diff options
| author | tron <tron> | 2002-10-06 12:49:59 +0000 |
|---|---|---|
| committer | tron <tron> | 2002-10-06 12:49:59 +0000 |
| commit | b08b7b8445194f546da758939f0e55669e430d7b (patch) | |
| tree | 638074527cd09e766f4edcf3630c5096dc42731b /www/apache6 | |
| parent | fae4f81a33611d70fd0d1cf94101320bf6f0f0ca (diff) | |
| download | pkgsrc-b08b7b8445194f546da758939f0e55669e430d7b.tar.gz | |
Update "apache6" package to version 1.3.27. This version fixes many bugs
discovered in version 1.3.26 including these security fixes:
- SECURITY: CAN-2002-0840 (cve.mitre.org)
Prevent a cross-site scripting vulnerability in the default
error page. The issue could only be exploited if the directive
UseCanonicalName is set to Off and a server is being run at
a domain that allows wildcard DNS. [Matthew Murphy]
- SECURITY CAN-2002-0843 (cve.mitre.org)
Fix some possible overflows in ab.c that could be exploited by
a malicious server. Reported by David Wagner. [Jim Jagielski]
- SECURITY CAN-2002-0839 (cve.mitre.org)
Add the new directive 'ShmemUIDisUser'. By default, Apache
will no longer set the uid/gid of SysV shared memory scoreboard
to User/Group, and it will therefore stay the uid/gid of
the parent Apache process. This is actually the way it should
be, however, some implementations may still require this, which
can be enabled by 'ShmemUIDisUser On'. Reported by iDefense.
[Jim Jagielski]
Diffstat (limited to 'www/apache6')
| -rw-r--r-- | www/apache6/Makefile | 10 | ||||
| -rw-r--r-- | www/apache6/PLIST | 9 | ||||
| -rw-r--r-- | www/apache6/distinfo | 6 |
3 files changed, 13 insertions, 12 deletions
diff --git a/www/apache6/Makefile b/www/apache6/Makefile index 0cca5db7635..439c4bc4e78 100644 --- a/www/apache6/Makefile +++ b/www/apache6/Makefile @@ -1,16 +1,14 @@ -# $NetBSD: Makefile,v 1.58 2002/09/26 01:50:23 grant Exp $ +# $NetBSD: Makefile,v 1.59 2002/10/06 12:49:59 tron Exp $ # # This package does not compile in mod_ssl support hooks, as it conflicts # with IPv6-enable patch. # # IPv6-enable patch conflicts with third-party modules anyway, due to # sanity fixes in apache module API (for example, avoid u_long for IPv4 addrs) -# DISTNAME= apache_${APACHE_VERSION} PKGNAME= apache6-${APACHE_VERSION} -APACHE_VERSION= 1.3.26 -PKGREVISION= 3 +APACHE_VERSION= 1.3.27 CATEGORIES= www MASTER_SITES= http://httpd.apache.org/dist/httpd/ \ http://www.apache.de/dist/httpd/ \ @@ -18,12 +16,12 @@ MASTER_SITES= http://httpd.apache.org/dist/httpd/ \ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \ sitedrivenby.gif -PATCH_SITES+= http://www.ipng.nl/ +PATCH_SITES+= ${MASTER_SITE_LOCAL} PATCHFILES+= ${IPV6_PATCH} IPV6_PATCH= apache-1.3.26-ipv6.diff.gz PATCH_DIST_STRIP= -p1 -MAINTAINER= itojun@netbsd.org +MAINTAINER= packages@netbsd.org HOMEPAGE= http://httpd.apache.org/ COMMENT= Apache HTTP (Web) server with IPv6 support diff --git a/www/apache6/PLIST b/www/apache6/PLIST index 117a2a3a31b..946dd3f2523 100644 --- a/www/apache6/PLIST +++ b/www/apache6/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.4 2002/08/25 21:51:58 jlam Exp $ +@comment $NetBSD: PLIST,v 1.5 2002/10/06 12:50:00 tron Exp $ bin/checkgid bin/dbmmanage bin/htdigest @@ -134,6 +134,7 @@ share/httpd/htdocs/manual/handler.html.en share/httpd/htdocs/manual/handler.html.html share/httpd/htdocs/manual/handler.html.ja.jis share/httpd/htdocs/manual/header.html +share/httpd/htdocs/manual/howto/htaccess.html share/httpd/htdocs/manual/howto/auth.html share/httpd/htdocs/manual/howto/cgi.html.en share/httpd/htdocs/manual/howto/cgi.html.html @@ -218,17 +219,19 @@ share/httpd/htdocs/manual/mod/index.html.en share/httpd/htdocs/manual/mod/index.html.fr share/httpd/htdocs/manual/mod/index.html.html share/httpd/htdocs/manual/mod/index.html.ja.jis +share/httpd/htdocs/manual/mod/mod_alias.html.en +share/httpd/htdocs/manual/mod/mod_alias.html.ja.jis +share/httpd/htdocs/manual/mod/mod_auth.html.en +share/httpd/htdocs/manual/mod/mod_auth.html.ja.jis share/httpd/htdocs/manual/mod/mod_access.html.en share/httpd/htdocs/manual/mod/mod_access.html.html share/httpd/htdocs/manual/mod/mod_access.html.ja.jis share/httpd/htdocs/manual/mod/mod_actions.html.en share/httpd/htdocs/manual/mod/mod_actions.html.html share/httpd/htdocs/manual/mod/mod_actions.html.ja.jis -share/httpd/htdocs/manual/mod/mod_alias.html share/httpd/htdocs/manual/mod/mod_asis.html.en share/httpd/htdocs/manual/mod/mod_asis.html.html share/httpd/htdocs/manual/mod/mod_asis.html.ja.jis -share/httpd/htdocs/manual/mod/mod_auth.html share/httpd/htdocs/manual/mod/mod_auth_anon.html share/httpd/htdocs/manual/mod/mod_auth_db.html share/httpd/htdocs/manual/mod/mod_auth_dbm.html diff --git a/www/apache6/distinfo b/www/apache6/distinfo index 13a09c62da5..fa1424e9ed3 100644 --- a/www/apache6/distinfo +++ b/www/apache6/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.13 2002/08/25 21:51:59 jlam Exp $ +$NetBSD: distinfo,v 1.14 2002/10/06 12:50:00 tron Exp $ -SHA1 (apache_1.3.26.tar.gz) = c8ab59541267c3e570592115b280e6cb2fb2b30f -Size (apache_1.3.26.tar.gz) = 2303147 bytes +SHA1 (apache_1.3.27.tar.gz) = 2e3a2c8acd546d84f0c4a42de2b1f69dca6828f8 +Size (apache_1.3.27.tar.gz) = 2306052 bytes SHA1 (sitedrivenby.gif) = 7671e9a8ec2cad3961b268befd33c0920e07c658 Size (sitedrivenby.gif) = 8519 bytes SHA1 (apache-1.3.26-ipv6.diff.gz) = 610bba0fd90b43834abab1f574ac4c6ebbce6989 |