diff options
author | tron <tron> | 2012-02-01 19:53:21 +0000 |
---|---|---|
committer | tron <tron> | 2012-02-01 19:53:21 +0000 |
commit | 85d63ad4dc0f4ec2322269897e857930a8643f92 (patch) | |
tree | 6c47855451ee1a52edc43ab12c48fbb381758cb7 /www/apache22/PLIST | |
parent | c0fe22f7e60ec9c2c1acc8af4bb474f9c962ce5e (diff) | |
download | pkgsrc-85d63ad4dc0f4ec2322269897e857930a8643f92.tar.gz |
Update "apache" package to version 2.2.22. Changes since 2.2.21:
- SECURITY: CVE-2011-3368 (cve.mitre.org)
Reject requests where the request-URI does not match the HTTP
specification, preventing unexpected expansion of target URLs in
some reverse proxy configurations. [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org)
Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
is enabled, could allow local users to gain privileges via a .htaccess
file. [Stefan Fritsch, Greg Ames]
- SECURITY: CVE-2011-4317 (cve.mitre.org)
Resolve additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations.
[Joe Orton]
- SECURITY: CVE-2012-0021 (cve.mitre.org)
mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
string is in use and a client sends a nameless, valueless cookie, causing
a denial of service. The issue existed since version 2.2.17. Bug#52256.
[Rainer Canavan <rainer-apache 7val com>]
- SECURITY: CVE-2012-0031 (cve.mitre.org)
Fix scoreboard issue which could allow an unprivileged child process
could cause the parent to crash at shutdown rather than terminate
cleanly. [Joe Orton]
- SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
- mod_proxy_ajp: Try to prevent a single long request from marking a worker
in error. [Jean-Frederic Clere]
- config: Update the default mod_ssl configuration: Disable SSLv2, only
allow >= 128bit ciphers, add commented example for speed optimized cipher
list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand]
- core: Fix segfault in ap_send_interim_response(). Bug#52315.
[Stefan Fritsch]
- mod_log_config: Prevent segfault. Bug#50861. [Torsten Foertsch
<torsten.foertsch gmx.net>]
- mod_win32: Invert logic for env var UTF-8 fixing.
Now we exclude a list of vars which we know for sure they dont hold UTF-8
chars; all other vars will be fixed. This has the benefit that now also
all vars from 3rd-party modules will be fixed. Bug#13029 / 34985.
[Guenter Knauf]
- core: Fix hook sorting for Perl modules, a regression introduced in
2.2.21. Bug#45076. [Torsten Foertsch <torsten foertsch gmx net>]
- Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
A range of '0-' will now return 206 instead of 200. Bug#51878.
[Jim Jagielski]
- Example configuration: Fix entry for MaxRanges (use "unlimited" instead
of "0"). [Rainer Jung]
- mod_substitute: Fix buffer overrun. [Ruediger Pluem, Rainer Jung]
Please note that all the security fixes had been integrated into
"pkgsrc" as patches previously.
Diffstat (limited to 'www/apache22/PLIST')
-rw-r--r-- | www/apache22/PLIST | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/www/apache22/PLIST b/www/apache22/PLIST index aebfb147a12..75d4f406a2a 100644 --- a/www/apache22/PLIST +++ b/www/apache22/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.19 2011/05/12 06:50:44 tron Exp $ +@comment $NetBSD: PLIST,v 1.20 2012/02/01 19:53:21 tron Exp $ ${PLIST.suexec}sbin/suexec include/httpd/ap_compat.h include/httpd/ap_config.h @@ -127,16 +127,17 @@ ${PLIST.all-shared}lib/httpd/mod_version.so ${PLIST.all-shared}lib/httpd/mod_vhost_alias.so libexec/cgi-bin/printenv libexec/cgi-bin/test-cgi +man/man1/ab.1 +man/man1/apxs.1 man/man1/dbmmanage.1 man/man1/htdbm.1 man/man1/htdigest.1 man/man1/htpasswd.1 -man/man8/ab.8 +man/man1/httxt2dbm.1 +man/man1/logresolve.1 man/man8/apachectl.8 -man/man8/apxs.8 man/man8/htcacheclean.8 man/man8/httpd.8 -man/man8/logresolve.8 man/man8/rotatelogs.8 man/man8/suexec.8 sbin/ab @@ -618,6 +619,7 @@ share/httpd/manual/license.html share/httpd/manual/license.html.en share/httpd/manual/logs.html share/httpd/manual/logs.html.en +share/httpd/manual/logs.html.fr share/httpd/manual/logs.html.ja.utf8 share/httpd/manual/logs.html.ko.euc-kr share/httpd/manual/logs.html.tr.utf8 @@ -892,11 +894,14 @@ share/httpd/manual/mod/mod_proxy_connect.html.en share/httpd/manual/mod/mod_proxy_connect.html.ja.utf8 share/httpd/manual/mod/mod_proxy_ftp.html share/httpd/manual/mod/mod_proxy_ftp.html.en +share/httpd/manual/mod/mod_proxy_ftp.html.ja.utf8 share/httpd/manual/mod/mod_proxy_http.html share/httpd/manual/mod/mod_proxy_http.html.en share/httpd/manual/mod/mod_proxy_http.html.fr +share/httpd/manual/mod/mod_proxy_http.html.ja.utf8 share/httpd/manual/mod/mod_proxy_scgi.html share/httpd/manual/mod/mod_proxy_scgi.html.en +share/httpd/manual/mod/mod_proxy_scgi.html.ja.utf8 share/httpd/manual/mod/mod_reqtimeout.html share/httpd/manual/mod/mod_reqtimeout.html.en share/httpd/manual/mod/mod_rewrite.html @@ -1007,6 +1012,7 @@ share/httpd/manual/new_features_2_0.html.tr.utf8 share/httpd/manual/new_features_2_2.html share/httpd/manual/new_features_2_2.html.en share/httpd/manual/new_features_2_2.html.fr +share/httpd/manual/new_features_2_2.html.ja.utf8 share/httpd/manual/new_features_2_2.html.ko.euc-kr share/httpd/manual/new_features_2_2.html.pt-br share/httpd/manual/new_features_2_2.html.tr.utf8 @@ -1074,6 +1080,7 @@ share/httpd/manual/programs/httxt2dbm.html.tr.utf8 share/httpd/manual/programs/index.html share/httpd/manual/programs/index.html.en share/httpd/manual/programs/index.html.es +share/httpd/manual/programs/index.html.ja.utf8 share/httpd/manual/programs/index.html.ko.euc-kr share/httpd/manual/programs/index.html.ru.koi8-r share/httpd/manual/programs/index.html.tr.utf8 @@ -1190,6 +1197,7 @@ share/httpd/manual/upgrading.html share/httpd/manual/upgrading.html.de share/httpd/manual/upgrading.html.en share/httpd/manual/upgrading.html.fr +share/httpd/manual/upgrading.html.ja.utf8 share/httpd/manual/urlmapping.html share/httpd/manual/urlmapping.html.en share/httpd/manual/urlmapping.html.ja.utf8 |