Log message:
Changes with Apache 2.4.17

  *) mod_http2: added donated HTTP/2 implementation via core module. Similar
     configuration options to mod_ssl.

  *) mod_proxy: don't recyle backend announced "Connection: close" \ 
connections
     to avoid reusing it should the close be effective after some new request
     is ready to be sent.

  *) mod_substitute: Allow to configure the patterns merge order with the new
     SubstituteInheritBefore on|off directive.

  *) mod_proxy: Fix ProxySourceAddress binding failure with AH00938.

  *) mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3,
     and change the compiled-in default for SSL[Proxy]Protocol to "all \ 
-SSLv3",
     in accordance with RFC 7568.

  *) mod_ssl: append :!aNULL:!eNULL:!EXP to the cipher string settings,
     instead of prepending !aNULL:!eNULL:!EXP: (as was the case in 2.4.7
     and later). Enables support for configuring the SUITEB* cipher
     strings introduced in OpenSSL 1.0.2.

  *) mod_ssl: Add support for extracting the msUPN and dnsSRV forms
     of subjectAltName entries of type "otherName" into
     SSL_{CLIENT,SERVER}_SAN_OTHER_{msUPN,dnsSRV}_n environment
     variables.

  *) mod_logio: Fix logging of %^FB (time to first byte) on the first request on
     an SSL connection.

  *) mod_cache: r->err_headers_out is not merged into
     r->headers when mod_cache is enabled and the response
     is cached for the first time.

  *) mod_slotmem_shm: Fix slots/SHM files names on restart for systems that
     can't create new (clear) slots while previous children gracefully stopping
     still use the old ones (e.g. Windows, OS2). mod_proxy_balancer failed to
     restart whenever the number of configured balancers/members changed during
     restart.

  *) core/util_script: make REDIRECT_URL a full URL.

  *) MPMs: Support SO_REUSEPORT to create multiple duplicated listener
     records for scalability.

  *) mod_proxy: Fix a race condition that caused a failed worker to be retried
     before the retry period is over.

  *) mod_autoindex: Allow autoindexes when neither mod_dir nor mod_mime are
     loaded.

  *) mod_rewrite:  Allow cookies set by mod_rewrite to contain ':' by accepting
     ';' as an alternate separator.

  *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with
     apxs -q.

  *) mod_rewrite: Avoid a crash when lacking correct DB access permissions
     when using RewriteMap with MapType dbd or fastdbd.

  *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.

  *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how
     long to keep idle connections with the memcache server(s).
     Change default value from 600 usec (!) to 15 sec.

  *) mod_dir: Prevent the internal identifier "httpd/unix-directory" from
     appearing as a Content-Type response header when requests for a directory
     are rewritten by mod_rewrite.

Log message:
Add mod_session_crypto if apr-util is built with ssl.

Log message:
Update apache24 to 2.4.16 (Apache HTTP Server 2.4.16).

        Apache HTTP Server 2.4.16 Released

The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.16 of the Apache
HTTP Server ("Apache").  This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
recommended over all previous releases. This release of Apache is
principally a security, feature and bug fix release. NOTE: versions
2.4.13, 2.4.14 and 2.4.15 were not released.

CVE-2015-3183 (cve.mitre.org)
core: Fix chunk header parsing defect.
Remove apr_brigade_flatten(), buffering and duplicated code from
the HTTP_IN filter, parse chunks in a single pass with zero copy.
Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext
authorized characters.

CVE-2015-3185 (cve.mitre.org)
Replacement of ap_some_auth_required (unusable in Apache httpd 2.4)
with new ap_some_authn_required and ap_force_authn hook.

CVE-2015-0253 (cve.mitre.org)
core: Fix a crash with ErrorDocument 400 pointing to a local URL-path
with the INCLUDES filter active, introduced in 2.4.11. PR 57531.

CVE-2015-0228 (cve.mitre.org)
mod_lua: A maliciously crafted websockets PING after a script
calls r:wsupgrade() can cause a child process crash.

Also in this release are some exciting new features including:

*) Better default recommended SSLCipherSuite and SSLProxyCipherSuite
*) mod_proxy_scgi: ProxySCGIInternalRedirect now allows an alternate
response header to be used by the application
*) Event MPM improvements
*) Various mod_proxy_* improvements
*) mod_log_config: Add "%{UNIT}T" format to output request duration in
seconds, milliseconds or microseconds depending on UNIT ("s", \ 
"ms",
"us")

Log message:
Fix configure stage error when both of -apache-mpm-event and
-apache-mpm-worker is set.
And fix PLIST mismatch error.

Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Log message:
Add fix for CVE-2015-0253.

Bump PKGREVISION.

Log message:
Fix CVE-2015-0228 (lua module) with upstream patch.
lua module is not enabled by default.

Log message:
Changes 2.4.12:

* CVE-2014-3583 mod_proxy_fcgi: Fix a potential crash due to buffer over-read, \ 
with response headers' size above 8K.
* CVE-2014-3581 mod_cache: Avoid a crash when Content-Type has an empty value. \ 
PR 56924.
* CVE-2014-8109 mod_lua: Fix handling of the Require line when a \ 
LuaAuthzProvider is used in multiple Require directives with different \ 
arguments.
* CVE-2013-5704 core: HTTP trailers could be used to replace HTTP headers late \ 
during request processing, potentially undoing or otherwise confusing modules \ 
that examined or modified request headers earlier. Adds \ 
"MergeTrailers" directive to restore legacy behavior.

* Proxy FGI and websockets improvements
* Proxy capability via handler
* Finer control over scoping of RewriteRules
* Unix Domain Socket (UDS) support for mod_proxy backends.
* Support for larger shared memory sizes for mod_socache_shmcb
* mod_lua and mod_ssl enhancements
* Support named groups and backreferences within the LocationMatch, \ 
DirectoryMatch, FilesMatch and ProxyMatch directives.

Log message:
Add fix for CVE-2014-8109 taken for Apache SVN repository.

Log message:
Revbump after lang/lua51 update.