Navigation:
Browse pkgsrc
(this page) 2017-04-30 03:22:04 by Ryo ONODERA | Files touched by this commit (612) |  |
Log message: Recursive revbump from boost update |
| 2017-04-14 20:18:24 by Adam Ciarcinski | Files touched by this commit (1) |
Log message:
Removed these two substituions:
SUBST_SED.confs+= -e "s|logs/|${VARBASE}/log/httpd/|g"
SUBST_SED.confs+= -e 's|/var/log/httpd/foo\.log|logs/foo.log/|g'
The first one only applied to an instrucion in the comment at the top of
the configuration file and made it meaningless.
The second one has been useless.
|
| 2017-01-28 05:57:57 by Ryo ONODERA | Files touched by this commit (2) |
Log message: Enable http2 option by default. Bump PKGREVISION Requestd by Jesus Cea on pkgsrc-users@NetBSD.org maling list. |
| 2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352) |
Log message: Convert all occurrences (353 by my count) of MASTER_SITES= site1 \ site2 style continuation lines to be simple repeated MASTER_SITES+= site1 MASTER_SITES+= site2 lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint accordingly. |
| 2017-01-01 17:06:40 by Adam Ciarcinski | Files touched by this commit (616) | |
Log message: Revbump after boost update |
| 2016-12-20 22:06:35 by Takahiro Kambe | Files touched by this commit (4) |
Log message:
Update apache24 to 2.4.25 (Apache HTTPD 2.4.25). 2.4.24 was not released.
This release fixes several security problems, some of them are already
handled in pkgsrc. Please refer CHANGES file in detail.
*) SECURITY: CVE-2016-8740 (cve.mitre.org)
mod_http2: Mitigate DoS memory exhaustion via endless
CONTINUATION frames.
[Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State
University, Stefan Eissing]
*) SECURITY: CVE-2016-5387 (cve.mitre.org)
core: Mitigate [f]cgi "httpoxy" issues.
[Dominic Scheirlinck <dominic vendhq.com>, Yann Ylavic]
*) SECURITY: CVE-2016-2161 (cve.mitre.org)
mod_auth_digest: Prevent segfaults during client entry allocation when
the shared memory space is exhausted.
[Maksim Malyutin <m.malyutin dsec.ru>, Eric Covener, Jacob Champion]
*) SECURITY: CVE-2016-0736 (cve.mitre.org)
mod_session_crypto: Authenticate the session data/cookie with a
MAC (SipHash) to prevent deciphering or tampering with a padding
oracle attack. [Yann Ylavic, Colm MacCarthaigh]
*) SECURITY: CVE-2016-8743 (cve.mitre.org)
Enforce HTTP request grammar corresponding to RFC7230 for request lines
and request headers, to prevent response splitting and cache pollution by
malicious clients or downstream proxies. [William Rowe, Stefan Fritsch]
|
| 2016-12-12 00:52:56 by Takahiro Kambe | Files touched by this commit (3) |
Log message: Add patch for CVE-2016-8740. Bump PKGREVISION. |
| 2016-10-07 20:26:14 by Adam Ciarcinski | Files touched by this commit (611) | |
Log message: Revbump post boost update |
| 2016-07-29 13:11:25 by Thomas Klausner | Files touched by this commit (3) |
Log message: Fix httpoxy vulnerability. Bump PKGREVISION. |
| 2016-07-09 08:39:18 by Thomas Klausner | Files touched by this commit (1068) |
Log message: Bump PKGREVISION for perl-5.24.0 for everything mentioning perl. |
New packages: