| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
--- from apache/Announcements
Apache 1.3.19 Major changes
The primary security fix is:
* The default installation could lead mod_negotiation and mod_dir or
mod_autoindex to display a directory listing instead of the
multiview'ed index.html.* files, if a very long path was created
artificially by using many slashes. Now 403 FORBIDDEN is returned.
The bug fixes are:
* The ServerRoot directive now removes trailing slashes.
* Restore functionality broken by the mod_rewrite security fix:
The mod_rewrite string arithmetic is corrected for rewrite map.
* Some possible segfault conditions have been fixed.
* Under certain circumstances, Apache did not supply the
right response headers when requiring authentication.
The main new features include:
* New configuration error reporting if the UserDir argument is set
to a relative path on Win32 or Netware [which do not support home
directories], or a relative path on any platform if that path
includes the '*' username substitution.
Selected new features that relate to Windows platforms:
* Apache on Win9x now ensures the service is stopped before removal.
* Test httpd.conf (-t) now holds the console open on "SYNTAX OK".
* Apache/Win32 no longer holds open the console on error unless
it was invoked from a shortcut with the -w option.
* mod_user was significantly refactored to assure that the UserDir
directive is parsed effectively the same across platforms, fixing
a UserDir bug introduced in 1.3.17 on the Win32 platform.
Selected new features relating to other platforms:
* Netware problems with file extension truncatation are resolved.
* Netware recognizes the SERVER/VOLUME:/PATH/FILE filename pattern.
* Netware mod_tls properly disables nagle for SSL connections,
and properly negotiates SSL based on the port.
* Startup and Shutdown issues were addressed on TPF.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pksrc/www/apache. see pkgsrc/www/apache changelog for full changelog.
|
|
when incoming IPv4 connections are captured by AF_INET6 socket (IPv4 mapped
address). not really matter for normal NetBSD installation.
I beileve IPv4 mapped address is very bad from security/access control POV.
really.
|
|
1.3.12 -> 1.3.14.
|
|
this file (and some others?) just as we do in PLIST...
|
|
how NetBSD's rc.d system interprets script names. Also add appropriate
REQUIRE and PROVIDE sections to allow direct use in NetBSD's rc.d system.
|
|
(URL parser makes mistake on certain pattern)
|
|
version numbers change, and it doesn't work correctly on a.out anyway.
Closes pkg/10309.
|
|
|
|
solves cross site scripting problem in 1.3.11 (www.apache.org)
|
|
one can now stop the daemon.
|
|
|
|
|
|
|
|
|
|
for changes between 1.3.9 to 1.3.11, please see commit logs for
pkgsrc/www/apache, or apache changelogs.
|
|
|
|
|
|
|
|
SSL is not supported here
|
|
settings at the command line.
|
|
PR: 8307
|
|
|
|
use latest IPv6 patch from ftp://ftp.kame.net/pub/kame/misc/.
fixes PR: 8307
|
|
displayed using the -B option to pkg_info(1).
Add USE_INET6 to BUILD_DEFS
|
|
displayed using the -B option to pkg_info(1).
|
|
This is provided as separate package because:
# This package does not compile in mod_ssl support hooks, as it conflicts
# with IPv6 enable patch.
# IPv6 enable patch conflicts with third-party modules anyway, due to
# sanity fixes in apache module API (for example, avoid u_long for IPv4 addrs)
|
|
to make a IPv6-ready version of apache package.
|
