Navigation:
Browse pkgsrc
(this page)| 2004-10-02 17:37:57 by Jeremy C. Reed | Files touched by this commit (1) |
Log message: Sort include files in PLIST. This makes it easier when checking for PLIST changes when updating. No changes to PLIST entries. |
| 2004-09-28 19:59:55 by Eric Haszlakiewicz | Files touched by this commit (1) |
Log message: Not all ap-* packages are apache1. Some work for either apache so don't force a conflict. |
2004-09-24 00:51:52 by grant beattie | Files touched by this commit (1) |  |
Log message: update checksum for patch-ab (hi, reed!) |
| 2004-09-23 23:07:25 by Jeremy C. Reed | Files touched by this commit (2) |
Log message: Add patch for Apache security issue. 2.0.51 had a regression where the Satisfy directive could take effect for different directories (and could bypass some access control). This patch is direct from Apache. Also bumped the package revision. |
| 2004-09-20 19:19:34 by Adrian Portelli | Files touched by this commit (8) |
Log message: - Update apache to 2.0.51 - Remove patch-as and patch-ah as they are now outdated and included in the src - ok'ed snj@, wiz@ - Thanks to epg@ for final check This version of Apache is principally a bug fix release. Of particular note is that 2.0.51 addresses five security vulnerabilities: An input validation issue in IPv6 literal address parsing which can result in a negative length parameter being passed to memcpy. [CAN-2004-0786] A buffer overflow in configuration file parsing could allow a local user to gain the privileges of a httpd child if the server can be forced to parse a carefully crafted .htaccess file. [CAN-2004-0747] A segfault in mod_ssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. [CAN-2004-0751] A potential infinite loop in mod_ssl which could be triggered given particular timing of a connection abort. [CAN-2004-0748] A segfault in mod_dav_fs which can be remotely triggered by an indirect lock refresh request. [CAN-2004-0809] For further details, see http://www.apache.org/dist/httpd/Announcement2.html and http://apache.rmplc.co.uk/httpd/CHANGES_2.0. |
| 2004-09-07 21:43:03 by Adrian Portelli | Files touched by this commit (4) | |
Log message: Security update for apache2 with the changes backported from the Apache CVS tree. CAN-2004-0748 http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.124&r2=1.125 CAN-2004-0751 http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.125&r2=1.126 |
| 2004-07-17 02:18:31 by Juan Romero Pardines | Files touched by this commit (1) |
Log message: Enable OpenLDAP support if APR_USE_OPENLDAP == [Yy][Ee][Ss]. (ldap and auth_ldap modules). This closes PR pkg/26166. |
| 2004-07-15 06:38:17 by Adrian Portelli | Files touched by this commit (3) |
Log message: - Backout recent APACHE_DEFAULT_FILES build def as some ppl are having problems with it and it also looks like it might be breaking some apache related packages. |
| 2004-07-14 16:36:48 by Stoned Elipot | Files touched by this commit (1) |
Log message: Fix PLIST issue. As soon as PLIST_SRC is defined the "default" PLIST files are not added to PLIST_SRC. So 'PLIST' has to be explicitly listed in the APACHE_DEFAULT_FILES == "yes" case. |
| 2004-07-14 15:21:37 by Juan Romero Pardines | Files touched by this commit (1) |
Log message:
s,/var,${VARBASE},g
|
New packages: