2006-01-21 14:02:21 by Matthias Scheler | Files touched by this commit (3) |
Log message:
Add fix for CVE-2005-3357 from Apache bug report 37791.
Bump package revision because of this fix.
|
2006-01-05 11:01:20 by Geert Hendrickx | Files touched by this commit (2) |
Log message:
Fix the default config and ServerRoot paths in apache and apache2 manpages,
as suggested by PR pkg/32300, bump PKGREVISION. Ok by tron, wiz.
|
2005-12-29 07:22:26 by Johnny C. Lam | Files touched by this commit (597) |
Log message:
Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
2005-12-15 12:29:00 by Matthias Scheler | Files touched by this commit (3) |
Log message:
Add fix for security vulnerability reported in CVE-2005-3352 taken from
Apache SVN repository. Bump package revision because of that.
|
2005-12-06 00:55:25 by Roland Illig | Files touched by this commit (413) |
Log message:
Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.
|
2005-12-05 21:51:20 by Roland Illig | Files touched by this commit (1432) |
Log message:
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
2005-10-23 22:14:43 by Johnny C. Lam | Files touched by this commit (2) |
Log message:
Add missing manpage to PLIST. Bump PKGREVISION for binary package change.
|
2005-10-21 12:31:18 by Matthias Scheler | Files touched by this commit (1) |
Log message:
Require at least version 0.9.7.2.0.55 of the "apr" package because
Apache 2.0.55 won't work with older versions. Bump package revision
because of this dependence change.
This fixes PR pkg/31872 by Carl Brewer.
|
2005-10-17 12:37:11 by Matthias Scheler | Files touched by this commit (8) |
Log message:
Update "apache2" package to version 2.0.54. Changes since version 2.0.55:
- worker MPM: Fix a memory leak which can occur after an aborted
connection in some limited circumstances. [Greg Ames]
- mod_ldap: Fix Bug 36563. Keep track of the number of attributes
retrieved from LDAP so that all of the values can be properly
cached even if the value is NULL.
[Brad Nicholes, Ondrej Sury <ondrej sury.org>]
- Added TraceEnable [on|off|extended] per-server directive to alter
the behavior of the TRACE method. This addresses a flaw in proxy
conformance to RFC 2616 - previously the proxy server would accept
a TRACE request body although the RFC prohibited it. The default
remains 'TraceEnable on'. [William Rowe]
- Add ap_log_cerror() for logging messages associated with particular
client connections. [Jeff Trawick]
- Correct mod_cgid's argv[0] so that the full path can be delved by the
invoked cgi application, to conform to the behavior of mod_cgi.
[Pradeep Kumar S <pradeep.smani gmail.com>]
- mod_include: Fix possible environment variable corruption when
using nested includes. Bug 12655. [Joe Orton]
- Support the suppress-error-charset setting, as with Apache 1.3.x.
Bug 31274. [Jeff Trawick]
- EBCDIC: Handle chunked input from client or, with proxy, origin
server. [Jeff Trawick]
- Fix bad globbing comparison which could result in getting
a directory listing when a file was requested. Bug 34512.
[sean <infamous41md hotmail.com>]
- Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker()
was called even if mod_auth_ldap_check_user_id() was not
(or if it didn't succeed) for non-authoritative cases.
[Jim Jagielski]
- mod_proxy: Fix over-eager handling of '%' for reverse proxies.
Bug 15207. [Jim Jagielski]
- mod_ldap: Fix various shared memory cache handling bugs.
Bug 34209. [Joe Orton]
- Fix a file descriptor leak when starting piped loggers. Bug 33748.
[Joe Orton]
- mod_ldap: Avoid segfaults when opening connections if using a version
of OpenLDAP older than 2.2.21. Bug 34618. [Brad Nicholes]
- mod_ssl: Fix build with OpenSSL 0.9.8. Bug 35757. [William Rowe]
- proxy HTTP: If a response contains both Transfer-Encoding and a
Content-Length, remove the Content-Length and don't reuse the
connection, mitigating some HTTP Response Splitting attacks.
[Jeff Trawick]
- Prevent hangs of child processes when writing to piped loggers at
the time of graceful restart. Bug 26467. [Jeff Trawick]
- SECURITY: CAN-2005-1268 (cve.mitre.org)
mod_ssl: Fix off-by-one overflow whilst printing CRL information
at "LogLevel debug" which could be triggered if configured
to use a "malicious" CRL. Bug 35081. [Marc Stern <mstern \
csc.com>]
- mod_userdir: Fix possible memory corruption issue. Bug 34588.
[David Leonard <dleonard vintela.com>]
- worker mpm: don't take down the whole server for a transient
thread creation failure. Bug 34514 [Greg Ames]
- mod_rewrite: use buffered I/O to improve performance with large
RewriteMap txt: files. [Greg Ames]
- proxy HTTP: Rework the handling of request bodies to handle
chunked input and input filters which modify content length, and
avoid spooling arbitrary-sized request bodies in memory.
Bug 15859. [Jeff Trawick]
Patches supplied by Ben Collver. Addresses PR pkg/31817 by Zafer Aydogan.
|
2005-10-17 12:28:46 by Matthias Scheler | Files touched by this commit (4) |
Log message:
Update "apr" package to version 0.9.7. Changes since version 0.9.6:
- Fix crash in apr_dir_make_recursive() for relative path
when the working directory has been deleted. [Joe Orton]
- Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT,
returning APR_EBUSY. [Ronen Mizrahi <ronen@tversity.com>]
- Fix apr_file_read() to catch write failures when flushing pending
writes for a buffered file. [Joe Orton]
- Fix apr_file_write() infinite loop on write failure for buffered
files. [Erik Huelsmann <ehuels gmail.com>]
- Fix error handling where apr_uid_* and apr_gid_* could segfault
or return APR_SUCCESS in failure cases. PR 34053. [Joe Orton,
Paul Querna]
- Refactor Win32 condition variables code to address bugs 27654, 34336.
[Henry Jen <henryjen ztune.net>, E Holyat <eholyat yahoo.com>]
- Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows. PR 32177.
[Sim <sgobbi datamanagement.it>, Jeff Trawick]
- Fix detection of rwlocks on Mac OS X. [Aaron Bannert]
- Fix issue with poll() followed by net I/O yielding EAGAIN on
Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez]
Update based on patches supplied by Ben Collver. Addresses first part
of PR pkg/31817 by Zafer Aydogan.
|