Up to [cvs.NetBSD.org] / pkgsrc / www / apache24 / patches
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.3, Fri Oct 6 06:22:05 2017 UTC (19 months, 2 weeks ago) by adam
CVS Tags: HEAD
Changes since 1.2: +1 -1 lines
apache24: update to 2.4.28 Changes with Apache 2.4.28 *) SECURITY: CVE-2017-9798 (cve.mitre.org) Corrupted or freed memory access. <Limit[Except]> must now be used in the main configuration file (httpd.conf) to register HTTP methods before the .htaccess files. *) event: Avoid possible blocking in the listener thread when shutting down connections. *) mod_speling: Don't embed referer data in a link in error page. *) htdigest: prevent a buffer overflow when a string exceeds the allowed max length in a password file. *) mod_proxy: loadfactor parameter can now be a decimal number (eg: 1.25). *) mod_proxy_wstunnel: Allow upgrade to any protocol dynamically. *) mod_watchdog/mod_proxy_hcheck: Time intervals can now be spefified down to the millisecond. Supports 'mi' (minute), 'ms' (millisecond), 's' (second) and 'hr' (hour!) time suffixes. *) mod_http2: Fix for stalling when more than 32KB are written to a suspended stream. *) build: allow configuration without APR sources. *) mod_ssl, ab: Fix compatibility with LibreSSL. *) core/log: Support use of optional "tag" in syslog entries. *) mod_proxy: Fix ProxyAddHeaders merging. *) core: Disallow multiple Listen on the same IP:port when listener buckets are configured (ListenCoresBucketsRatio > 0), consistently with the single bucket case (default), thus avoiding the leak of the corresponding socket descriptors on graceful restart. *) event: Avoid listener periodic wake ups by using the pollset wake-ability when available. *) mod_proxy_wstunnel: Fix detection of unresponded request which could have led to spurious HTTP 502 error messages sent on upgrade connections.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Sep 18 13:34:51 2017 UTC (20 months ago) by wiz
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
Fix URL in comment.
Revision 1.1 / (download) - annotate - [select for diffs], Mon Sep 18 13:24:05 2017 UTC (20 months ago) by wiz
apache24: fix "Optionsbleed" security bug See https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html Bump PKGREVISION.
This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.