Changes 2.4.9:

*) mod_ssl: Work around a bug in some older versions of OpenSSL that
   would cause a crash in SSL_get_certificate for servers where the
   certificate hadn't been sent.
*) mod_lua: Add a fixups hook that checks if the original request is intended
   for LuaMapHandler. This fixes a bug where FallbackResource invalidates the
   LuaMapHandler directive in certain cases by changing the URI before the map
   handler code executes

Changes 2.4.8:
*) SECURITY: CVE-2014-0098 (cve.mitre.org)
   Clean up cookie logging with fewer redundant string parsing passes.
   Log only cookies with a value assignment. Prevents segfaults when
   logging truncated cookies.
*) SECURITY: CVE-2013-6438 (cve.mitre.org)
   mod_dav: Keep track of length of cdata properly when removing
   leading spaces. Eliminates a potential denial of service from
   specifically crafted DAV WRITE requests
*) core: Support named groups and backreferences within the LocationMatch,
   DirectoryMatch, FilesMatch and ProxyMatch directives. (Requires
   non-ancient PCRE library)
*) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
   TE/CL conflicts.
*) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping
   execution when a handler is already set.
*) mod_ssl: Do not perform SNI / Host header comparison in case of a
   forward proxy request.
*) mod_ssl: Remove the hardcoded algorithm-type dependency for the
   SSLCertificateFile and SSLCertificateKeyFile directives, to enable
   future algorithm agility, and deprecate the SSLCertificateChainFile
   directive (obsoleted by SSLCertificateFile).
*) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore,
   and IgnoreInherit to allow RewriteRules to be pushed from parent scopes
   to child scopes without explicitly configuring each child scope.
*) prefork: Fix long delays when doing a graceful restart.
*) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
   5+ instead of just for FreeBSD 5.
*) mod_proxy_wstunnel: Avoid busy loop on client errors, drop message
   IDs 02445, 02446, and 02448 to TRACE1 from DEBUG.
*) mod_remoteip: Correct the trusted proxy match test.
*) mod_proxy_fcgi: Fix error message when an unexpected protocol version
   number is received from the application.
*) mod_remoteip: Use the correct IP addresses to populate the proxy_ips field.
*) mod_lua: Update r:setcookie() to accept a table of options and add domain,
   path and httponly to the list of options available to set.
*) mod_lua: Fix r:setcookie() to add, rather than replace,
   the Set-Cookie header.
*) mod_lua: Allow for database results to be returned as a hash with
   row-name/value pairs instead of just row-number/value.
*) mod_rewrite: Add %{CONN_REMOTE_ADDR} as the non-useragent counterpart to
   %{REMOTE_ADDR}.
*) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
   save the socket for reuse by the next worker as if it were an
   APR_SO_DISCONNECTED socket. Restores 2.2 behavior.
*) mod_dir: Don't search for a DirectoryIndex or DirectorySlash on a URL
   that was just rewritten by mod_rewrite.
*) mod_session: When we have a session we were unable to decode,
   behave as if there was no session at all.
*) mod_session: Fix problems interpreting the SessionInclude and
   SessionExclude configuration.
*) mod_authn_core: Allow <AuthnProviderAlias>'es to be seen from auth
   stanzas under virtual hosts.
*) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded
   30 seconds timeout.
*) mod_proxy: Added support for unix domain sockets as the
   backend server endpoint
*) build: only search for modules (config*.m4) in known subdirectories, see
   build/config-stubs.
*) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk.
*) mod_ssl: Add support for OpenSSL configuration commands by introducing
   the SSLOpenSSLConfCmd directive.
*) mod_proxy: Remove (never documented) <Proxy ~ wildcard-url> syntax which
   is equivalent to <ProxyMatch wildcard-url>.
*) mod_authz_user, mod_authz_host, mod_authz_groupfile, mod_authz_dbm,
   mod_authz_dbd, mod_authnz_ldap: Support the expression parser within the
   require directives.
*) mod_proxy_http: Core dumped under high load.
*) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
   previously limited to 64MB.
*) mod_lua: Use binary copy when dealing with uploads through r:parsebody()
   to prevent truncating files.

1 files changed, 4 insertions, 4 deletions

diff --git a/www/apache24/distinfo b/www/apache24/distinfo
index 632380949b4..44ce722de1e 100644
--- a/www/apache24/distinfo
+++ b/www/apache24/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.12 2014/02/13 07:56:36 tron Exp $
+$NetBSD: distinfo,v 1.13 2014/03/18 20:09:08 adam Exp $
 
-SHA1 (httpd-2.4.7.tar.bz2) = 19ed9ee56462e44d61a093ea57e964cf0af05c0e
-RMD160 (httpd-2.4.7.tar.bz2) = b51a895f0fda53e72f860911b81974422bc34ecc
-Size (httpd-2.4.7.tar.bz2) = 5004719 bytes
+SHA1 (httpd-2.4.9.tar.bz2) = 646aedbf59519e914c424b3a85d846bf189be3f4
+RMD160 (httpd-2.4.9.tar.bz2) = 2d8095d7ce9298d813aed849cc1cb3272a4acb5a
+Size (httpd-2.4.9.tar.bz2) = 4994460 bytes
 SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839
 SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
 SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d