From 6ef9e838e008cc033d586649bf85f035f7560530 Mon Sep 17 00:00:00 2001
From: bouyer <bouyer@pkgsrc.org>
Date: Wed, 19 Oct 2005 20:30:20 +0000
Subject: Update to 1.3.34. This is a security fix release, fix pkg/31868 by
 Zafer Aydogan. Changes from 1.3.33:   *) hsregex: fix potential core dumping
 on 64 bit machines, such as      AMD64. PR 31858. [Glenn Strauss <
 gs-apache-dev gluelogic.com>]

  *) SECURITY: core: If a request contains both Transfer-Encoding and
     Content-Length headers, remove the Content-Length, mitigating some
     HTTP Request Splitting/Spoofing attacks.  This has no impact on
     mod_proxy_http, yet affects any module which supports chunked
     encoding yet fails to prefer T-E: chunked over the Content-Length
     purported value.  [Paul Querna, Joe Orton]

  *) Added TraceEnable [on|off|extended] per-server directive to alter
     the behavior of the TRACE method.  This addresses a flaw in proxy
     conformance to RFC 2616 - previously the proxy server would accept
     a TRACE request body although the RFC prohibited it.  The default
     remains 'TraceEnable on'.
     [William Rowe]

  *) mod_digest: Fix another nonce string calculation issue.
     [Eric Covener]
---
 www/apache/Makefile |  9 ++++-----
 www/apache/distinfo | 14 +++++++-------
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/www/apache/Makefile b/www/apache/Makefile
index 6dfe0b6b1ab..c1dfc28efae 100644
--- a/www/apache/Makefile
+++ b/www/apache/Makefile
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.172 2005/10/05 13:29:50 wiz Exp $
+# $NetBSD: Makefile,v 1.173 2005/10/19 20:30:20 bouyer Exp $
 #
 # This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of
 # code hooks that allow mod_ssl to be compiled separately later, if desired).
 
-DISTNAME=		apache_1.3.33
+DISTNAME=		apache_1.3.34
 PKGNAME=		${DISTNAME:S/_/-/}
-PKGREVISION=		7
 CATEGORIES=		www
 MASTER_SITES=		${MASTER_SITE_APACHE:=httpd/} \
 			${MASTER_SITE_APACHE:=httpd/old/}
@@ -18,8 +17,8 @@ COMMENT=		Apache HTTP (Web) server
 NETBSD_LOGO=		sitedrivenby.gif
 SITES_${NETBSD_LOGO}=	http://www.NetBSD.org/images/logos/
 
-MODSSL_VERSION=		2.8.24
-MODSSL_DISTNAME=	mod_ssl-${MODSSL_VERSION}-1.3.33
+MODSSL_VERSION=		2.8.25
+MODSSL_DISTNAME=	mod_ssl-${MODSSL_VERSION}-1.3.34
 MODSSL_DIST=		${MODSSL_DISTNAME}.tar.gz
 MODSSL_SRC=		${WRKDIR}/${MODSSL_DISTNAME}
 SITES_${MODSSL_DIST}=	http://www.modssl.org/source/ \
diff --git a/www/apache/distinfo b/www/apache/distinfo
index 3dc5053dc6e..4c14c3abd64 100644
--- a/www/apache/distinfo
+++ b/www/apache/distinfo
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.46 2005/09/16 13:53:57 salo Exp $
+$NetBSD: distinfo,v 1.47 2005/10/19 20:30:21 bouyer Exp $
 
-SHA1 (apache_1.3.33.tar.gz) = 4cd49534d1abd04c81ab215f2457122d85855b0d
-RMD160 (apache_1.3.33.tar.gz) = 80e9ea2c7c75f49454acfd83cead5506c5ffddea
-Size (apache_1.3.33.tar.gz) = 2468567 bytes
+SHA1 (apache_1.3.34.tar.gz) = df082b73f1220555dc416c0c5afa746e30a9e0de
+RMD160 (apache_1.3.34.tar.gz) = e39dfc57b7f9164aa76641de3fa74f0314c9ec9e
+Size (apache_1.3.34.tar.gz) = 2468056 bytes
 SHA1 (sitedrivenby.gif) = 7671e9a8ec2cad3961b268befd33c0920e07c658
 RMD160 (sitedrivenby.gif) = 2e350e6531a800da8796207509c12fb590d0affa
 Size (sitedrivenby.gif) = 8519 bytes
-SHA1 (mod_ssl-2.8.24-1.3.33.tar.gz) = cb2e77efa0c7df3368b3be0d6bbdf13fa92090f1
-RMD160 (mod_ssl-2.8.24-1.3.33.tar.gz) = 1651dcd85abd37d6955f241c730e101df482d545
-Size (mod_ssl-2.8.24-1.3.33.tar.gz) = 820292 bytes
+SHA1 (mod_ssl-2.8.25-1.3.34.tar.gz) = 150f726539d74c0d2af02e482be78bbcdb811395
+RMD160 (mod_ssl-2.8.25-1.3.34.tar.gz) = 90a3913d30c7f4d194907463125c90101005837a
+Size (mod_ssl-2.8.25-1.3.34.tar.gz) = 820352 bytes
 SHA1 (patch-aa) = ae280b14dc0102ecfbe3675ca0b5d2b74ee790ca
 SHA1 (patch-ab) = 084d52bb2afbacf18b9d0793293d8ae333c67802
 SHA1 (patch-ac) = b961c90a58a94f48daff417af146df98d5ec428c
-- 
cgit v1.2.3