summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorspz <spz>2014-03-21 08:02:35 +0000
committerspz <spz>2014-03-21 08:02:35 +0000
commitf5a19a08c84232c0d9b7271491e00492be40869b (patch)
treebd5cab8494fc0269ba40b4552c55a2af134db22c
parent8e2adb20714d6aadb668d5294dae08794efeee2e (diff)
downloadpkgsrc-f5a19a08c84232c0d9b7271491e00492be40869b.tar.gz
Pullup ticket #4349 - requested by tron
www/apache24: security update Revisions pulled up: - www/apache24/Makefile 1.26 - www/apache24/PLIST 1.15 - www/apache24/distinfo 1.13 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: adam Date: Tue Mar 18 20:09:08 UTC 2014 Modified Files: pkgsrc/www/apache24: Makefile PLIST distinfo Log Message: Changes 2.4.9: *) mod_ssl: Work around a bug in some older versions of OpenSSL that would cause a crash in SSL_get_certificate for servers where the certificate hadn't been sent. *) mod_lua: Add a fixups hook that checks if the original request is intend= ed for LuaMapHandler. This fixes a bug where FallbackResource invalidates t= he LuaMapHandler directive in certain cases by changing the URI before the = map handler code executes Changes 2.4.8: *) SECURITY: CVE-2014-0098 (cve.mitre.org) Clean up cookie logging with fewer redundant string parsing passes. Log only cookies with a value assignment. Prevents segfaults when logging truncated cookies. *) SECURITY: CVE-2013-6438 (cve.mitre.org) mod_dav: Keep track of length of cdata properly when removing leading spaces. Eliminates a potential denial of service from specifically crafted DAV WRITE requests *) core: Support named groups and backreferences within the LocationMatch, DirectoryMatch, FilesMatch and ProxyMatch directives. (Requires non-ancient PCRE library) *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding TE/CL conflicts. *) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping execution when a handler is already set. *) mod_ssl: Do not perform SNI / Host header comparison in case of a forward proxy request. *) mod_ssl: Remove the hardcoded algorithm-type dependency for the SSLCertificateFile and SSLCertificateKeyFile directives, to enable future algorithm agility, and deprecate the SSLCertificateChainFile directive (obsoleted by SSLCertificateFile). *) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore, and IgnoreInherit to allow RewriteRules to be pushed from parent scopes to child scopes without explicitly configuring each child scope. *) prefork: Fix long delays when doing a graceful restart. *) FreeBSD: Disable IPv4-mapped listening sockets by default for versions 5+ instead of just for FreeBSD 5. *) mod_proxy_wstunnel: Avoid busy loop on client errors, drop message IDs 02445, 02446, and 02448 to TRACE1 from DEBUG. *) mod_remoteip: Correct the trusted proxy match test. *) mod_proxy_fcgi: Fix error message when an unexpected protocol version number is received from the application. *) mod_remoteip: Use the correct IP addresses to populate the proxy_ips fie= ld. *) mod_lua: Update r:setcookie() to accept a table of options and add domai= n, path and httponly to the list of options available to set. *) mod_lua: Fix r:setcookie() to add, rather than replace, the Set-Cookie header. *) mod_lua: Allow for database results to be returned as a hash with row-name/value pairs instead of just row-number/value. *) mod_rewrite: Add %{CONN_REMOTE_ADDR} as the non-useragent counterpart to %{REMOTE_ADDR}. *) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't save the socket for reuse by the next worker as if it were an APR_SO_DISCONNECTED socket. Restores 2.2 behavior. *) mod_dir: Don't search for a DirectoryIndex or DirectorySlash on a URL that was just rewritten by mod_rewrite. *) mod_session: When we have a session we were unable to decode, behave as if there was no session at all. *) mod_session: Fix problems interpreting the SessionInclude and SessionExclude configuration. *) mod_authn_core: Allow <AuthnProviderAlias>'es to be seen from auth stanzas under virtual hosts. *) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded 30 seconds timeout. *) mod_proxy: Added support for unix domain sockets as the backend server endpoint *) build: only search for modules (config*.m4) in known subdirectories, see build/config-stubs. *) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk. *) mod_ssl: Add support for OpenSSL configuration commands by introducing the SSLOpenSSLConfCmd directive. *) mod_proxy: Remove (never documented) <Proxy ~ wildcard-url> syntax which is equivalent to <ProxyMatch wildcard-url>. *) mod_authz_user, mod_authz_host, mod_authz_groupfile, mod_authz_dbm, mod_authz_dbd, mod_authnz_ldap: Support the expression parser within the require directives. *) mod_proxy_http: Core dumped under high load. *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size previously limited to 64MB. *) mod_lua: Use binary copy when dealing with uploads through r:parsebody() to prevent truncating files. To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 pkgsrc/www/apache24/Makefile cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/apache24/PLIST cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/apache24/distinfo
-rw-r--r--www/apache24/Makefile4
-rw-r--r--www/apache24/PLIST41
-rw-r--r--www/apache24/distinfo8
3 files changed, 28 insertions, 25 deletions
diff --git a/www/apache24/Makefile b/www/apache24/Makefile
index 665bcc72c0b..48784234306 100644
--- a/www/apache24/Makefile
+++ b/www/apache24/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.24 2013/12/12 12:24:48 jperkin Exp $
+# $NetBSD: Makefile,v 1.24.2.1 2014/03/21 08:02:35 spz Exp $
-DISTNAME= httpd-2.4.7
+DISTNAME= httpd-2.4.9
PKGNAME= ${DISTNAME:S/httpd/apache/}
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
diff --git a/www/apache24/PLIST b/www/apache24/PLIST
index e230a6b86eb..2ca2f2f6c60 100644
--- a/www/apache24/PLIST
+++ b/www/apache24/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2013/12/01 10:02:34 ryoon Exp $
+@comment $NetBSD: PLIST,v 1.12.2.1 2014/03/21 08:02:35 spz Exp $
bin/ab
bin/apxs
bin/dbmmanage
@@ -61,8 +61,8 @@ include/httpd/util_cfgtree.h
include/httpd/util_charset.h
include/httpd/util_cookies.h
include/httpd/util_ebcdic.h
-include/httpd/util_filter.h
include/httpd/util_fcgi.h
+include/httpd/util_filter.h
include/httpd/util_ldap.h
include/httpd/util_md5.h
include/httpd/util_mutex.h
@@ -822,14 +822,14 @@ share/httpd/manual/developer/debugging.html
share/httpd/manual/developer/debugging.html.en
share/httpd/manual/developer/documenting.html
share/httpd/manual/developer/documenting.html.en
-share/httpd/manual/developer/documenting.html.zh-cn
+share/httpd/manual/developer/documenting.html.zh-cn.utf8
share/httpd/manual/developer/filters.html
share/httpd/manual/developer/filters.html.en
share/httpd/manual/developer/hooks.html
share/httpd/manual/developer/hooks.html.en
share/httpd/manual/developer/index.html
share/httpd/manual/developer/index.html.en
-share/httpd/manual/developer/index.html.zh-cn
+share/httpd/manual/developer/index.html.zh-cn.utf8
share/httpd/manual/developer/modguide.html
share/httpd/manual/developer/modguide.html.en
share/httpd/manual/developer/modules.html
@@ -868,7 +868,7 @@ share/httpd/manual/faq/index.html
share/httpd/manual/faq/index.html.en
share/httpd/manual/faq/index.html.fr
share/httpd/manual/faq/index.html.tr.utf8
-share/httpd/manual/faq/index.html.zh-cn
+share/httpd/manual/faq/index.html.zh-cn.utf8
share/httpd/manual/filter.html
share/httpd/manual/filter.html.en
share/httpd/manual/filter.html.es
@@ -894,7 +894,7 @@ share/httpd/manual/handler.html.fr
share/httpd/manual/handler.html.ja.utf8
share/httpd/manual/handler.html.ko.euc-kr
share/httpd/manual/handler.html.tr.utf8
-share/httpd/manual/handler.html.zh-cn
+share/httpd/manual/handler.html.zh-cn.utf8
share/httpd/manual/howto/access.html
share/httpd/manual/howto/access.html.en
share/httpd/manual/howto/access.html.fr
@@ -920,7 +920,7 @@ share/httpd/manual/howto/index.html.en
share/httpd/manual/howto/index.html.fr
share/httpd/manual/howto/index.html.ja.utf8
share/httpd/manual/howto/index.html.ko.euc-kr
-share/httpd/manual/howto/index.html.zh-cn
+share/httpd/manual/howto/index.html.zh-cn.utf8
share/httpd/manual/howto/public_html.html
share/httpd/manual/howto/public_html.html.en
share/httpd/manual/howto/public_html.html.fr
@@ -953,6 +953,7 @@ share/httpd/manual/images/mod_filter_new.gif
share/httpd/manual/images/mod_filter_new.png
share/httpd/manual/images/mod_filter_new.tr.png
share/httpd/manual/images/mod_filter_old.gif
+share/httpd/manual/images/mod_filter_old.png
share/httpd/manual/images/mod_rewrite_fig1.gif
share/httpd/manual/images/mod_rewrite_fig1.png
share/httpd/manual/images/mod_rewrite_fig2.gif
@@ -982,7 +983,7 @@ share/httpd/manual/index.html.ja.utf8
share/httpd/manual/index.html.ko.euc-kr
share/httpd/manual/index.html.pt-br
share/httpd/manual/index.html.tr.utf8
-share/httpd/manual/index.html.zh-cn
+share/httpd/manual/index.html.zh-cn.utf8
share/httpd/manual/install.html
share/httpd/manual/install.html.de
share/httpd/manual/install.html.en
@@ -1012,7 +1013,7 @@ share/httpd/manual/misc/index.html.en
share/httpd/manual/misc/index.html.fr
share/httpd/manual/misc/index.html.ko.euc-kr
share/httpd/manual/misc/index.html.tr.utf8
-share/httpd/manual/misc/index.html.zh-cn
+share/httpd/manual/misc/index.html.zh-cn.utf8
share/httpd/manual/misc/password_encryptions.html
share/httpd/manual/misc/password_encryptions.html.en
share/httpd/manual/misc/password_encryptions.html.fr
@@ -1051,7 +1052,7 @@ share/httpd/manual/mod/directives.html.fr
share/httpd/manual/mod/directives.html.ja.utf8
share/httpd/manual/mod/directives.html.ko.euc-kr
share/httpd/manual/mod/directives.html.tr.utf8
-share/httpd/manual/mod/directives.html.zh-cn
+share/httpd/manual/mod/directives.html.zh-cn.utf8
share/httpd/manual/mod/event.html
share/httpd/manual/mod/event.html.en
share/httpd/manual/mod/event.html.fr
@@ -1063,7 +1064,7 @@ share/httpd/manual/mod/index.html.fr
share/httpd/manual/mod/index.html.ja.utf8
share/httpd/manual/mod/index.html.ko.euc-kr
share/httpd/manual/mod/index.html.tr.utf8
-share/httpd/manual/mod/index.html.zh-cn
+share/httpd/manual/mod/index.html.zh-cn.utf8
share/httpd/manual/mod/mod_access_compat.html
share/httpd/manual/mod/mod_access_compat.html.en
share/httpd/manual/mod/mod_access_compat.html.fr
@@ -1550,7 +1551,7 @@ share/httpd/manual/mod/quickreference.html.fr
share/httpd/manual/mod/quickreference.html.ja.utf8
share/httpd/manual/mod/quickreference.html.ko.euc-kr
share/httpd/manual/mod/quickreference.html.tr.utf8
-share/httpd/manual/mod/quickreference.html.zh-cn
+share/httpd/manual/mod/quickreference.html.zh-cn.utf8
share/httpd/manual/mod/worker.html
share/httpd/manual/mod/worker.html.de
share/httpd/manual/mod/worker.html.en
@@ -1565,7 +1566,7 @@ share/httpd/manual/mpm.html.fr
share/httpd/manual/mpm.html.ja.utf8
share/httpd/manual/mpm.html.ko.euc-kr
share/httpd/manual/mpm.html.tr.utf8
-share/httpd/manual/mpm.html.zh-cn
+share/httpd/manual/mpm.html.zh-cn.utf8
share/httpd/manual/new_features_2_0.html
share/httpd/manual/new_features_2_0.html.de
share/httpd/manual/new_features_2_0.html.en
@@ -1592,7 +1593,7 @@ share/httpd/manual/platform/index.html
share/httpd/manual/platform/index.html.en
share/httpd/manual/platform/index.html.fr
share/httpd/manual/platform/index.html.ko.euc-kr
-share/httpd/manual/platform/index.html.zh-cn
+share/httpd/manual/platform/index.html.zh-cn.utf8
share/httpd/manual/platform/netware.html
share/httpd/manual/platform/netware.html.en
share/httpd/manual/platform/netware.html.fr
@@ -1674,7 +1675,7 @@ share/httpd/manual/programs/index.html.es
share/httpd/manual/programs/index.html.fr
share/httpd/manual/programs/index.html.ko.euc-kr
share/httpd/manual/programs/index.html.tr.utf8
-share/httpd/manual/programs/index.html.zh-cn
+share/httpd/manual/programs/index.html.zh-cn.utf8
share/httpd/manual/programs/log_server_status.html
share/httpd/manual/programs/log_server_status.html.en
share/httpd/manual/programs/logresolve.html
@@ -1717,7 +1718,7 @@ share/httpd/manual/rewrite/index.html
share/httpd/manual/rewrite/index.html.en
share/httpd/manual/rewrite/index.html.fr
share/httpd/manual/rewrite/index.html.tr.utf8
-share/httpd/manual/rewrite/index.html.zh-cn
+share/httpd/manual/rewrite/index.html.zh-cn.utf8
share/httpd/manual/rewrite/intro.html
share/httpd/manual/rewrite/intro.html.en
share/httpd/manual/rewrite/intro.html.fr
@@ -1756,7 +1757,7 @@ share/httpd/manual/sitemap.html.fr
share/httpd/manual/sitemap.html.ja.utf8
share/httpd/manual/sitemap.html.ko.euc-kr
share/httpd/manual/sitemap.html.tr.utf8
-share/httpd/manual/sitemap.html.zh-cn
+share/httpd/manual/sitemap.html.zh-cn.utf8
share/httpd/manual/socache.html
share/httpd/manual/socache.html.en
share/httpd/manual/socache.html.fr
@@ -1765,7 +1766,7 @@ share/httpd/manual/ssl/index.html.en
share/httpd/manual/ssl/index.html.fr
share/httpd/manual/ssl/index.html.ja.utf8
share/httpd/manual/ssl/index.html.tr.utf8
-share/httpd/manual/ssl/index.html.zh-cn
+share/httpd/manual/ssl/index.html.zh-cn.utf8
share/httpd/manual/ssl/ssl_compat.html
share/httpd/manual/ssl/ssl_compat.html.en
share/httpd/manual/ssl/ssl_compat.html.fr
@@ -1801,7 +1802,9 @@ share/httpd/manual/style/lang.dtd
share/httpd/manual/style/latex/atbeginend.sty
share/httpd/manual/style/manualpage.dtd
share/httpd/manual/style/modulesynopsis.dtd
+share/httpd/manual/style/scripts/MINIFY
share/httpd/manual/style/scripts/prettify.js
+share/httpd/manual/style/scripts/prettify.min.js
share/httpd/manual/style/sitemap.dtd
share/httpd/manual/style/version.ent
share/httpd/manual/suexec.html
@@ -1843,7 +1846,7 @@ share/httpd/manual/vhosts/index.html.fr
share/httpd/manual/vhosts/index.html.ja.utf8
share/httpd/manual/vhosts/index.html.ko.euc-kr
share/httpd/manual/vhosts/index.html.tr.utf8
-share/httpd/manual/vhosts/index.html.zh-cn
+share/httpd/manual/vhosts/index.html.zh-cn.utf8
share/httpd/manual/vhosts/ip-based.html
share/httpd/manual/vhosts/ip-based.html.en
share/httpd/manual/vhosts/ip-based.html.fr
diff --git a/www/apache24/distinfo b/www/apache24/distinfo
index f7aabfb11ce..cbdf153b1cd 100644
--- a/www/apache24/distinfo
+++ b/www/apache24/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.11 2013/12/01 10:02:34 ryoon Exp $
+$NetBSD: distinfo,v 1.11.2.1 2014/03/21 08:02:35 spz Exp $
-SHA1 (httpd-2.4.7.tar.bz2) = 19ed9ee56462e44d61a093ea57e964cf0af05c0e
-RMD160 (httpd-2.4.7.tar.bz2) = b51a895f0fda53e72f860911b81974422bc34ecc
-Size (httpd-2.4.7.tar.bz2) = 5004719 bytes
+SHA1 (httpd-2.4.9.tar.bz2) = 646aedbf59519e914c424b3a85d846bf189be3f4
+RMD160 (httpd-2.4.9.tar.bz2) = 2d8095d7ce9298d813aed849cc1cb3272a4acb5a
+Size (httpd-2.4.9.tar.bz2) = 4994460 bytes
SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839
SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d