Path to this page:
./
www/apache24,
Apache HTTP (Web) server, version 2.4
Branch: CURRENT,
Version: 2.4.46nb2,
Package name: apache-2.4.46nb2,
Maintainer: ryoonThe Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
This package tracks 2.4.x release.
Required to run:[
textproc/libxml2] [
security/openssl] [
devel/apr] [
devel/apr-util] [
devel/pcre] [
devel/readline] [
www/nghttp2] [
archivers/brotli]
Required to build:[
pkgtools/cwrappers]
Package options: apache-mpm-event, apache-mpm-prefork, apache-mpm-worker, brotli, http2, xml
Master sites: (Expand)
SHA1: 1b7cd10ff3a2a07a576d77e34f0204d95fa4aceb
RMD160: 8e5365222be2b53bed955f6f658fc4b6cc6c60a2
Filesize: 7019.341 KB
Version history: (Expand)
- (2020-11-05) Updated to version: apache-2.4.46nb2
- (2020-09-01) Updated to version: apache-2.4.46nb1
- (2020-08-09) Updated to version: apache-2.4.46
- (2020-06-23) Updated to version: apache-2.4.43nb4
- (2020-06-02) Updated to version: apache-2.4.43nb3
- (2020-05-06) Updated to version: apache-2.4.43nb2
CVS history: (Expand)
2020-11-05 10:09:30 by Ryo ONODERA | Files touched by this commit (1814) |
Log message:
*: Recursive revbump from textproc/icu-68.1
|
2020-08-31 20:13:29 by Thomas Klausner | Files touched by this commit (3631) |  |
Log message:
*: bump PKGREVISION for perl-5.32.
|
2020-08-09 17:01:55 by Takahiro Kambe | Files touched by this commit (2) |  |
Log message:
www/apache24: update to 2.4.46
Update apache24 to 2.4.46 (Apache HTTPD 2.4.46). It fixes several
security problems:
CVE-2020-9490: Push Diary Crash on Specifically Crafted HTTP/2 Header
CVE-2020-11984: mod_uwsgi buffer overlow
CVE-2020-11985: CWE-345: Insufficient verification of data authenticity
CVE-2020-11993: Push Diary Crash on Specifically Crafted HTTP/2 Header
pkgsrc changes: reduce warnings by SUBST_* processing.
Changes with Apache 2.4.46
*) mod_proxy_fcgi: Fix build warnings for Windows platform
[Eric Covener, Christophe Jaillet]
Changes with Apache 2.4.45
*) mod_http2: remove support for abandoned http-wg draft
<https://datatracker.ietf.org/doc/draft-kazuho-h2-cache-digest/>.
[Stefan Eissing]
Changes with Apache 2.4.44
*) mod_proxy_uwsgi: Error out on HTTP header larger than 16K (hard
protocol limit). [Yann Ylavic]
*) mod_http2:
Fixes <https://github.com/icing/mod_h2/issues/200>:
"LimitRequestFields 0" now disables the limit, as documented.
Fixes <https://github.com/icing/mod_h2/issues/201>:
Do not count repeated headers with same name against the field
count limit. The are merged internally, as if sent in a single HTTP/1 line.
[Stefan Eissing]
*) mod_http2: Avoid segfaults in case of handling certain responses for
already aborted connections. [Stefan Eissing, Ruediger Pluem]
*) mod_http2: The module now handles master/secondary connections and has marked
methods according to use. [Stefan Eissing]
*) core: Drop an invalid Last-Modified header value coming
from a FCGI/CGI script instead of replacing it with Unix epoch.
[Yann Ylavic, Luca Toscano]
*) Add support for strict content-length parsing through addition of
ap_parse_strict_length() [Yann Ylavic]
*) mod_proxy_fcgi: ProxyFCGISetEnvIf unsets variables when expression
evaluates to false. PR64365. [Michael König <mail ikoenig.net>]
*) mod_proxy_http: flush spooled request body in one go to avoid
leaking (or long lived) temporary file. PR 64452. [Yann Ylavic]
*) mod_ssl: Fix a race condition and possible crash when using a proxy client
certificate (SSLProxyMachineCertificateFile).
[Armin Abfalterer <a.abfalterer gmail.com>]
*) mod_ssl: Fix memory leak in stapling code. PR63687. [Stefan Eissing]
*) mod_http2: Fixed regression that no longer set H2_STREAM_ID and H2_STREAM_TAG.
PR64330 [Stefan Eissing]
*) mod_http2: Fixed regression that caused connections to close when mod_reqtimeout
was configured with a handshake timeout. Fixes gitub issue #196.
[Stefan Eissing]
*) mod_proxy_http2: the "ping" proxy parameter
(see <https://httpd.apache.org/docs/2.4/mod/mod_proxy.html>) is now used
when checking the liveliness of a new or reused h2 connection to the backend.
With short durations, this makes load-balancing more responsive. The module
will hold back requests until ping conditions are met, using features of the
HTTP/2 protocol alone. [Ruediger Pluem, Stefan Eissing]
*) core: httpd is no longer linked against -lsystemd if mod_systemd
is enabled (and built as a DSO). [Rainer Jung]
*) mod_proxy_http2: respect ProxyTimeout settings on backend connections
while waiting on incoming data. [Ruediger Pluem, Stefan Eissing]
|
2020-06-29 15:58:53 by Ryo ONODERA | Files touched by this commit (2) |
Log message:
apache24: Add mod_md option
* Suggested by Jesus Cea.
* mod_md is disabled by default.
|
2020-06-23 16:33:22 by Jason Bacon | Files touched by this commit (1) |
Log message:
www/apache24: Fix chmod in post-install for CentOS
On CentOS 7, the "who" in a symbolic mode does not default to \
"a" as on NetBSD
E.g. "chmod -x" does not behave the same as "chmod a-x".
|
2020-06-02 10:25:05 by Adam Ciarcinski | Files touched by this commit (1689) |
Log message:
Revbump for icu
|
2020-05-21 09:41:37 by Roland Illig | Files touched by this commit (2) |
Log message:
www/ap-auth-kerb: remove unknown configure option
This allows the package to be built with GNU_CONFIGURE_STRICT=yes.
Since other Apache modules may still need this option, use an opt-out
here.
|
2020-05-07 07:41:33 by Roland Illig | Files touched by this commit (2) |
Log message:
www/ap2-python: omit unknown configure option
This fixes the build with GNU_CONFIGURE_STRICT=yes.
|