./www/apache24, Apache HTTP (Web) server, version 2.4

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.27nb2, Package name: apache-2.4.27nb2, Maintainer: ryoon

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.

This package tracks 2.4.x release.


Required to run:
[devel/apr] [devel/apr-util] [devel/pcre] [devel/readline] [www/nghttp2]

Required to build:
[pkgtools/cwrappers]

Package options: apache-mpm-event, apache-mpm-prefork, apache-mpm-worker, http2

Master sites: (Expand)

SHA1: 699e4e917e8fb5fd7d0ce7e009f8256ed02ec6fc
RMD160: 46f601f58de77eb11fa4c7ea35fa0858d2f4d289
Filesize: 6374.408 KB

Version history: (Expand)


CVS history: (Expand)


   2017-09-18 15:34:51 by Thomas Klausner | Files touched by this commit (2)
Log message:
Fix URL in comment.
   2017-09-18 15:24:05 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
apache24: fix "Optionsbleed" security bug

See \ 
https://blog.fuzzing-project.org/60-Opt … emory.html

Bump PKGREVISION.
   2017-08-24 22:03:43 by Adam Ciarcinski | Files touched by this commit (621) | Package updated
Log message:
Revbump for boost update
   2017-07-12 09:01:34 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
Changes with Apache 2.4.27

  *) COMPATIBILITY: mod_lua: Remove the undocumented exported 'apr_table'
     global variable when using Lua 5.2 or later. This was exported as a
     side effect from luaL_register, which is no longer supported as of
     Lua 5.2 which deprecates pollution of the global namespace.

  *) COMPATIBILITY: mod_http2: Disable and give warning when using Prefork.
     The server will continue to run, but HTTP/2 will no longer be negotiated.

  *) COMPATIBILITY: mod_proxy_fcgi: Revert to 2.4.20 FCGI behavior for the
     default ProxyFCGIBackendType, fixing a regression with PHP-FPM.

  *) mod_lua: Improve compatibility with Lua 5.1, 5.2 and 5.3.

  *) mod_http2: Simplify ready queue, less memory and better performance. Update
     mod_http2 version to 1.10.7.

  *) Allow single-char field names inadvertently disallowed in 2.4.25.

  *) htpasswd / htdigest: Do not apply the strict permissions of the temporary
     passwd file to a possibly existing passwd file.

  *) core: Avoid duplicate HEAD in Allow header.
     This is a regression in 2.4.24 (unreleased), 2.4.25 and 2.4.26.
   2017-06-19 22:01:10 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes with Apache 2.4.26

  *) HTTP/2 support no longer tagged as "experimental" but is instead \ 
considered
     fully production ready.

  *) mod_http2: Fix for possible CPU busy loop introduced in v1.10.3 where a \ 
stream may keep
     the session in continuous check for state changes that never happen.

  *) mod_mime: Fix error checking for quoted pairs.

  *) mod_proxy_wstunnel: Add "upgrade" parameter to allow upgrade to other
     protocols.

  *) MPMs unix: Place signals handlers and helpers out of DSOs to avoid
     a possible crash if a signal is caught during (graceful) restart.

  *) core: Deprecate ap_get_basic_auth_pw() and add
     ap_get_basic_auth_components().

  *) mod_rewrite: When a substitution is a fully qualified URL, and the
     scheme/host/port matches the current virtual host, stop interpreting the
     path component as a local path just because the first component of the
     path exists in the filesystem.  Adds RewriteOption \ 
"LegacyPrefixDocRoot"
     to revert to previous behavior.

  *) core: ap_parse_form_data() URL-decoding doesn't work on EBCDIC
     platforms.

  *) ab: enable option processing for setting a custom HTTP method also for
     non-SSL builds.

  *) core: EBCDIC fixes for interim responses with additional headers.

  *) mod_ssl: Consistently pass the expected bio_filter_in_ctx_t
     to ssl_io_filter_error().

  *) mod_env: when processing a 'SetEnv' directive, warn if the environment
     variable name includes a '='. It is likely a configuration error.

  *) Evaluate nested If/ElseIf/Else configuration blocks.

  *) mod_rewrite: Add 'BNP' (backreferences-no-plus) flag to RewriteRule to
     allow spaces in backreferences to be encoded as %20 instead of '+'.

  *) mod_rewrite: Add the possibility to limit the escaping to specific
     characters in backreferences by listing them in the B flag.

  *) mod_substitute: Fix spurious AH01328 (Line too long) errors on EBCDIC
     systems.

  *) mod_http2: fail requests without ERROR log in case we need to read interim
     responses and see only garbage. This can happen if proxied servers send
     data where none should be, e.g. a body for a HEAD request.

more...
   2017-05-25 15:38:42 by Jonathan Perkin | Files touched by this commit (1)
Log message:
Fix compiler flags for GCC 7 and newer on SunOS.
   2017-04-30 03:22:04 by Ryo ONODERA | Files touched by this commit (612) | Package updated
Log message:
Recursive revbump from boost update
   2017-04-14 20:18:24 by Adam Ciarcinski | Files touched by this commit (1)
Log message:
Removed these two substituions:
SUBST_SED.confs+=	-e "s|logs/|${VARBASE}/log/httpd/|g"
SUBST_SED.confs+=	-e 's|/var/log/httpd/foo\.log|logs/foo.log/|g'
The first one only applied to an instrucion in the comment at the top of
the configuration file and made it meaningless.
The second one has been useless.