Update "apache" package to version 2.2.22. Changes since 2.2.21:

- SECURITY: CVE-2011-3368 (cve.mitre.org)
  Reject requests where the request-URI does not match the HTTP
  specification, preventing unexpected expansion of target URLs in
  some reverse proxy configurations.  [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org)
  Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
  is enabled, could allow local users to gain privileges via a .htaccess
  file. [Stefan Fritsch, Greg Ames]
- SECURITY: CVE-2011-4317 (cve.mitre.org)
  Resolve additional cases of URL rewriting with ProxyPassMatch or
  RewriteRule, where particular request-URIs could result in undesired
  backend network exposure in some configurations.
  [Joe Orton]
- SECURITY: CVE-2012-0021 (cve.mitre.org)
  mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
  string is in use and a client sends a nameless, valueless cookie, causing
  a denial of service. The issue existed since version 2.2.17. Bug#52256.
  [Rainer Canavan <rainer-apache 7val com>]
- SECURITY: CVE-2012-0031 (cve.mitre.org)
  Fix scoreboard issue which could allow an unprivileged child process
  could cause the parent to crash at shutdown rather than terminate
  cleanly.  [Joe Orton]
- SECURITY: CVE-2012-0053 (cve.mitre.org)
  Fix an issue in error responses that could expose "httpOnly" cookies
  when no custom ErrorDocument is specified for status code 400.
  [Eric Covener]
- mod_proxy_ajp: Try to prevent a single long request from marking a worker
  in error. [Jean-Frederic Clere]
- config: Update the default mod_ssl configuration: Disable SSLv2, only
  allow >= 128bit ciphers, add commented example for speed optimized cipher
  list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand]
- core: Fix segfault in ap_send_interim_response(). Bug#52315.
  [Stefan Fritsch]
- mod_log_config: Prevent segfault. Bug#50861. [Torsten Foertsch
  <torsten.foertsch gmx.net>]
- mod_win32: Invert logic for env var UTF-8 fixing.
  Now we exclude a list of vars which we know for sure they dont hold UTF-8
  chars; all other vars will be fixed. This has the benefit that now also
  all vars from 3rd-party modules will be fixed. Bug#13029 / 34985.
  [Guenter Knauf]
- core: Fix hook sorting for Perl modules, a regression introduced in
  2.2.21. Bug#45076. [Torsten Foertsch <torsten foertsch gmx net>]
- Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
  A range of '0-' will now return 206 instead of 200. Bug#51878.
  [Jim Jagielski]
- Example configuration: Fix entry for MaxRanges (use "unlimited" instead
  of "0").  [Rainer Jung]
- mod_substitute: Fix buffer overrun.  [Ruediger Pluem, Rainer Jung]

Please note that all the security fixes had been integrated into
"pkgsrc" as patches previously.

1 files changed, 12 insertions, 4 deletions

diff --git a/www/apache22/PLIST b/www/apache22/PLIST
index aebfb147a12..75d4f406a2a 100644
--- a/www/apache22/PLIST
+++ b/www/apache22/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.19 2011/05/12 06:50:44 tron Exp $
+@comment $NetBSD: PLIST,v 1.20 2012/02/01 19:53:21 tron Exp $
 ${PLIST.suexec}sbin/suexec
 include/httpd/ap_compat.h
 include/httpd/ap_config.h
@@ -127,16 +127,17 @@ ${PLIST.all-shared}lib/httpd/mod_version.so
 ${PLIST.all-shared}lib/httpd/mod_vhost_alias.so
 libexec/cgi-bin/printenv
 libexec/cgi-bin/test-cgi
+man/man1/ab.1
+man/man1/apxs.1
 man/man1/dbmmanage.1
 man/man1/htdbm.1
 man/man1/htdigest.1
 man/man1/htpasswd.1
-man/man8/ab.8
+man/man1/httxt2dbm.1
+man/man1/logresolve.1
 man/man8/apachectl.8
-man/man8/apxs.8
 man/man8/htcacheclean.8
 man/man8/httpd.8
-man/man8/logresolve.8
 man/man8/rotatelogs.8
 man/man8/suexec.8
 sbin/ab
@@ -618,6 +619,7 @@ share/httpd/manual/license.html
 share/httpd/manual/license.html.en
 share/httpd/manual/logs.html
 share/httpd/manual/logs.html.en
+share/httpd/manual/logs.html.fr
 share/httpd/manual/logs.html.ja.utf8
 share/httpd/manual/logs.html.ko.euc-kr
 share/httpd/manual/logs.html.tr.utf8
@@ -892,11 +894,14 @@ share/httpd/manual/mod/mod_proxy_connect.html.en
 share/httpd/manual/mod/mod_proxy_connect.html.ja.utf8
 share/httpd/manual/mod/mod_proxy_ftp.html
 share/httpd/manual/mod/mod_proxy_ftp.html.en
+share/httpd/manual/mod/mod_proxy_ftp.html.ja.utf8
 share/httpd/manual/mod/mod_proxy_http.html
 share/httpd/manual/mod/mod_proxy_http.html.en
 share/httpd/manual/mod/mod_proxy_http.html.fr
+share/httpd/manual/mod/mod_proxy_http.html.ja.utf8
 share/httpd/manual/mod/mod_proxy_scgi.html
 share/httpd/manual/mod/mod_proxy_scgi.html.en
+share/httpd/manual/mod/mod_proxy_scgi.html.ja.utf8
 share/httpd/manual/mod/mod_reqtimeout.html
 share/httpd/manual/mod/mod_reqtimeout.html.en
 share/httpd/manual/mod/mod_rewrite.html
@@ -1007,6 +1012,7 @@ share/httpd/manual/new_features_2_0.html.tr.utf8
 share/httpd/manual/new_features_2_2.html
 share/httpd/manual/new_features_2_2.html.en
 share/httpd/manual/new_features_2_2.html.fr
+share/httpd/manual/new_features_2_2.html.ja.utf8
 share/httpd/manual/new_features_2_2.html.ko.euc-kr
 share/httpd/manual/new_features_2_2.html.pt-br
 share/httpd/manual/new_features_2_2.html.tr.utf8
@@ -1074,6 +1080,7 @@ share/httpd/manual/programs/httxt2dbm.html.tr.utf8
 share/httpd/manual/programs/index.html
 share/httpd/manual/programs/index.html.en
 share/httpd/manual/programs/index.html.es
+share/httpd/manual/programs/index.html.ja.utf8
 share/httpd/manual/programs/index.html.ko.euc-kr
 share/httpd/manual/programs/index.html.ru.koi8-r
 share/httpd/manual/programs/index.html.tr.utf8
@@ -1190,6 +1197,7 @@ share/httpd/manual/upgrading.html
 share/httpd/manual/upgrading.html.de
 share/httpd/manual/upgrading.html.en
 share/httpd/manual/upgrading.html.fr
+share/httpd/manual/upgrading.html.ja.utf8
 share/httpd/manual/urlmapping.html
 share/httpd/manual/urlmapping.html.en
 share/httpd/manual/urlmapping.html.ja.utf8