<feed xmlns='http://www.w3.org/2005/Atom'>
<title>pkgsrc/www/apache/Makefile, branch pkgsrc_2008Q2</title>
<subtitle>[no description]</subtitle>
<id>https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q2</id>
<link rel='self' href='https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q2'/>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/'/>
<updated>2008-02-23T05:26:01Z</updated>
<entry>
<title>Add DESTDIR support.</title>
<updated>2008-02-23T05:26:01Z</updated>
<author>
<name>obache</name>
<email>obache</email>
</author>
<published>2008-02-23T05:26:01Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=159560d80e1fa5794ccf7b9644ad38642a485564'/>
<id>urn:sha1:159560d80e1fa5794ccf7b9644ad38642a485564</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Update apache to 1.3.41.</title>
<updated>2008-02-23T05:16:33Z</updated>
<author>
<name>obache</name>
<email>obache</email>
</author>
<published>2008-02-23T05:16:33Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=7828a6f31f52da89af1238288b9b0b0c8b1a5f41'/>
<id>urn:sha1:7828a6f31f52da89af1238288b9b0b0c8b1a5f41</id>
<content type='text'>
Changes with Apache 1.3.41

  *) SECURITY: CVE-2007-6388 (cve.mitre.org)
     mod_status: Ensure refresh parameter is numeric to prevent
     a possible XSS attack caused by redirecting to other URLs.
     Reported by SecurityReason.  [Mark Cox]

Changes with Apache 1.3.40 (not released)

  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
     mod_imap: Fix cross-site scripting issue.  Reported by JPCERT.
     [Joe Orton]

  *) SECURITY: CVE-2007-3847 (cve.mitre.org)
     mod_proxy: Prevent reading past the end of a buffer when parsing
     date-related headers.  PR 41144.
     With Apache 1.3, the denial of service vulnerability applies only
     to the Windows and NetWare platforms.
     [Jeff Trawick]

  *) More efficient implementation of the CVE-2007-3304 PID table
     patch. This fixes issues with excessive memory usage by the
     parent process if long-running and with a high number of child
     process forks during that timeframe. Also fixes bogus "Bad pid"
     errors. [Jim Jagielski, Jeff Trawick]

Changes with Apache 1.3.39

  *) SECURITY: CVE-2006-5752 (cve.mitre.org)
     mod_status: Fix a possible XSS attack against a site with a public
     server-status page and ExtendedStatus enabled, for browsers which
     perform charset "detection".  Reported by Stefan Esser.  [Joe Orton]

  *) SECURITY: CVE-2007-3304 (cve.mitre.org)
     Ensure that the parent process cannot be forced to kill non-child
     processes by checking scoreboard PID data with parent process
     privately stored PID data. [Jim Jagielski]

  *) mime.types: Many updates to sync with IANA registry and common
     unregistered types that the owners refuse to register.  Admins
     are encouraged to update their installed mime.types file.
     pr: 35550, 37798, 39317, 31483 [Roy T. Fielding]

There was no Apache 1.3.38
</content>
</entry>
<entry>
<title>Fix use of obsolete tail(1) syntax which coreutils 6.10 doesn't grok.</title>
<updated>2008-02-17T20:15:07Z</updated>
<author>
<name>tnn</name>
<email>tnn</email>
</author>
<published>2008-02-17T20:15:07Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=cf282fd724a01bd60f338b1ca47812aa41c2294a'/>
<id>urn:sha1:cf282fd724a01bd60f338b1ca47812aa41c2294a</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fix check interpreter warnings.</title>
<updated>2008-02-03T14:07:40Z</updated>
<author>
<name>tnn</name>
<email>tnn</email>
</author>
<published>2008-02-03T14:07:40Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=67a7925cf1f914d6175d3393215f17204e0351f0'/>
<id>urn:sha1:67a7925cf1f914d6175d3393215f17204e0351f0</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Honour PKGMANDIR.</title>
<updated>2008-02-03T13:24:22Z</updated>
<author>
<name>tnn</name>
<email>tnn</email>
</author>
<published>2008-02-03T13:24:22Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=dc9c50544b337831d5f80e7eb778f0ef7e0034c7'/>
<id>urn:sha1:dc9c50544b337831d5f80e7eb778f0ef7e0034c7</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Change a BUILD_DEFS and add some more.</title>
<updated>2008-01-20T04:06:03Z</updated>
<author>
<name>reed</name>
<email>reed</email>
</author>
<published>2008-01-20T04:06:03Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=aec3fddd1d98bafa2468a7f878a16146b1ac4b99'/>
<id>urn:sha1:aec3fddd1d98bafa2468a7f878a16146b1ac4b99</id>
<content type='text'>
(As discussed in September 2007 on tech-pkg.)
</content>
</entry>
<entry>
<title>Be sure we actually use the db stuff as set up by bdb.buildlink3.mk.</title>
<updated>2007-10-07T20:49:57Z</updated>
<author>
<name>dmcmahill</name>
<email>dmcmahill</email>
</author>
<published>2007-10-07T20:49:57Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=00bf85083768ab210d8f8f5db3d824f66f472683'/>
<id>urn:sha1:00bf85083768ab210d8f8f5db3d824f66f472683</id>
<content type='text'>
This fixes a long standing build failure on SunOS-5.9/sparc and does
not seem to break things on NetBSD.
</content>
</entry>
<entry>
<title>Make it easier to build and install packages "unprivileged", where</title>
<updated>2007-07-04T20:54:31Z</updated>
<author>
<name>jlam</name>
<email>jlam</email>
</author>
<published>2007-07-04T20:54:31Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=45233ac07a4c6f9e80f4f9350cbb54ee23d8bd54'/>
<id>urn:sha1:45233ac07a4c6f9e80f4f9350cbb54ee23d8bd54</id>
<content type='text'>
the owner of all installed files is a non-root user.  This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.

(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
    unprivileged.mk.  These two variables are lists of other bmake
    variables that define package-specific users and groups.  Packages
    that have user-settable variables for users and groups, e.g. apache
    and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
    etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
    so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
    and ${UNPRIVILEGED_GROUP}.

(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
</content>
</entry>
<entry>
<title>Fixing two possible security vulnerabilities:</title>
<updated>2007-06-28T00:38:00Z</updated>
<author>
<name>lkundrak</name>
<email>lkundrak</email>
</author>
<published>2007-06-28T00:38:00Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=9062e6bff2964bf33f5a72f5a632ba48b8992063'/>
<id>urn:sha1:9062e6bff2964bf33f5a72f5a632ba48b8992063</id>
<content type='text'>
CVE-2006-5752 XSS in mod_status with ExtendedStatus on
CVE-2007-3304 Remote DoS if MPM and mod_cache enabled
bumping PKGREVISION
</content>
</entry>
<entry>
<title>Fix perl interpreter path for libexec/cgi-bin/printenv.  Bump PKGREVISION for</title>
<updated>2007-01-23T15:45:43Z</updated>
<author>
<name>ghen</name>
<email>ghen</email>
</author>
<published>2007-01-23T15:45:43Z</published>
<link rel='alternate' type='text/html' href='https://git.osdyson.ru/mirror/pkgsrc/commit/?id=aee9ee5002bf7575264ba27628214eee04512a87'/>
<id>urn:sha1:aee9ee5002bf7575264ba27628214eee04512a87</id>
<content type='text'>
apache, apache2 and apache22.
</content>
</entry>
</feed>
