Commit graph

24 commits

Author SHA1 Message Date
asau
5eae6a18a3 Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. 2012-10-28 06:30:00 +00:00
ryoon
296f76c77e Recursive revbump from multimedia/libvpx 1.1.0 update 2012-09-22 13:48:15 +00:00
asau
66dbe664de Update to Cherokee 1.2.105
Requested by Moritz Wilhelmy on IRC.


Vulnerabilities fixed:

* CVE-2011-2191
  Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee
  before 1.2.99 allows remote attackers to hijack the authentication of
  administrators for requests that insert cross-site scripting (XSS) sequences,
  as demonstrated by a crafted nickname field to vserver/apply.

* CVE-2011-2190
  The generate_admin_password function in Cherokee before 1.2.99 uses time and
  PID values for seeding of a random number generator, which makes it easier
  for local users to determine admin passwords via a brute-force attack.


New features (excerpt):

* Caching policies support
* Custom header can be defined inside rules
* Improved Index Page
* Kqueue is now used by default on MacOS X and *BSD
* New option to disable the use of SSLv2
* Wild cards are now supported in dirlist fields
* Redirection entries can be reordered
* ${vserver_name_req} in logger 'Custom'
* Cherokee-admin can be shut down from within
* TLS/SSL supports the 'IP per VServer' workaround now
* Virtual Server complex match support (OR rules)
* Redirection error handler has a 'default' option now
* New ${root_domain} macro in Advanced Virtual Hosting
* Failover load balancing plug-in
* cherokee-admin-launcher tool
* Information Source name resolution pre-caching
* Gzip and Default is configurable now (#1054)
* ${http_host}, ${http_referrer}, and ${http_user_agent} (#896)
* Much better OPTIONS support
* Documentation improvements
* Information Sources can be reordered now (*CGI handlers)
* X-Sendfile and X-Accel-Redirect support in the proxy
* Shared memory implementation (no longer SysV) (#537)
* Logger custom. New macro: ${http_cookie}
* Virtual Host regex group replacement (^ parameters)
* --with-cgiroot in configure
* -i / --disable-iocache param in cherokee-admin
* 'Server Info' extended to support accepts and timeouts
* cherokee-admin-launcher accepts SIGHUP now
* CTK_COOKIE security enhancement
* Enhanced pre-saving validations
* Interpreter env. vars can embedded $VARs evaluation
* QA bench can be run without installing Cherokee first
* OS tuning documentation
* Regex against full header match
* Nick name match is optional on VServers (#1075)
* Front-Line Cache (beta)
* Cherokee Distribution (beta)
* CHEROKEE_TRACE special "from=<ip>" support
* SSL/TLS Wizard
* SSI recursive includes
* "UNIX socket in a abstract namespace" support
* Adds SHA512 support to the MySQL validator
* HSTS (HTTP Strict Transport Security) support
2012-03-22 22:40:18 +00:00
obache
2cd654bab6 Bump PKGREVISION from default python to 2.7. 2012-03-15 11:53:20 +00:00
wiz
ee311e3b36 Recursive bump for pcre-8.30* (shlib major change) 2012-03-03 00:11:51 +00:00
sbd
6c1bcc271a Recursive bump for multimedia/ffmpeg buildlink addition. 2011-11-16 01:33:15 +00:00
obache
1ca42356ea Update cherokee to 1.0.5.
Based on PR#43557 by Wen Heping.

Bump to 1.x release.
2010-07-11 12:18:55 +00:00
joerg
eb0b6cc39f DESTDIR support 2010-06-28 10:41:53 +00:00
jmmv
89e3f4f89a Relinquish maintainership. As history shows, I haven't done a good job in
maintaining this package.
2010-03-12 13:45:42 +00:00
wiz
579796a3e5 Recursive PKGREVISION bump for jpeg update to 8. 2010-01-17 12:02:03 +00:00
drochner
aba46f2920 use libgnutls-config.mk, brings back TLS support with gnutls-2.8,
bump PKGREVISION
2009-07-03 14:15:41 +00:00
joerg
e031855e4a Convert @exec/@unexec to @pkgdir or drop it. 2009-06-14 22:00:14 +00:00
tnn
9d49da5e35 It needs flex, not lex. 2008-05-22 13:31:40 +00:00
wiz
8e810a2bc9 Recursive PKGREVISION bump for gnutls-2.2.2 update with shlib major bump. 2008-03-06 14:53:47 +00:00
tnn
6538a067b9 PR 37952: Aleksey Cheusov: more missed tools in USE_TOOLS 2008-02-04 20:10:34 +00:00
tnn
ad6ceadd25 Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
2008-01-18 05:06:18 +00:00
wiz
9d27f90a6f opencdk shlib major changed; bump ABI depends and PKGREVISIONs of
affected packages.
2007-06-05 05:36:59 +00:00
wiz
6e2c35c083 pkglint cleanup; update HOMEPAGE/MASTER_SITES.
From Sergey Svishchev in private mail.
2007-02-22 19:01:13 +00:00
joerg
530c943863 Rename T_USER to not conflict with system enum on DragonFly and FreeBSD. 2006-09-24 15:40:24 +00:00
kristerw
4c879300fc Remove BROKEN_IN for packages that built in the latest
NetBSD 3.0_STABLE/i386 bulk build.
2006-08-06 05:20:40 +00:00
joerg
6d63b8df5f Require bison as tool and remove broken bison test. 2006-06-08 19:48:35 +00:00
wiz
991dcdf978 Mark as BROKEN_IN pkgsrc-2006Q1 according to
ftp://ftp.NetBSD.org/pub/pkgsrc/misc/kristerw/pkgstat/i386-3.0/20060501.1050/broken.html
2006-05-18 20:29:58 +00:00
jmmv
a9010854fc Use -b to properly fork the daemon instead of &. 2006-05-01 10:32:51 +00:00
jmmv
c8f474fc43 Initial import of cherokee, version 0.5.3:
Cherokee is a very fast, flexible and easy to configure Web Server.  It
supports the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI,
TLS and SSL encrypted connections, Virtual hosts, Authentication, on the
fly encoding, Apache compatible log files, and much more.
2006-05-01 07:22:29 +00:00