CVS log for ports/www/apache22/Makefile.doc
![[BACK]](/gifs/back.gif){kind=small}
Up to [FreeBSD] / ports / www / apache22
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Revision 1.16: download - view: text, markup, annotated - select for diffs
Wed Feb 1 18:56:08 2012 UTC (8 days, 16 hours ago) by jgh
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +3 -3 lines
- Update to 2.2.22
Addresses:
* SECURITY: CVE-2011-3607 (cve.mitre.org)
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP
Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif
module is enabled, allows local users to gain privileges via a .htaccess file
with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request
header, leading to a heap-based buffer overflow.
* SECURITY: CVE-2012-0021 (cve.mitre.org)
The log_cookie function in mod_log_config.c in the mod_log_config module in the
Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not
properly handle a %{}C format string, which allows remote attackers to cause a
denial of service (daemon crash) via a cookie that lacks both a name and a
value.
* SECURITY: CVE-2012-0031 (cve.mitre.org)
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local
users to cause a denial of service (daemon crash during shutdown) or possibly
have unspecified other impact by modifying a certain type field within a
scoreboard shared memory segment, leading to an invalid call to the free
function.
* SECURITY: CVE-2011-4317 (cve.mitre.org)
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in
place, does not properly interact with use of (1) RewriteRule and (2)
ProxyPassMatch pattern matches for configuration of a reverse proxy, which
allows remote attackers to send requests to intranet servers via a malformed URI
containing an @ (at sign) character and a : (colon) character in invalid
positions. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2011-3368.
* SECURITY: CVE-2012-0053 (cve.mitre.org)
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly
restrict header information during construction of Bad Request (aka 400) error
documents, which allows remote attackers to obtain the values of HTTPOnly
cookies via vectors involving a (1) long or (2) malformed header in conjunction
with crafted web script.
* SECURITY: CVE-2011-3368 (cve.mitre.org)
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of
(1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a
reverse proxy, which allows remote attackers to send requests to intranet
servers via a malformed URI containing an initial @ (at sign) character.
PR: ports/164675
Reviewed by: pgollucci
Approved by: pgollucci, crees, rene (mentors, implicit)
With Hat: apache@
Revision 1.15: download - view: text, markup, annotated - select for diffs
Thu Mar 31 17:00:36 2011 UTC (10 months, 1 week ago) by ohauer
Branches: MAIN
CVS tags: RELEASE_9_0_0
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -2 lines
- update Apache 2 ITK MPM patch to version 20110321-01 [1] - add additional patch for mpm-itk [2] - add mod_substitute to apache22 [3] - add some documentation into the mpm-itk* patches - bump portrevision Changes: [1] apache2.2-mpm-itk 2.2.17-01, released 2011-03-21: * Fixed CVE-2011-1176: If NiceValue was set, the default with no AssignUserID was to run as root:root instead of the default Apache user and group, due to the configuration merger having an incorrect default configuration. * Rebase against Apache 2.2.17. * Fix an issue where users can sometimes get spurious 403s on persistent connections, if the .htaccess files are not world readable. * In the config merger, don't reallocate the username, since it's already in the correct pool. (This is not a memory leak, only a small inefficiency.) [2] http://httpd.apache.org/docs/2.2/mod/mod_substitute.html Source: http://mpm-itk.sesse.net/ [1] http://www.pvv.ntnu.no/~knuta/mpm-itk/ [2] http://lists.freebsd.org/pipermail/freebsd-apache/2011-March/002184.html [3] With Hat: apache@ PR: ports/156024 [1][2] Submitted by: Lukasz Wasikowski <lukasz _at_ wasikowski.net> [1][2] Nick Gieczewski <sorongo _at_ gmail.com> [3]
Revision 1.14: download - view: text, markup, annotated - select for diffs
Sun Aug 2 19:35:56 2009 UTC (2 years, 6 months ago) by mezz
Branches: MAIN
CVS tags: RELEASE_8_2_0, RELEASE_8_1_0, RELEASE_8_0_0, RELEASE_7_4_0, RELEASE_7_3_0, RELEASE_6_EOL
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +1 -1 lines
-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22. -Update libtool and libltdl to 2.2.6a. -Remove devel/libtool15 and devel/libltdl15. -Fix ports build with libtool22/libltdl22. -Bump ports that depend on libltdl22 due to shared library version change. -Explain what to do update in the UPDATING. It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop and applications in the runtime. With help: marcus and kwm Pointyhat-exp: a few times by pav Tested by: pgollucci, "Romain Tartière" <romain@blogreen.org>, and a few MarcusCom CVS users. Also, I might have missed a few. Repocopy by: marcus Approved by: portmgr
Revision 1.13: download - view: text, markup, annotated - select for diffs
Sun Jan 20 14:00:32 2008 UTC (4 years ago) by clement
Branches: MAIN
CVS tags: RELEASE_7_2_0, RELEASE_7_1_0, RELEASE_6_4_0, RELEASE_5_EOL
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +2 -2 lines
- s/bsd.databases.mk/bsd.database.mk/ PR: ports/119823 Submitted by: mm
Revision 1.12: download - view: text, markup, annotated - select for diffs
Sun Jan 20 11:29:31 2008 UTC (4 years ago) by clement
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +17 -11 lines
- Update to 2.2.8 - Update documentation - Use BDB from bsd.databases.mk instead of homebrew [1] PR: ports/119711 [1] Submitted by: mm [1]
Revision 1.11: download - view: text, markup, annotated - select for diffs
Wed Jan 16 09:33:45 2008 UTC (4 years ago) by mm
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +3 -3 lines
- Add support for db45 and db46 PR: ports/117937 Submitted by: mm Approved by: maintainer timeout
Revision 1.10: download - view: text, markup, annotated - select for diffs
Sun Nov 5 10:49:17 2006 UTC (5 years, 3 months ago) by clement
Branches: MAIN
CVS tags: RELEASE_7_0_0, RELEASE_6_3_0, RELEASE_4_EOL, PRE_XORG_7
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +9 -7 lines
- Update MySQL apr_dbd to rev 57 - Add support for itk mpm - Update doc [1] Reported by: Volodymyr Kostyrko <arcade@synergetica.dn.ua> [1]
Revision 1.9: download - view: text, markup, annotated - select for diffs
Wed May 10 19:47:15 2006 UTC (5 years, 9 months ago) by clement
Branches: MAIN
CVS tags: RELEASE_6_2_0
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +1 -3 lines
- Remove obsolete patch which add support to Windows Update Service when apache acts as a proxy. Reported by: Bjoern Voigt <bjoern@cs.tu-berlin.de>
Revision 1.8: download - view: text, markup, annotated - select for diffs
Tue Dec 13 22:26:57 2005 UTC (6 years, 1 month ago) by clement
Branches: MAIN
CVS tags: RELEASE_6_1_0, RELEASE_5_5_0
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -1 lines
- Fix envvars.d [1] - Add apache22_http_accept_enable to load accf_http kernel module [2] Additionnally, if it's not defined, we drop accept filter support - Drop obsolete apache22ssl_enable rc.conf option - Sync apache22.sh behavior with apachectl Add graceful and graceful-stop targets - Rework categories (add CACHE_MODULES) - Add support for apr_dbd: MySQL, PostgrSQL and SQLite3 backends are supported It adds mod_auth_dbd and mod_dbd automatically more fixes to come soon... PR: ports/90309 [1], ports/90103 [2] Submitted by: Simun Mikecin <sime@data.home.hr> [1], Melvyn Sopacua <melvyn@melvyn.homeunix.net> [2]
Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Dec 4 10:57:19 2005 UTC (6 years, 2 months ago) by clement
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -56 lines
- Update documentation. We no longer support for WWW_* knobs
Revision 1.6: download - view: text, markup, annotated - select for diffs
Sat Dec 3 22:02:58 2005 UTC (6 years, 2 months ago) by clement
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +3 -3 lines
- Add apache 2.2.0
It's a temporary layout, I need more time to find the best.
note that ${PREFIX}/www/(data|errors|cgi)(-dist) disappeared in favor of
${PREFIX}/www/apache22
Revision 1.5: download - view: text, markup, annotated - select for diffs
Sun Oct 30 20:39:04 2005 UTC (6 years, 3 months ago) by clement
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +2 -2 lines
- Update to 2.1.8 Not all new cool stuff is supported but it will be when 2.2.0 comes out.
Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Feb 23 10:59:45 2005 UTC (6 years, 11 months ago) by clement
Branches: MAIN
CVS tags: old_RELEASE_6_0_0, old_RELEASE_5_4_0
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +2 -2 lines
- Update to 2.1.3 If you can't fetch the distfile, fetch http://httpd.apache.org/dev/dist/httpd-2.1.3-alpha.tar.bz2 into ${PORTSDIR}/distfiles/apache21
Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon Dec 27 20:38:37 2004 UTC (7 years, 1 month ago) by clement
Branches: MAIN
CVS tags: old_RELEASE_4_11_0
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +3 -1 lines
- Add a note about the dangerousness of quotes in make.conf
Revision 1.2: download - view: text, markup, annotated - select for diffs
Mon Dec 13 18:48:02 2004 UTC (7 years, 1 month ago) by clement
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +3 -1 lines
- Move standard configuration files to ${EXAMPLESDIR} to not get
dist config files installed in ${PREFIX}/etc/apache21
- Add support for Event MPM and add backport from apr to support
APR_POLLSET_THREADSAFE (needed by Event MPM and forgotten @ release
time) [1]
- misc cleanups
- Bump PORTREVISION to reflect all cool changes which occured today ;)
Obtained from: apr svn repository
Revision 1.1: download - view: text, markup, annotated - select for diffs
Sat Dec 11 18:06:04 2004 UTC (7 years, 2 months ago) by clement
Branches: MAIN
- Add apache 2.1.2 This is a development version, awaiting for 2.2