diff options
| author | spz <spz@pkgsrc.org> | 2010-07-27 17:25:35 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2010-07-27 17:25:35 +0000 |
| commit | c07958800649b75ac06dc4c88e55ccda5b4951ab (patch) | |
| tree | 368b63cdca157d808bde1adc7d246ecd5d99c8ad /www | |
| parent | 5d3600fa0ac6746b62ded055752ea903a34162e3 (diff) | |
| download | pkgsrc-c07958800649b75ac06dc4c88e55ccda5b4951ab.tar.gz | |
Pullup ticket 3187 - requested by tron
security update
Revisions pulled up:
- pkgsrc/www/apache22/Makefile 1.61
- pkgsrc/www/apache22/distinfo 1.34
Files deleted:
pkgsrc/www/apache22/patches/patch-af
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Jul 26 21:38:52 UTC 2010
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Removed Files:
pkgsrc/www/apache22/patches: patch-af
Log Message:
Update "apache22" package to version 2.2.16. Changes since version 2.2.15:
- SECURITY: CVE-2010-1452 (cve.mitre.org)
mod_dav, mod_cache: Fix Handling of requests without a path segment.
PR: 49246 [Mark Drayton, Jeff Trawick]
- SECURITY: CVE-2010-2068 (cve.mitre.org)
mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection
for platforms Windows, Netware and OS2. PR: 49417. [Rainer Jung]
- core: Filter init functions are now run strictly once per request
before handler invocation. The init functions are no longer run
for connection filters. PR 49328. [Joe Orton]
- mod_filter: enable it to act on non-200 responses.
PR 48377 [Nick Kew]
- mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
title page only) when any mod_ldap directives were used in VirtualHost
context. [Eric Covener]
- mod_ssl: Fix segfault at startup if proxy client certs are shared
across multiple vhosts. PR 39915. [Joe Orton]
- mod_proxy_http: Log the port of the remote server in various messages.
PR 48812. [Igor Gali?? <i galic brainsware org>]
- apxs: Fix -A and -a options to ignore whitespace in httpd.conf
[Philip M. Gollucci]
- mod_dir: add FallbackResource directive, to enable admin to specify
an action to happen when a URL maps to no file, without resorting
to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
- mod_rewrite: Allow to set environment variables without explicitely
giving a value. [Rainer Jung]
To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.33 -r1.34 pkgsrc/www/apache22/distinfo
cvs rdiff -u -r1.3 -r0 pkgsrc/www/apache22/patches/patch-af
Diffstat (limited to 'www')
| -rw-r--r-- | www/apache22/Makefile | 5 | ||||
| -rw-r--r-- | www/apache22/distinfo | 9 | ||||
| -rw-r--r-- | www/apache22/patches/patch-af | 35 |
3 files changed, 6 insertions, 43 deletions
diff --git a/www/apache22/Makefile b/www/apache22/Makefile index 574bdbf65df..359f6fe8f49 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.59 2010/06/12 10:40:26 tron Exp $ +# $NetBSD: Makefile,v 1.59.2.1 2010/07/27 17:25:35 spz Exp $ -DISTNAME= httpd-2.2.15 -PKGREVISION= 3 +DISTNAME= httpd-2.2.16 PKGNAME= ${DISTNAME:S/httpd/apache/} CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ diff --git a/www/apache22/distinfo b/www/apache22/distinfo index 7477ee423d2..6d8348347af 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,14 +1,13 @@ -$NetBSD: distinfo,v 1.33 2010/06/12 10:40:26 tron Exp $ +$NetBSD: distinfo,v 1.33.2.1 2010/07/27 17:25:35 spz Exp $ -SHA1 (httpd-2.2.15.tar.bz2) = 5f0e973839ed2e38a4d03adba109ef5ce3381bc2 -RMD160 (httpd-2.2.15.tar.bz2) = e5c5da1fdf86a6b0501f6c8e97ccb1982e81cfdf -Size (httpd-2.2.15.tar.bz2) = 4959582 bytes +SHA1 (httpd-2.2.16.tar.bz2) = ef92f5b3124fe5e9ba6121ea7f4bab8c014068f9 +RMD160 (httpd-2.2.16.tar.bz2) = 2e6d7d1dae40905be7fdd793140f62cf58112095 +Size (httpd-2.2.16.tar.bz2) = 4775545 bytes SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7 SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 -SHA1 (patch-af) = c3051544406326297161f36ff3f499395630dc05 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 diff --git a/www/apache22/patches/patch-af b/www/apache22/patches/patch-af deleted file mode 100644 index 9c5efcc3ac1..00000000000 --- a/www/apache22/patches/patch-af +++ /dev/null @@ -1,35 +0,0 @@ -$NetBSD: patch-af,v 1.3 2010/06/12 10:40:26 tron Exp $ - -Patch to fix CVE-2010-2068, taken from here: - -http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch - ---- modules/proxy/mod_proxy_http.c.orig 2010-02-27 18:49:36.000000000 +0000 -+++ modules/proxy/mod_proxy_http.c 2010-06-12 11:33:45.000000000 +0100 -@@ -1401,7 +1401,7 @@ - ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r, - "proxy: error reading status line from remote " - "server %s", backend->hostname); -- if (rc == APR_TIMEUP) { -+ if (APR_STATUS_IS_TIMEUP(rc)) { - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, - "proxy: read timeout"); - } -@@ -1417,7 +1417,7 @@ - * we normally would handle timeouts - */ - if (r->proxyreq == PROXYREQ_REVERSE && c->keepalives && -- rc != APR_TIMEUP) { -+ !APR_STATUS_IS_TIMEUP(rc)) { - apr_bucket *eos; - - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, -@@ -1449,6 +1449,8 @@ - APR_BUCKET_INSERT_BEFORE(eos, e); - } - ap_pass_brigade(r->output_filters, bb); -+ /* Mark the backend connection for closing */ -+ backend->close = 1; - /* Need to return OK to avoid sending an error message */ - return OK; - } |