apxs are now installed with "${INSTALL} -c -o ${LIBOWN} -g ${LIBGRP}",
which should do the right thing regardless of the platform. ${INSTALL} is
replaced with the full path to the install program used by pkgsrc, which
should be /usr/bin/install on NetBSD, and /usr/ucb/install on Solaris.
This should fix pkg/14232 by Pierre Bourgin.
using the pkgsrc expat library instead of the builtin one (this is to
avoid conflicts between expat libraries when an expat XML parser is loaded
by either mod_perl or mod_php), and:
Security vulnerabilities
* A vulnerability was found in the split-logfile support program. A
request with a specially crafted Host: header could allow any file
with a .log extension on the system to be written to.
* A vulnerability was found when Multiviews are used to negotiate
the directory index. In some configurations, requesting a URI with
a QUERY_STRING of M=D could return a directory listing rather than
the expected index page.
General bug fixes and improvements
* Bug fixes
* The supplied icons are now also distributed in PNG format
* New directives have been added to the mod_usertrack module, The
first, CookieDomain, can be used to customise the Domain
attribute.
* A new directive, AcceptMutex, allows run-time configuration of the
mutex type used for accept serialization.
* mod_auth has been enhanced to allow access to a document to be
controlled based on the owner of the file being served.
* A new directive, AcceptFilter, has been added to control BSD
accept filters at run-time. The functionality can postpone the
requirement for a child process to handle a new connection until
an HTTP request has arrived, therefore increasing the number of
connections that a given number of child processes can handle
On NetBSD, we need to link libgcc.a whole-archive so that certain symbols
from the C++ implementation (__get_eh_context, etc.) referenced by DSOs
written in C++ will resolve correctly. This makes php4-sablot work with
mod_php4.so (from ap-php4) on ELF platforms when loaded by Apache's httpd.
NetBSD Packages Collection (pkgsrc) changes:
* Modify French page in same way as the English page. Translation
provided by Remi Zara <remi_zara@mac.com> in private e-mail.
* Use EAPI patches from mod_ssl-2.8.4-1.3.20.
* Unify repeated SED replacement info for config.layout, apache.sh,
DEINSTALL, and INSTALL into one location, FILES_SUBST.
* Modify patch to apxs to use 0:0 instead of root:wheel, as some
non-NetBSD systems don't have a wheel group.
The general bug fixes:
* Eliminate a potential segfault if an invalid floating point value
is passed to the ap_snprintf() function, on platforms supporting
isnan() and isinf().
* Fix a possible segfault at startup in the detection of a default
ServerName or IP string when no ServerName was specified.
* Fixed mod_proxy to retain empty headers, as allowed by RFC2068.
* Properly resolve the location of ndbm on Linux and some glibc2
builds, where ndbm.h is in the nonstandard db1/ subdir.
The main new features include:
* Enhanced rotatelogs to allow a UTC offset to be specified, and
the format logfile names with human-readable date/time stamps.
* Added the NOESCAPE (NS) flag to RewriteRule, to disable *all*
normal URI escaping. Note incautious use can give unexpected
results or introduce security risks.
* Added the '\' character to RewriteRule to allow escaping of
special characters. Allows embedding of both the '$' and '%'
characters in the results, so 'foo\$1' translates to 'foo$1'
rather than 'foo\<value of $1>'.
* Added the -V flag to suexec, to display the compile-time settings
with which it was built. (Only valid for root or the HTTPD_USER
username.)
* Introduced EBCDIC conversion configuration options, controlling the
conversion based on MIME type or file suffix.
the updated EAPI patches from mod_ssl-2.8.3-1.3.19 which includes the
following fix:
*) Fixed EAPI context usage in http_request.c: a context pointer
potentially can be NULL requests and can cause a segfault if
dereferenced.
