kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update apache22 package to 2.2.15.

Browse source 
For full changes information please refer:
http://www.apache.org/dist/httpd/Announcement2.2.html.

Here is security related changes from ChangeLog
(http://www.apache.org/dist/httpd/CHANGES_2.2.15).


Changes with Apache 2.2.15

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
     by rejecting any client-initiated renegotiations. Forcibly disable
     keepalive for the connection if there is any buffered data readable. Any
     configuration which requires renegotiation for per-directory/location
     access control is still vulnerable, unless using OpenSSL >= 0.9.8l.
     [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]

  *) SECURITY: CVE-2010-0408 (cve.mitre.org)
     mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
     when request headers indicate a request body is incoming; not a case of
     HTTP_INTERNAL_SERVER_ERROR.  [Niku Toivola <niku.toivola sulake.com>]

  *) SECURITY: CVE-2010-0425 (cve.mitre.org)
     mod_isapi: Do not unload an isapi .dll module until the request
     processing is completed, avoiding orphaned callback pointers.
     [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
This commit is contained in:
taca 2010-03-09 02:30:15 +00:00
parent 6baab92237
commit ceed3d639a
3 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
www/apache22/Makefile
View file

@ -1,9 +1,7 @@
# $NetBSD: Makefile,v 1.55 2010/01/17 12:02:48 wiz Exp $
# $NetBSD: Makefile,v 1.56 2010/03/09 02:30:15 taca Exp $
DISTNAME= httpd-2.2.14
DISTNAME= httpd-2.2.15
PKGNAME= ${DISTNAME:S/httpd/apache/}
#PKGREVISION= 3
PKGREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
http://archive.apache.org/dist/httpd/ \

4
www/apache22/PLIST
View file

@ -1,4 +1,4 @@
@comment $NetBSD: PLIST,v 1.15 2009/10/30 21:10:57 christos Exp $
@comment $NetBSD: PLIST,v 1.16 2010/03/09 02:30:15 taca Exp $
${PLIST.suexec}sbin/suexec
include/httpd/ap_compat.h
include/httpd/ap_config.h
@ -869,6 +869,8 @@ share/httpd/manual/mod/mod_proxy_http.html
share/httpd/manual/mod/mod_proxy_http.html.en
share/httpd/manual/mod/mod_proxy_scgi.html
share/httpd/manual/mod/mod_proxy_scgi.html.en
share/httpd/manual/mod/mod_reqtimeout.html
share/httpd/manual/mod/mod_reqtimeout.html.en
share/httpd/manual/mod/mod_rewrite.html
share/httpd/manual/mod/mod_rewrite.html.en
share/httpd/manual/mod/mod_setenvif.html

8
www/apache22/distinfo
View file

@ -1,8 +1,8 @@
$NetBSD: distinfo,v 1.30 2010/03/05 00:22:59 taca Exp $
$NetBSD: distinfo,v 1.31 2010/03/09 02:30:15 taca Exp $
SHA1 (httpd-2.2.14.tar.bz2) = eacd04c87b489231ae708c84a77dc8e9ee176fd2
RMD160 (httpd-2.2.14.tar.bz2) = ff5077e444ba995475202bb3b9be733384c809d1
Size (httpd-2.2.14.tar.bz2) = 5147171 bytes
SHA1 (httpd-2.2.15.tar.bz2) = 5f0e973839ed2e38a4d03adba109ef5ce3381bc2
RMD160 (httpd-2.2.15.tar.bz2) = e5c5da1fdf86a6b0501f6c8e97ccb1982e81cfdf
Size (httpd-2.2.15.tar.bz2) = 4959582 bytes
SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf
SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150
SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad