pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/www/apache24
From: Adam Ciarcinski
Date: 2018-10-24 12:08:00
Message id: 20181024100800.AEF64FBEE@cvs.NetBSD.org

Log Message:
apache24: updated to 2.4.37

Changes with Apache 2.4.37

  *) mod_ssl: Fix HTTP/2 failures when using OpenSSL 1.1.1.

  *) mod_ssl: Fix crash during SSL renegotiation with OptRenegotiate set,
     when client certificates are available from the original handshake
     but were originally not verified and should get verified now.
     This is a regression in 2.4.36 (unreleased).

  *) mod_ssl: Correctly merge configurations that have client certificates set
     by SSLProxyMachineCertificate{File|Path}.

Changes with Apache 2.4.36

  *) mod_brotli, mod_deflate: Restore the separate handling of 304 Not Modified
     responses. Regression introduced in 2.4.35.

  *) mod_proxy_scgi, mod_proxy_uwsgi: improve error handling when sending the
     body of the response.

  *) mod_http2: adding defensive code for stream EOS handling, in case the \ 
request handler
     missed to signal it the normal way (eos buckets).

  *) ab: Add client certificate support.

  *) ab: Disable printing temp key for OpenSSL before
     version 1.0.2. SSL_get_server_tmp_key is not available
     there.

  *) mod_ssl: Fix a regression that the configuration settings for verify mode
     and verify depth were taken from the frontend connection in case of
     connections by the proxy to the backend.

  *) MPMs: Initialize all runtime/asynchronous objects on a dedicated pool and
     before signals handling to avoid lifetime issues on restart or shutdown.

  *) mod_ssl: Add support for OpenSSL 1.1.1 and TLSv1.3.  TLSv1.3 has
     behavioural changes compared to v1.2 and earlier; client and
     configuration changes should be expected.  SSLCipherSuite is
     enhanced for TLSv1.3 ciphers, but applies at vhost level only.

  *) mod_auth_basic: Be less tolerant when parsing the credencial. Only spaces
     should be accepted after the authorization scheme. \t are also tolerated.

  *) mod_proxy_hcheck: Fix issues with interval determination.

  *) mod_proxy_hcheck: Fix issues with TCP health checks.

  *) mod_proxy_hcheck: take balancer's SSLProxy* directives into account.

  *) mod_status, mod_echo: Fix the display of client addresses.
    They were truncated to 31 characters which is not enough for IPv6 addresses.
    This is done by deprecating the use of the 'client' field and using
    the new 'client64' field in worker_score.

Files:

Revision	Action	file
1.74	modify	pkgsrc/www/apache24/Makefile
1.27	modify	pkgsrc/www/apache24/PLIST
1.38	modify	pkgsrc/www/apache24/distinfo