[BACK]Return to distinfo CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / www / apache24

File: [cvs.NetBSD.org] / pkgsrc / www / apache24 / distinfo (download)

Revision 1.36, Thu Jul 19 08:53:58 2018 UTC (15 months ago) by adam
Branch: MAIN
Changes since 1.35: +6 -6 lines

apache24: updated to 2.4.34

Apache 2.4.34
*) SECURITY: CVE-2018-8011 (cve.mitre.org)
   mod_md: DoS via Coredumps on specially crafted requests
*) SECURITY: CVE-2018-1333 (cve.mitre.org)
   mod_http2: DoS for HTTP/2 connections by specially crafted requests
*) Introduce zh-cn and zh-tw (simplified and traditional Chinese) error
   document translations.
*) event: avoid possible race conditions with modules on the child pool.
*) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or
   ProxyPassReverseCookiePath directive could fail to update correctly
   'domain=' or 'path=' in the 'Set-Cookie' header.
*) mod_ratelimit: fix behavior when proxing content.
*) core: Re-allow '_' (underscore) in hostnames.
*) mod_authz_core: If several parameters are used in a AuthzProviderAlias
   directive, if these parameters are not enclosed in quotation mark, only
   the first one is handled. The other ones are silently ignored.
   Add a message to warn about such a spurious configuration.
*) mod_md: improvements and bugfixes
   - MDNotifyCmd now takes additional parameter that are passed on to the called command.
   - ACME challenges have better checks for interference with other modules
   - ACME challenges are only handled for domains managed by the module, allowing
     other ACME clients to operate for other domains in the server.
   - better libressl integration
*) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
*) logging: Some early logging-related startup messages could be lost
   when using syslog for the global ErrorLog.
*) mod_cache: Handle case of an invalid Expires header value RFC compliant
   like the case of an Expires time in the past: allow to overwrite the
   non-caching decision using CacheStoreExpired and respect Cache-Control
   "max-age" and "s-maxage".
*) mod_xml2enc: Fix forwarding of error metadata/responses.
*) mod_proxy_http: Fix response header thrown away after the previous one
   was considered too large and truncated.
*) core: Add and handle AP_GETLINE_NOSPC_EOL flag for ap_getline() family
   of functions to consume the end of line when the buffer is exhausted.
*) mod_proxy_http: Add new worker parameter 'responsefieldsize' to
   allow maximum HTTP response header size to be increased past 8192
   bytes.
*) mod_ssl: Extend SSLOCSPEnable with mode 'leaf' that only checks the leaf
   of a certificate chain.
*) http: Fix small memory leak per request when handling persistent
   connections.
*) mod_proxy_html: Fix variable interpolation and memory allocation failure
   in ProxyHTMLURLMap.
*) mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 2.4.30.
*) mod_remoteip: When overriding the useragent address from X-Forwarded-For,
   zero out what had been initialized as the connection-level port.
*) core: In ONE_PROCESS/debug mode, cleanup everything when exiting.
*) mod_proxy_balancer: Add hot spare member type and corresponding flag (R).
   Hot spare members are used as drop-in replacements for unusable workers
   in the same load balancer set. This differs from hot standbys which are
   only used when all workers in a set are unusable.
*) suexec: Add --enable-suexec-capabilites support on Linux, to use
   setuid/setgid capability bits rather than a setuid root binary.
*) suexec: Add support for logging to syslog as an alternative to
   logging to a file; use --without-suexec-logfile --with-suexec-syslog.
*) mod_ssl: Restore 2.4.29 behaviour in SSL vhost merging/enabling
   which broke some rare but previously-working configs.
*) core, log: improve sanity checks for the ErrorLog's syslog config, and
   explicitly allow only lowercase 'syslog' settings.
*) mod_http2: accurate reporting of h2 data input/output per request via
   mod_logio. Fixes an issue where output sizes where counted n-times on
   reused slave connections.
*) mod_http2: Fix unnecessary timeout waits in case streams are aborted.
*) mod_http2: restoring the v1.10.16 keepalive timeout behaviour of mod_http2.
*) mod_proxy: Do not restrict the maximum pool size for backend connections
   any longer by the maximum number of threads per process and use a better
   default if mod_http2 is loaded.
*) mod_slotmem_shm: Add generation number to shm filename to fix races
   with graceful restarts.
*) core: Preserve the original HTTP request method in the '%<m' LogFormat
   when an path-based ErrorDocument is used.
*) mod_remoteip: make proxy-protocol work on slave connections, e.g. in
   HTTP/2 requests.
*) mod_ssl: Fix merging of proxy SSL context outside <Proxy> sections,
   regression introduced in 2.4.30.
*) mod_md: Fix compilation with OpenSSL before version 1.0.2.
*) mod_dumpio: do nothing below log level TRACE7.
*) mod_remoteip: Restore compatibility with APR 1.4 (apr_sockaddr_is_wildcard).
*) core: On ECBDIC platforms, some errors related to oversized headers
   may be misreported or be logged as ASCII escapes.
*) mod_ssl: Fix cmake-based build.
*) core: Add <IfFile>, <IfDirective> and <IfSection> conditional
   section containers.

$NetBSD: distinfo,v 1.36 2018/07/19 08:53:58 adam Exp $

SHA1 (httpd-2.4.34.tar.bz2) = 94d6e274273903ed153479c7701fa03761abf93d
RMD160 (httpd-2.4.34.tar.bz2) = 80470d5ad344eba9b0260a9ff901c4a78def0abd
SHA512 (httpd-2.4.34.tar.bz2) = 2bc09213f08a4722e305929fbac5f5060c7a8444704494894bb9b61f17e4d20bb6e3d663bb93fc5b2030b04a43fb12373d260cc291422b210b299725aaf3b5c8
Size (httpd-2.4.34.tar.bz2) = 6942969 bytes
SHA1 (patch-aa) = 6ccbed6de555365298d5cb4bb1dc7d4aa62ed450
SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d
SHA1 (patch-ad) = 4ba4a9c812951f533fa316e5dbf17eaab5494157
SHA1 (patch-ae) = 5bd3bf54e792bf8a2916d7e1b49b1702b02c6903
SHA1 (patch-ag) = 50c7f0fab1cb90ac573f1c47f2d37f9c2a6247e1
SHA1 (patch-ai) = 867ac81fd14b1bd6af048ec57390d915956e9568
SHA1 (patch-al) = 02d9ade5aac4270182063d5ad413970c832ee911
SHA1 (patch-am) = acdf7198ae8b4353cfc70c8015a0f09de036b777
SHA1 (patch-aw) = 43cd64df886853ef7b75b91ed20183f329fcc9df
SHA1 (patch-include_ap__config.h) = 1d056e2d4db80ec97aaf755b6dd6aff69ed2cd96