diff options
| author | tron <tron@pkgsrc.org> | 2013-03-03 20:05:03 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2013-03-03 20:05:03 +0000 |
| commit | bd18add13699e4090c8435408f9b51ae0d1c3dfe (patch) | |
| tree | 38ff1039c4cbc081024c807cd9cbcc239a290e4c /www/apache22 | |
| parent | d820555e2cc690aa9a340852d1db0fe09fa00e6d (diff) | |
| download | pkgsrc-bd18add13699e4090c8435408f9b51ae0d1c3dfe.tar.gz | |
Update "apache" package to version 2.2.24. Changes since 2.2.23:
- SECURITY: CVE-2012-3499 (cve.mitre.org)
Various XSS flaws due to unescaped hostnames and URIs HTML output in
mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
[Jim Jagielski, Stefan Fritsch, Niels Heinen <heinenn google com>]
- SECURITY: CVE-2012-4558 (cve.mitre.org)
XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
Niels Heinen <heinenn google com>]
- mod_rewrite: Stop merging RewriteBase down to subdirectories
unless new option 'RewriteOptions MergeBase' is configured.
Merging RewriteBase was unconditionally turned on in 2.2.23.
Bug Report 53963. [Eric Covener]
- mod_ssl: Send the error message for speaking http to an https port using
HTTP/1.0 instead of HTTP/0.9, and omit the link that may be wrong when
using SNI. Bug Report 50823. [Stefan Fritsch]
- mod_ssl: log revoked certificates at level INFO
instead of DEBUG. Bug Report 52162. [Stefan Fritsch]
- mod_proxy_ajp: Support unknown HTTP methods. Bug Report 54416.
[Rainer Jung]
- mod_dir: Add support for the value 'disabled' in FallbackResource.
[Vincent Deffontaines]
- mod_ldap: Fix regression in handling "server unavailable" errors on
Windows. Bug Report 54140. [Eric Covener]
- mod_ssl: fix a regression with the string rendering of the "UID" RDN
introduced in 2.2.15. Bug Report 54510. [Kaspar Brand]
- ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output
to more accurately report the negotiated protocol. Bug Report 53916.
[Nicolás Pernas Maradei <nico emutex com>, Kaspar Brand]
- mod_cache: Explicitly allow cache implementations to cache a 206 Partial
Response if they so choose to do so. Previously an attempt to cache a 206
was arbitrarily allowed if the response contained an Expires or
Cache-Control header, and arbitrarily denied if both headers were missing.
Currently the disk and memory cache providers do not cache 206 Partial
Responses. [Graham Leggett]
- core: Remove unintentional APR dependency introduced with
Apache 2.2.22. [Eric Covener]
- core: Use a TLS 1.0 close_notify alert for internal dummy connection if
the chosen listener is configured for https. [Joe Orton]
- mod_ssl: Add new directive SSLCompression to disable TLS-level
compression. Bug Report 53219. [Björn Jacke <bjoern j3e de>, Stefan Fritsch]
Diffstat (limited to 'www/apache22')
| -rw-r--r-- | www/apache22/Makefile | 5 | ||||
| -rw-r--r-- | www/apache22/PLIST | 3 | ||||
| -rw-r--r-- | www/apache22/distinfo | 8 |
3 files changed, 8 insertions, 8 deletions
diff --git a/www/apache22/Makefile b/www/apache22/Makefile index 7fdce31dc24..750194cfb9f 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.86 2013/02/06 23:21:07 jperkin Exp $ +# $NetBSD: Makefile,v 1.87 2013/03/03 20:05:03 tron Exp $ -DISTNAME= httpd-2.2.23 +DISTNAME= httpd-2.2.24 PKGNAME= ${DISTNAME:S/httpd/apache/} -PKGREVISION= 4 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ http://archive.apache.org/dist/httpd/ \ diff --git a/www/apache22/PLIST b/www/apache22/PLIST index 3455ebdd64f..e5fed6f62e0 100644 --- a/www/apache22/PLIST +++ b/www/apache22/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.21 2012/09/16 03:33:10 taca Exp $ +@comment $NetBSD: PLIST,v 1.22 2013/03/03 20:05:03 tron Exp $ include/httpd/ap_compat.h include/httpd/ap_config.h include/httpd/ap_config_auto.h @@ -741,6 +741,7 @@ share/httpd/manual/mod/mod_authz_groupfile.html.ja.utf8 share/httpd/manual/mod/mod_authz_groupfile.html.ko.euc-kr share/httpd/manual/mod/mod_authz_host.html share/httpd/manual/mod/mod_authz_host.html.en +share/httpd/manual/mod/mod_authz_host.html.fr share/httpd/manual/mod/mod_authz_host.html.ja.utf8 share/httpd/manual/mod/mod_authz_host.html.ko.euc-kr share/httpd/manual/mod/mod_authz_owner.html diff --git a/www/apache22/distinfo b/www/apache22/distinfo index fb8044f1599..5f605d547a5 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.53 2012/12/23 21:32:42 spz Exp $ +$NetBSD: distinfo,v 1.54 2013/03/03 20:05:03 tron Exp $ -SHA1 (httpd-2.2.23.tar.bz2) = 2776145201068045d4ed83157a0e2e1c28c4c453 -RMD160 (httpd-2.2.23.tar.bz2) = 16b15876d8296a2733d4d28a8a78362d0677792d -Size (httpd-2.2.23.tar.bz2) = 5485205 bytes +SHA1 (httpd-2.2.24.tar.bz2) = f73bce14832ec40c1aae68f4f8c367cab2266241 +RMD160 (httpd-2.2.24.tar.bz2) = 4c31b23615236c407779a23cbfcc8e05ba011224 +Size (httpd-2.2.24.tar.bz2) = 5490439 bytes SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7 SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad |