CVS log for pkgsrc/www/cherokee/PLIST

Up to [cvs.netbsd.org] / pkgsrc / www / cherokee

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.4 / (download) - annotate - [select for diffs], Thu Mar 22 22:40:18 2012 UTC (2 months ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, HEAD
Changes since 1.3: +137 -36 lines
Diff to previous 1.3 (colored)

Update to Cherokee 1.2.105
Requested by Moritz Wilhelmy on IRC.


Vulnerabilities fixed:

* CVE-2011-2191
  Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee
  before 1.2.99 allows remote attackers to hijack the authentication of
  administrators for requests that insert cross-site scripting (XSS) sequences,
  as demonstrated by a crafted nickname field to vserver/apply.

* CVE-2011-2190
  The generate_admin_password function in Cherokee before 1.2.99 uses time and
  PID values for seeding of a random number generator, which makes it easier
  for local users to determine admin passwords via a brute-force attack.


New features (excerpt):

* Caching policies support
* Custom header can be defined inside rules
* Improved Index Page
* Kqueue is now used by default on MacOS X and *BSD
* New option to disable the use of SSLv2
* Wild cards are now supported in dirlist fields
* Redirection entries can be reordered
* ${vserver_name_req} in logger 'Custom'
* Cherokee-admin can be shut down from within
* TLS/SSL supports the 'IP per VServer' workaround now
* Virtual Server complex match support (OR rules)
* Redirection error handler has a 'default' option now
* New ${root_domain} macro in Advanced Virtual Hosting
* Failover load balancing plug-in
* cherokee-admin-launcher tool
* Information Source name resolution pre-caching
* Gzip and Default is configurable now (#1054)
* ${http_host}, ${http_referrer}, and ${http_user_agent} (#896)
* Much better OPTIONS support
* Documentation improvements
* Information Sources can be reordered now (*CGI handlers)
* X-Sendfile and X-Accel-Redirect support in the proxy
* Shared memory implementation (no longer SysV) (#537)
* Logger custom. New macro: ${http_cookie}
* Virtual Host regex group replacement (^ parameters)
* --with-cgiroot in configure
* -i / --disable-iocache param in cherokee-admin
* 'Server Info' extended to support accepts and timeouts
* cherokee-admin-launcher accepts SIGHUP now
* CTK_COOKIE security enhancement
* Enhanced pre-saving validations
* Interpreter env. vars can embedded $VARs evaluation
* QA bench can be run without installing Cherokee first
* OS tuning documentation
* Regex against full header match
* Nick name match is optional on VServers (#1075)
* Front-Line Cache (beta)
* Cherokee Distribution (beta)
* CHEROKEE_TRACE special "from=<ip>" support
* SSL/TLS Wizard
* SSI recursive includes
* "UNIX socket in a abstract namespace" support
* Adds SHA512 support to the MySQL validator
* HSTS (HTTP Strict Transport Security) support

Revision 1.3 / (download) - annotate - [select for diffs], Sun Jul 11 12:18:55 2010 UTC (22 months, 2 weeks ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3
Changes since 1.2: +899 -88 lines
Diff to previous 1.2 (colored)

Update cherokee to 1.0.5.
Based on PR#43557 by Wen Heping.

Bump to 1.x release.

Revision 1.2 / (download) - annotate - [select for diffs], Sun Jun 14 22:00:19 2009 UTC (2 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2
Changes since 1.1: +3 -18 lines
Diff to previous 1.1 (colored)

Convert @exec/@unexec to @pkgdir or drop it.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon May 1 07:22:29 2006 UTC (6 years ago) by jmmv
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Initial import of cherokee, version 0.5.3:

Cherokee is a very fast, flexible and easy to configure Web Server.  It
supports the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI,
TLS and SSL encrypted connections, Virtual hosts, Authentication, on the
fly encoding, Apache compatible log files, and much more.

Revision 1.1 / (download) - annotate - [select for diffs], Mon May 1 07:22:29 2006 UTC (6 years ago) by jmmv
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.