./www/apache24, Apache HTTP (Web) server, version 2.4

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.9, Package name: apache-2.4.9, Maintainer: ryoon

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.

This package tracks 2.4.x release.


Required to run:
[devel/apr] [devel/apr-util] [devel/pcre]


Package options: apache-mpm-event, apache-mpm-prefork, apache-mpm-worker

Master sites: (Expand)

SHA1: 646aedbf59519e914c424b3a85d846bf189be3f4
RMD160: 2d8095d7ce9298d813aed849cc1cb3272a4acb5a
Filesize: 4877.402 KB

Version history: (Expand)


CVS history: (Expand)


   2014-03-18 21:09:08 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
Changes 2.4.9:
*) mod_ssl: Work around a bug in some older versions of OpenSSL that
   would cause a crash in SSL_get_certificate for servers where the
   certificate hadn't been sent.
*) mod_lua: Add a fixups hook that checks if the original request is intended
   for LuaMapHandler. This fixes a bug where FallbackResource invalidates the
   LuaMapHandler directive in certain cases by changing the URI before the map
   handler code executes

Changes 2.4.8:
*) SECURITY: CVE-2014-0098 (cve.mitre.org)
   Clean up cookie logging with fewer redundant string parsing passes.
   Log only cookies with a value assignment. Prevents segfaults when
   logging truncated cookies.
*) SECURITY: CVE-2013-6438 (cve.mitre.org)
   mod_dav: Keep track of length of cdata properly when removing
   leading spaces. Eliminates a potential denial of service from
   specifically crafted DAV WRITE requests
*) core: Support named groups and backreferences within the LocationMatch,
   DirectoryMatch, FilesMatch and ProxyMatch directives. (Requires
   non-ancient PCRE library)
*) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
   TE/CL conflicts.
*) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping
   execution when a handler is already set.
*) mod_ssl: Do not perform SNI / Host header comparison in case of a
   forward proxy request.
*) mod_ssl: Remove the hardcoded algorithm-type dependency for the
   SSLCertificateFile and SSLCertificateKeyFile directives, to enable
   future algorithm agility, and deprecate the SSLCertificateChainFile
   directive (obsoleted by SSLCertificateFile).
*) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore,
   and IgnoreInherit to allow RewriteRules to be pushed from parent scopes
   to child scopes without explicitly configuring each child scope.
*) prefork: Fix long delays when doing a graceful restart.
*) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
   5+ instead of just for FreeBSD 5.
*) mod_proxy_wstunnel: Avoid busy loop on client errors, drop message
   IDs 02445, 02446, and 02448 to TRACE1 from DEBUG.
*) mod_remoteip: Correct the trusted proxy match test.
*) mod_proxy_fcgi: Fix error message when an unexpected protocol version
   number is received from the application.
*) mod_remoteip: Use the correct IP addresses to populate the proxy_ips field.
*) mod_lua: Update r:setcookie() to accept a table of options and add domain,
   path and httponly to the list of options available to set.
*) mod_lua: Fix r:setcookie() to add, rather than replace,
   the Set-Cookie header.
*) mod_lua: Allow for database results to be returned as a hash with
   row-name/value pairs instead of just row-number/value.
*) mod_rewrite: Add %{CONN_REMOTE_ADDR} as the non-useragent counterpart to
   %{REMOTE_ADDR}.
*) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
   save the socket for reuse by the next worker as if it were an
   APR_SO_DISCONNECTED socket. Restores 2.2 behavior.
*) mod_dir: Don't search for a DirectoryIndex or DirectorySlash on a URL
   that was just rewritten by mod_rewrite.
*) mod_session: When we have a session we were unable to decode,
   behave as if there was no session at all.
*) mod_session: Fix problems interpreting the SessionInclude and
   SessionExclude configuration.
*) mod_authn_core: Allow <AuthnProviderAlias>'es to be seen from auth
   stanzas under virtual hosts.
*) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded
   30 seconds timeout.
*) mod_proxy: Added support for unix domain sockets as the
   backend server endpoint
*) build: only search for modules (config*.m4) in known subdirectories, see
   build/config-stubs.
*) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk.
*) mod_ssl: Add support for OpenSSL configuration commands by introducing
   the SSLOpenSSLConfCmd directive.
*) mod_proxy: Remove (never documented) <Proxy ~ wildcard-url> syntax which
   is equivalent to <ProxyMatch wildcard-url>.
*) mod_authz_user, mod_authz_host, mod_authz_groupfile, mod_authz_dbm,
   mod_authz_dbd, mod_authnz_ldap: Support the expression parser within the
   require directives.
*) mod_proxy_http: Core dumped under high load.
*) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
   previously limited to 64MB.
*) mod_lua: Use binary copy when dealing with uploads through r:parsebody()
   to prevent truncating files.
   2014-03-11 15:34:41 by Jonathan Perkin | Files touched by this commit (99)
Log message:
Import initial SMF support for individual packages.
   2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350)
Log message:
Remove example rc.d scripts from PLISTs.

These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
   2014-02-22 18:28:34 by Ryo ONODERA | Files touched by this commit (3)
Log message:
Enable MPMs select.
It is disabled by my misunderstanding.
The default binary is not changed.
   2014-02-13 08:56:36 by Matthias Scheler | Files touched by this commit (2)
Log message:
Remove support for pre-beta snapshot of OpenSSL 1.0.1.
   2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568)
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
   2013-12-12 13:24:48 by Jonathan Perkin | Files touched by this commit (3)
Log message:
When recursively chowning, ensure the -P flag is specified.  This is default
on BSD but not on strict POSIX implementations, leading to failures when
building as an unprivileged user in the presence of symlinks.

Fixes recent breakage on SunOS when the '-h' flag was removed for MirBSD.
   2013-12-03 22:18:36 by Benny Siegert | Files touched by this commit (3)
Log message:
Remove -h from the chown commands in post-install. The chown manpage (on
MirBSD) says: "The -R and -h options are mutually exclusive."