73733cfaf5
Requested by Moritz Wilhelmy on IRC.
Vulnerabilities fixed:
* CVE-2011-2191
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee
before 1.2.99 allows remote attackers to hijack the authentication of
administrators for requests that insert cross-site scripting (XSS) sequences,
as demonstrated by a crafted nickname field to vserver/apply.
* CVE-2011-2190
The generate_admin_password function in Cherokee before 1.2.99 uses time and
PID values for seeding of a random number generator, which makes it easier
for local users to determine admin passwords via a brute-force attack.
New features (excerpt):
* Caching policies support
* Custom header can be defined inside rules
* Improved Index Page
* Kqueue is now used by default on MacOS X and *BSD
* New option to disable the use of SSLv2
* Wild cards are now supported in dirlist fields
* Redirection entries can be reordered
* ${vserver_name_req} in logger 'Custom'
* Cherokee-admin can be shut down from within
* TLS/SSL supports the 'IP per VServer' workaround now
* Virtual Server complex match support (OR rules)
* Redirection error handler has a 'default' option now
* New ${root_domain} macro in Advanced Virtual Hosting
* Failover load balancing plug-in
* cherokee-admin-launcher tool
* Information Source name resolution pre-caching
* Gzip and Default is configurable now (#1054)
* ${http_host}, ${http_referrer}, and ${http_user_agent} (#896)
* Much better OPTIONS support
* Documentation improvements
* Information Sources can be reordered now (*CGI handlers)
* X-Sendfile and X-Accel-Redirect support in the proxy
* Shared memory implementation (no longer SysV) (#537)
* Logger custom. New macro: ${http_cookie}
* Virtual Host regex group replacement (^ parameters)
* --with-cgiroot in configure
* -i / --disable-iocache param in cherokee-admin
* 'Server Info' extended to support accepts and timeouts
* cherokee-admin-launcher accepts SIGHUP now
* CTK_COOKIE security enhancement
* Enhanced pre-saving validations
* Interpreter env. vars can embedded $VARs evaluation
* QA bench can be run without installing Cherokee first
* OS tuning documentation
* Regex against full header match
* Nick name match is optional on VServers (#1075)
* Front-Line Cache (beta)
* Cherokee Distribution (beta)
* CHEROKEE_TRACE special "from=<ip>" support
* SSL/TLS Wizard
* SSI recursive includes
* "UNIX socket in a abstract namespace" support
* Adds SHA512 support to the MySQL validator
* HSTS (HTTP Strict Transport Security) support
52 lines
1.3 KiB
Makefile
52 lines
1.3 KiB
Makefile
# $NetBSD: Makefile,v 1.19 2012/03/22 22:40:18 asau Exp $
|
|
#
|
|
|
|
DISTNAME= cherokee-1.2.101
|
|
CATEGORIES= www
|
|
MASTER_SITES= http://www.cherokee-project.com/download/1.2/${PKGVERSION_NOREV}/
|
|
|
|
MAINTAINER= pkgsrc-users@NetBSD.org
|
|
HOMEPAGE= http://www.cherokee-project.com/
|
|
COMMENT= Flexible and fast web server
|
|
LICENSE= gnu-gpl-v2
|
|
|
|
PKG_DESTDIR_SUPPORT= user-destdir
|
|
|
|
GNU_CONFIGURE= yes
|
|
USE_LIBTOOL= yes
|
|
USE_TOOLS+= gmake msgfmt
|
|
|
|
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
|
|
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
|
|
CONFIGURE_ARGS+= --with-wwwroot=${PREFIX}/share/cherokee
|
|
|
|
PKGCONFIG_OVERRIDE= cherokee.pc.in
|
|
|
|
INSTALL_MAKE_FLAGS+= sysconfdir=${EGDIR}
|
|
OWN_DIRS= ${PKG_SYSCONFDIR}/cherokee
|
|
OWN_DIRS+= ${VARBASE}/log
|
|
OWN_DIRS+= ${VARBASE}/run
|
|
EGDIR= ${PREFIX}/share/examples/cherokee
|
|
MESSAGE_SUBST+= EGDIR=${EGDIR}
|
|
CONF_FILES+= ${EGDIR}/cherokee/cherokee.conf \
|
|
${PKG_SYSCONFDIR}/cherokee/cherokee.conf
|
|
|
|
RCD_SCRIPTS= cherokee
|
|
|
|
INSTALLATION_DIRS+= ${EGDIR}/pam.d
|
|
|
|
.include "options.mk"
|
|
|
|
BUILD_DEFS+= VARBASE
|
|
|
|
REPLACE_PYTHON= admin/CTK/CTK-run.pre \
|
|
admin/server.py admin/upgrade_config.py \
|
|
cherokee/cherokee-admin-launcher \
|
|
cherokee/cherokee-tweak
|
|
|
|
# Needs installation:
|
|
TEST_TARGET= test
|
|
|
|
.include "../../devel/pcre/buildlink3.mk"
|
|
.include "../../lang/python/application.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|