) mod_remoteip: Correct the trusted proxy match test.
*) mod_proxy_fcgi: Fix error message when an unexpected protocol version
   number is received from the application.
*) mod_remoteip: Use the correct IP addresses to populate the proxy_ips field.
*) mod_lua: Update r:setcookie() to accept a table of options and add domain,
   path and httponly to the list of options available to set.
*) mod_lua: Fix r:setcookie() to add, rather than replace,
   the Set-Cookie header.
*) mod_lua: Allow for database results to be returned as a hash with
   row-name/value pairs instead of just row-number/value.
*) mod_rewrite: Add %{CONN_REMOTE_ADDR} as the non-useragent counterpart to
   %{REMOTE_ADDR}.
*) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
   save the socket for reuse by the next worker as if it were an
   APR_SO_DISCONNECTED socket. Restores 2.2 behavior.
*) mod_dir: Don't search for a DirectoryIndex or DirectorySlash on a URL
   that was just rewritten by mod_rewrite.
*) mod_session: When we have a session we were unable to decode,
   behave as if there was no session at all.
*) mod_session: Fix problems interpreting the SessionInclude and
   SessionExclude configuration.
*) mod_authn_core: Allow <AuthnProviderAlias>'es to be seen from auth
   stanzas under virtual hosts.
*) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded
   30 seconds timeout.
*) mod_proxy: Added support for unix domain sockets as the
   backend server endpoint
*) build: only search for modules (config*.m4) in known subdirectories, see
   build/config-stubs.
*) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk.
*) mod_ssl: Add support for OpenSSL configuration commands by introducing
   the SSLOpenSSLConfCmd directive.
*) mod_proxy: Remove (never documented) <Proxy ~ wildcard-url> syntax which
   is equivalent to <ProxyMatch wildcard-url>.
*) mod_authz_user, mod_authz_host, mod_authz_groupfile, mod_authz_dbm,
   mod_authz_dbd, mod_authnz_ldap: Support the expression parser within the
   require directives.
*) mod_proxy_http: Core dumped under high load.
*) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
   previously limited to 64MB.
*) mod_lua: Use binary copy when dealing with uploads through r:parsebody()
   to prevent truncating files.

$NetBSD: distinfo,v 1.13 2014/03/18 20:09:08 adam Exp $

SHA1 (httpd-2.4.9.tar.bz2) = 646aedbf59519e914c424b3a85d846bf189be3f4
RMD160 (httpd-2.4.9.tar.bz2) = 2d8095d7ce9298d813aed849cc1cb3272a4acb5a
Size (httpd-2.4.9.tar.bz2) = 4994460 bytes
SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839
SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d
SHA1 (patch-ad) = 4ba4a9c812951f533fa316e5dbf17eaab5494157
SHA1 (patch-ae) = 5bd3bf54e792bf8a2916d7e1b49b1702b02c6903
SHA1 (patch-ag) = 50c7f0fab1cb90ac573f1c47f2d37f9c2a6247e1
SHA1 (patch-ai) = 867ac81fd14b1bd6af048ec57390d915956e9568
SHA1 (patch-al) = 02d9ade5aac4270182063d5ad413970c832ee911
SHA1 (patch-am) = f14b260ffad2c7e8d26e5b614d4aeaf8506e195b
SHA1 (patch-aw) = 43cd64df886853ef7b75b91ed20183f329fcc9df
SHA1 (patch-include_ap__config.h) = 1d056e2d4db80ec97aaf755b6dd6aff69ed2cd96
SHA1 (patch-server_core__filters.c) = 331672c9a65691229518f31dcdae64382b392287