Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Major changes since 1.3.28:
Security vulnerabilities
* CAN-2003-0542 (cve.mitre.org)
Fix buffer overflows in mod_alias and mod_rewrite which occurred if
one configured a regular expression with more than 9 captures.
Bugs fixed
The following noteworthy bugs were found in Apache 1.3.28 (or earlier)
and have been fixed in Apache 1.3.29:
* Within ap_bclose(), ap_pclosesocket() is now called
* consistently
for sockets and ap_pclosef() for files. Also, closesocket()
is used consistenly to close socket fd's. The previous
confusion between socket and file fd's would cause problems
with some applications now that we proactively close fd's to
prevent leakage.
* Fixed mod_usertrack to not get false positive matches on the
user-tracking cookie's name.
* Prevent creation of subprocess Zombies when using CGI wrappers
such as suEXEC and cgiwrap.
|
|
Major changes since 2.8.15:
*) Upgraded to Apache 1.3.29
*) Avoid memory corruption in certificate handling caused by a heap
memory double-freeing situation.
*) Allow "HTTPS" variable to be passed through by suEXEC.
*) Clear the OpenSSL error code in pass phrase reading code to
workaround the following situation: multiple keys, all with
different passphrases -- entering the correct pass phrase at each
prompt leads to an OpenSSL error message after the last prompt.
*) Reverted the recent change where ap_cleanup_for_exec() called
ap_kill_alloc_shared(). This caused nasty side-effects in other
processes and is not necessary at all (because shared memory
segments are not inherited across exec).
*) mod_ssl was checking the OpenSSL error reason code against
SSL_R_HTTP_REQUEST and concluded the result is an SSL error. Since
OpenSSL reason codes are not unique, this isn't always the case.
It now additionally checks that the library is the SSL library.
|
|
Major changes since 1.3.28:
Security vulnerabilities
* CAN-2003-0542 (cve.mitre.org)
Fix buffer overflows in mod_alias and mod_rewrite which occurred if
one configured a regular expression with more than 9 captures.
Bugs fixed
The following noteworthy bugs were found in Apache 1.3.28 (or earlier)
and have been fixed in Apache 1.3.29:
* Within ap_bclose(), ap_pclosesocket() is now called
* consistently
for sockets and ap_pclosef() for files. Also, closesocket()
is used consistenly to close socket fd's. The previous
confusion between socket and file fd's would cause problems
with some applications now that we proactively close fd's to
prevent leakage.
* Fixed mod_usertrack to not get false positive matches on the
user-tracking cookie's name.
* Prevent creation of subprocess Zombies when using CGI wrappers
such as suEXEC and cgiwrap.
|
|
${PLUGIN_SOURCE}/rpnp.so, so MozillaFirebird can found the plugin. Bump PKGREVISION and closes PR pkg/23187
|
|
mod_rewrite and mod_alias, referenced CAN-2003-0542. Bump PKGREVISION.
|
|
|
|
unfortunately.
Tidy now comes with a (static) library, thus a buildlink2.mk file is now
provided.
There's no need to set PRESERVE_FILE_TIMES in CFLAGS anymore, thus
PR pkg/20489 is fixed.
|
|
Changes with Apache 2.0.48
*) SECURITY [CAN-2003-0789]: mod_cgid: Resolve some mishandling of
the AF_UNIX socket used to communicate with the cgid daemon and
the CGI script. [Jeff Trawick]
*) SECURITY [CAN-2003-0542]: Fix buffer overflows in mod_alias and
mod_rewrite which occurred if one configured a regular expression
with more than 9 captures. [André Malo]
*) mod_include: fix segfault which occured if the filename was not
set, for example, when processing some error conditions.
PR 23836. [Brian Akins <bakins@web.turner.com>, André Malo]
*) fix the config parser to support <Foo>..</Foo> containers (no
arguments in the opening tag) supported by httpd 1.3. Without
this change mod_perl 2.0's <Perl> sections are broken.
["Philippe M. Chiasson" <gozer@cpan.org>]
*) mod_cgid: fix a hash table corruption problem which could
result in the wrong script being cleaned up at the end of a
request. [Jeff Trawick]
*) Update httpd-*.conf to be clearer in describing the connection
between AddType and AddEncoding for defining the meaning of
compressed file extensions. [Roy Fielding]
*) mod_rewrite: Don't die silently when failing to open RewriteLogs.
PR 23416. [André Malo]
*) mod_rewrite: Fix mod_rewrite's support of the [P] option to send
rewritten request using "proxy:". The code was adding multiple "proxy:"
fields in the rewritten URI. PR: 13946.
[Eider Oliveira <eider@bol.com.br>]
*) cache_util: Fix ap_check_cache_freshness to check max_age, smax_age, and
expires as directed in RFC 2616. [Thomas Castelle tcastelle@generali.fr]
*) Ensure that ssl-std.conf is generated at configure time, and switch
to using the expanded config variables to work the same as
httpd-std.conf PR: 19611
[Thom May]
*) mod_ssl: Fix segfaults after renegotiation failure. PR 21370
[Hartmut Keil <Hartmut.Keil@adnovum.ch>]
*) mod_autoindex: If a directory contains a file listed in the
DirectoryIndex directive, the folder icon is no longer replaced
by the icon of that file. PR 9587.
[David Shane Holden <dpejesh@yahoo.com>]
*) Fixed mod_usertrack to not get false positive matches on the
user-tracking cookie's name. PR 16661.
[Manni Wood <manniwood@planet-save.com>]
*) mod_cache: Fix the cache code so that responses can be cached
if they have an Expires header but no Etag or Last-Modified
headers. PR 23130.
[bjorn@exoweb.net]
*) mod_log_config: Fix %b log format to write really "-" when 0 bytes
were sent (e.g. with 304 or 204 response codes). [Astrid Keßler]
*) Modify ap_get_client_block() to note if it has seen EOS.
[Justin Erenkrantz]
*) Fix a bug, where mod_deflate sometimes unconditionally compressed the
content if the Accept-Encoding header contained only other tokens than
"gzip" (such as "deflate"). PR 21523. [Joe Orton, André Malo]
*) Avoid an infinite recursion, which occured if the name of an included
config file or directory contained a wildcard character. PR 22194.
[André Malo]
*) mod_ssl: Fix a problem setting variables that represent the
client certificate chain. PR 21371 [Jeff Trawick]
*) Unix: Handle permissions settings for flock-based mutexes in
unixd_set_global|proc_mutex_perms(). Allow the functions to be
called for any type of mutex. PR 20312 [Jeff Trawick]
*) ab: Work over non-loopback on Unix again. PR 21495. [Jeff Trawick]
*) Fix a misleading message from the some of the threaded MPMs when
MaxClients has to be lowered due to the setting of ServerLimit.
[Jeff Trawick]
*) Lower the severity of the "listener thread didn't exit" message
to debug, as it is of interest only to developers. PR 9011
[Jeff Trawick]
*) MPMs: The bucket brigades subsystem now honors the MaxMemFree setting.
[Cliff Woolley, Jean-Jacques Clar]
*) Install config.nice into the build/ directory to make
minor version upgrades easier. [Joshua Slive]
*) Fix mod_deflate so that it does not call deflate() without checking
first whether it has something to deflate. (Currently this causes
deflate to generate a fatal error according to the zlib spec.)
PR 22259. [Stas Bekman]
*) mod_ssl: Fix FakeBasicAuth for subrequest. Log an error when an
identity spoof is encountered.
[Sander Striker]
*) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory
containing the .htaccess file is requested without a trailing slash.
PR 20195. [André Malo]
*) ab: Overlong credentials given via command line no longer clobber
the buffer. [André Malo]
*) mod_deflate: Don't attempt to hold all of the response until we're
done. [Justin Erenkrantz]
*) Assure that we block properly when reading input bodies with SSL.
PR 19242. [David Deaves <David.Deaves@dd.id.au>, William Rowe]
*) Update mime.types to include latest IANA and W3C types. [Roy Fielding]
*) mod_ext_filter: Set additional environment variables for use by
the external filter. PR 20944. [Andrew Ho, Jeff Trawick]
*) Fix buildconf errors when libtool version changes. [Jeff Trawick]
*) Remember an authenticated user during internal redirects if the
redirection target is not access protected and pass it
to scripts using the REDIRECT_REMOTE_USER environment variable.
PR 10678, 11602. [André Malo]
*) mod_include: Fix a trio of bugs that would cause various unusual
sequences of parsed bytes to omit portions of the output stream.
PR 21095. [Ron Park <ronald.park@cnet.com>, André Malo, Cliff Woolley]
*) Update the header token parsing code to allow LWS between the
token word and the ':' seperator. [PR 16520]
[Kris Verbeeck <kris.verbeeck@advalvas.be>, Nicel KM <mnicel@yahoo.com>]
*) Eliminate creation of a temporary table in ap_get_mime_headers_core()
[Joe Schaefer <joe+gmane@sunstarsys.com>]
*) Added FreeBSD directory layout. PR 21100.
[Sander Holthaus <info@orangexl.com>, André Malo]
*) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
response. PR 21085. [Glenn Nielsen <glenn@apache.org>, André Malo]
*) mod_rewrite: Perform child initialization on the rewrite log lock.
This fixes a log corruption issue when flock-based serialization
is used (e.g., FreeBSD). [Jeff Trawick]
*) Don't respect the Server header field as set by modules and CGIs.
As with 1.3, for proxy requests any such field is from the origin
server; otherwise it will have our server info as controlled by
the ServerTokens directive. [Jeff Trawick]
|
|
New in version 2.24:
* Added a bunch of MIME types.
* Fix minor problem with returning unknown protocol on some errors.
* Changed the config-file option for diabling symlink checking from "nosymlink" to "nosymlinkcheck" to make its function clearer.
* Allow blank lines in the config file.
* Handle more than one SIGHUP and SIGUSR2 (Cameron Gregory).
* Slight change to handle_newconnect() to better deal with unexpected errors from accept(), such as running out of file descriptors (Alex Keahan).
* Added optional minimum rate to throttles.
* Stats syslog messages downgraded from LOG_NOTICE to LOG_INFO.
* Use unsigned short consistently for port number.
* Prohibit slashes in the Host: header (Marcus Breiing).
* Added a -dd data_dir flag and corresponding config-file option.
* Got rid of the old timer-based zombie process reaper, replacing it with a SIGCHLD handler.
* Changed the idle connection checking from using a separate timer for each connection to using a single timer that checks all active connections.
* Correction to missing-slash directory redirect with query string.
* Added a watchdog alarm handler that forces a core dump if thttpd stops running its timers for too long.
* Don't send Content-Length header on 304 Not Modified responses.
* Allow user-agent log entries to be up to 200 characters long, instead only of 80.
* Fixed buffer overflow bug in defang().
* Re-arranged the order of calling de_dotdot() so that it doesn't get applied to query strings.
* Some fixes for the syslogtocern script (paul fox).
* Changed configure script to use "gcc -dumpversion" instead of "gcc --version" (Ed Goforth).
* Changed most uses of \r and \n to \015 and \012 (Jens Bauer).
* In ssi.c, lack of PATH_INFO is now non-fatal (David Phillips).
* Some improvements to fdwatch (David Burgess).
|
|
|
|
Changes are mainly rendering performance improvements, LOTS of
miscellaneous fixes, and various feature improvements.
For details, see:
http://www.opera.com/linux/changelogs/720b7/
http://www.opera.com/linux/changelogs/721/
|
|
phoenix-bin-realplayer. (Okay'd by grant.)
|
|
defined). Bump PKGREVISION to 2. From Ron Roskens in PR pkg/23189.
|
|
- s/LOCALBASE/PREFIX/
- s/X11BASE/X11PREFIX/
- install symlink for libgmodule
- depend on gtk
|
|
- s/LOCALBASE/PREFIX/
- s/X11BASE/X11PREFIX/
- install symlink for libgmodule
- depend on gtk
|
|
- s/LOCALBASE/PREFIX/
- s/X11BASE/X11PREFIX/
- install symlink for libgmodule
- depend on gtk
|
|
Changes since adzap-20030811:
* 2003-10-18
cameron:
scripts/squid_redirect: Turn off the 302: redirection mode. It crashed Andre Kajita's squid farm:-(
More research needed.
* 2003-10-13
cameron:
rc/patterns: greenpeace.org PRINT rule
www.sundayherald.com PRINT rule
* 2003-10-06
cameron:
scripts/squid_redirect: Add NOZAP class for the NOZAP rule.
rc/patterns: more generous miami.com PRINT rule
http://noads/ prefix bypass rule
rename NOADS to NOZAP and move the Nimda defense towards the bottom of the pattern space
adjust NOZAP prefix from http://noads/ to http://nozap/
turn NOZAP into a suffix
make NOZAP suffix a ? instead of a /
doh! push NOZAP to the front
.sears.com exception from Neal Macklin
* 2003-10-05
cameron:
rc/patterns: sltrib.com PRINT rule
* 2003-10-04
cameron:
rc/patterns: newsforge.com PRINT rule
allafrica.com PRINT rule
* 2003-10-01
cameron:
rc/patterns: broaden news.com.com PRINT rule
* 2003-09-30
cameron:
rc/patterns: wfmynews2.com PRINT rule
generalise .boston.com PRINT rule
* 2003-09-29
cameron:
rc/patterns: oreillynet.com PRINT rule
* 2003-09-22
cameron:
rc/patterns: .hitbox.com web bugs
siliconvalley.com PRINT rule
tweak zdnet.com.com PRINT rule
another canoe.ca ad pattern
* 2003-09-15
cameron:
rc/patterns: exception for www.supergo.com from Kath Knight
widen www.supergo.com exception
* 2003-09-14
cameron:
rc/patterns: exception for ibm.com/common/stats/stats.js
ads.i2as.ulimit.com popup
geocities ad prefix
another geocities ad js
* 2003-09-12
cameron:
rc/patterns: .targetnet.com popup
* 2003-09-05
cameron:
rc/patterns: another barnesandnoble.com popup
* 2003-09-04
cameron:
rc/patterns: turn osnews.com PRINT back on
disable osnews.com again
* 2003-09-03
cameron:
rc/patterns: wider news.com.com PRINT rule
tweak nytimes.com PRINT rule
disable nytimes.com - referred based?
informationweek.com PRINT rule
* 2003-09-01
cameron:
rc/patterns: exception for salon click-thru ad access reported by Neal Macklin
cache.ultramercial.com exception as part of salon.com fix
more ultramercial exception
further cache.ultramercial.com exception for cache.ultramercial.com salon clikcthru stuff
* 2003-08-31
cameron:
rc/patterns: technologyreview.com PRINT rule
widen technologyreview.com PRINT rule
* 2003-08-30
cameron:
rc/patterns: techcentralstation.com PRINT rule
* 2003-08-28
cameron:
rc/patterns: exception for http://psi.affinix.com/forums/html/emoticons/blink.gif from Lance Conry
* 2003-08-27
cameron:
rc/patterns: another zdnet.com.com PRINT rule
another sfgate.com PRINT rule
* 2003-08-26
cameron:
rc/patterns: dfw.com PRINT rule
orlando.bizjournals.com PRINT rule
nightscapecreations.com popups
* 2003-08-25
cameron:
rc/patterns: broaden .boston.com PRINT rule
tweak broader boston.com PRINT rule
* 2003-08-22
cameron:
rc/patterns: straitstimes.asia1.com.sg PRINT rule
another theglobeandmail.com PRINT rule
widen .adbureau.net ADJS pattern
newmediazero.com PRINT rule
* 2003-08-21
cameron:
rc/patterns: local6.com PRINT rule
improve local6.com PRINT rule
upi.com PRINT rule
bizreport.com PRINT rule
fix bizreport rule
another nytimes.com PRINT rule
xml.com PRINT rule
widen news.independent.co.uk PRINT rule - may break
another ad
* 2003-08-20
cameron:
rc/patterns: newsfactor.com PRINT rule
ad.openfind.com.tw AD
fpeng.peopledaily.com.cn PRINT rule
europemedia.net PRINT rule
voanews.com PRINT rule
washingtonpost.com PRINT rule
cbronline.com PRINT rule
* 2003-08-19
cameron:
rc/patterns: admech ad
.googlesyndication.com javascript
.googlesyndication.com ADHTML
focusin.ads.targetnet.com IFRAME
differentiate focusin.ads.targetnet.com HTML from IMGs
newsmax.com PRINT rule
docguide.com PRINT rule
popularmechanics.com PRINT rule
enterpriseitplanet.com PRINT rule
nzherald.co.nz PRINT rule
rockymountainnews.com PRINT rule
* 2003-08-18
cameron:
rc/patterns: ads.specificclick.com HTML
eweek.com/dropdown images
another .zdnet.com PRINT rule
* 2003-08-16
cameron:
rc/patterns: .realtracker.com/netpoll javascript
.realtracker.com ADHTML
another counter
another securityfocus.com PRINT rule
index.html: Add description of the everyupdate list to the updates webpage section.
* 2003-08-15
cameron:
rc/patterns: af.mil PRINT rule
aftenposten.no PRINT rule
* 2003-08-14
cameron:
rc/patterns: worldnetdaily.com PRINT rule
wasabisystems.com exception from Simon Burge
news.independent.co.uk PRINT rule
typo in news.independent.co.uk rule
ads.zedo.com/ads2 AD pattern
.zedo.com web bug behind AD
ADHTML web bug from ads.specificpop.com
.googlesyndication.com web bug
javascript ad code from .zedo.com
business.boston.com PRINT rule
vnunet.com PRINT rule
dailytimes.com.pk PRINT rule
* 2003-08-13
cameron:
rc/patterns: blink.gif exception for dpreview.com from Simon Burge
edinburghnews.com PRINT rule
eet.com PRINT rule
* 2003-08-12
cameron:
rc/patterns: tweak rss.com.com PRINT rule
zdnet.com.com PRINT rule
scotlandonsunday.com PRINT rule
chron.com PRINT rule
enn.com PRINT rule
gulfnews.com PRINT rule
nj.com/newsflash PRINT rule
Approved by: agc
|
|
|
|
|
|
|
|
This should fix the bulk build problem.
|
|
Also add buildlink for pthread support.
(From PR pkg/23099 by Hiramatsu Yoshifumi)
|
|
|
|
|
|
|
|
the darwin build. PR 20507.
|
|
o fixes for basic authorisation. from <ecu@ipv42.net>
o always display file size in directory index mode
o add .xbel, .xml & .xsl -> text/xml mappings. from
<wiz@danbala.ifoer.tuwien.ac.at>
|
|
o fixes for basic authorisation. from <ecu@ipv42.net>
o always display file size in directory index mode
o add .xbel, .xml & .xsl -> text/xml mappings. from
<wiz@danbala.ifoer.tuwien.ac.at>
|
|
* new parameter 'deExifyImages'
* bug fixes
* translation updates
|
|
Fixed memory leak with Content-Type at http.c:37
Workaround broken cfmakeraw on AIX
Users can enter own shell command for executing external programs.
Commands in X are executed in xterm, not on console.
Do not send Range on refresh
More information on image files in Info menu.
Allow opening of a link in a new window (target="_blank").
Serbian translation
Added "id" attribute to the <img> tag.
Serbian Cyrillic letters
Updated Hungarian translation
Table frame and rules when no border attribute present
Fixed spelling errors found by Francois Gouget's program
Fixed crash in frames introduced in Tue Jun 17 23:15:46 MET DST 2003
Add slash after URLs like ftp://host:1234
Anchors allowed in frame locations
No char with code 13 when pasting in OS/2
Aggressive cache is in cache dialog, not in HTTP bugs dialog
302 redirects are not cached
Fixed redirect left after reloading cached document
Do not send "Range" when cache expires
Fixed some languages (removed name ELinks)
Updated Russian localization
Fixed \001 in bookmarks and window title when title contained 0xa0
Fixed bug that can't happen in select_mainmenu
Fixed numbers on links not consistent with internal order. Still not
perfect but better than it used to be.
|
|
|
|
structures and rendered documents together, and deduce
templates that could have performed the transformation.
It is a companion to Template and Template::Extract; their
relationship is shown below:
Template: ($template + $data) ==> $document # normal
Template::Extract: ($document + $template) ==> $data # tricky
Template::Generate: ($data + $document) ==> $template # very tricky
This module is considered experimental.
|
|
|
|
template extraction functionality. It can take a rendered document
and its template together, and get the original data structure
back, effectively reversing the "process" function.
This module is considered experimental. If you just wish to extract
RSS-type information out of a HTML document, WWW::SherlockSearch
may be a more robust solution.
|
|
Version 2.10 provides a few trivial new features and applies fixes to
some small bugs. For example, you can now use IN instead of = in a
loop, e.g. FOREACH item IN list. The WRAPPER configuration option is
new, and Template::Context and Template::Stash now both implement
define_vmethod() methods which make it easier to define new virtual
methods.
Version 2.09 contained mostly bug fixes and minor enhancements.
Version 2.08 added compile time constant folding which can result in a
significant performance boost when processing templates. It also
offered several other minor enhancements and bug fixes.
|
|
|
|
Thanks to Grant Beattie for sorting out DEPENDS line.
|
|
|
|
Since htmlsplit.rb isn't really contain RD document, stop try to generate
HTML from it. (It was my fault.)
Bump PKGREVISION.
|
|
actually using a Linux version of netscape. Fixes build on alpha under
compat_osf1 and probably sparc under compat_svr4.
|
|
using the buildlink would get proper version dependency even when not
using php4/Makefile.common
|
|
|
|
curses.buildlink2.mk. This was wrong because we _really_ do want to
express that we want _n_curses when we include the buildlink2.mk file.
We should have a better way to say that the NetBSD curses doesn't
quite work well enough. In fact, it's far better to depend on ncurses
by default, and exceptionally note when it's okay to use NetBSD curses
for specific packages. We will look into this again in the future.
|
|
support for base system curses/ncurses as well as ncurses itself.
suggested by wiz.
|
|
|
|
|
|
|
|
|
|
|