pkgsrc/www/apache22
tron 97e893b40f Update "apache22" package to version 2.2.25. Changes since 2.2.24:
- SECURITY: CVE-2013-1862 (cve.mitre.org)
  mod_rewrite: Ensure that client data written to the RewriteLog is
  escaped to prevent terminal escape sequences from entering the
  log file.  [Eric Covener, Jeff Trawick, Joe Orton]
- core: Limit ap_pregsub() to 64MB and add ap_pregsub_ex() for longer
  strings.  The default limit for ap_pregsub() can be adjusted at compile
   time by defining AP_PREGSUB_MAXLEN.  [Stefan Fritsch, Jeff Trawick]
- core: Support the SINGLE_LISTEN_UNSERIALIZED_ACCEPT optimization
  on Linux kernel versions 3.x and above.  Bug#55121.  [Bradley Heilbrun
  <apache heilbrun.org>]
- mod_setenvif: Log error on substitution overflow.
  [Stefan Fritsch]
- mod_ssl/proxy: enable the SNI extension for backend TLS connections
  [Kaspar Brand]
- mod_proxy: Use the the same hostname for SNI as for the HTTP request when
  forwarding to SSL backends. Bug#53134.
  [Michael Weiser <michael weiser.dinsnail.net>, Ruediger Pluem]
- mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
  in the error log to debug level.  [William Rowe]
- mod_ssl: Catch missing, mismatched or encrypted client cert/key pairs
  with SSLProxyMachineCertificateFile/Path directives. Bug#52212, Bug#54698.
  [Keith Burdis <keith burdis.org>, Joe Orton, Kaspar Brand]
- mod_proxy_balancer: Added balancer parameter failontimeout to allow server
  admin to configure an IO timeout as an error in the balancer.
  [Daniel Ruggeri]
- mod_authnz_ldap: Allow using exec: calls to obtain LDAP bind
  password.  [Daniel Ruggeri]
- htdigest: Fix buffer overflow when reading digest password file
  with very long lines. Bug#54893. [Rainer Jung]
- mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
  the source href (sent as part of the request body as XML) pointing to a
  URI that is not configured for DAV will trigger a segfault. [Ben Reser
  <ben reser.org>]
- mod_dav: Ensure URI is correctly uriencoded on return. Bug#54611
  [Timothy Wood <tjw omnigroup.com>]
- mod_dav: Make sure that when we prepare an If URL for Etag comparison,
  we compare unencoded paths. Bug#53910 [Timothy Wood <tjw omnigroup.com>]
- mod_dav: Sending an If or If-Match header with an invalid ETag doesn't
  result in a 412 Precondition Failed for a COPY operation. PR54610
  [Timothy Wood <tjw omnigroup.com>]
- mod_dav: When a PROPPATCH attempts to remove a non-existent dead
  property on a resource for which there is no dead property in the same
  namespace httpd segfaults. Bug#52559 [Diego Santa Cruz
  <diego.santaCruz spinetix.com>]
- mod_dav: Do not fail PROPPATCH when prop namespace is not known.
  Bug#52559 [Diego Santa Cruz <diego.santaCruz spinetix.com>]
- mod_dav: Do not segfault on PROPFIND with a zero length DBM.
  Bug#52559 [Diego Santa Cruz <diego.santaCruz spinetix.com>]
2013-07-15 18:15:49 +00:00
..
files
patches Update "apache22" package to version 2.2.25. Changes since 2.2.24: 2013-07-15 18:15:49 +00:00
buildlink3.mk Add apxs to buildlink3, so that packages that use apxs will build properly 2013-02-20 12:14:42 +00:00
DESCR
distinfo Update "apache22" package to version 2.2.25. Changes since 2.2.24: 2013-07-15 18:15:49 +00:00
Makefile Update "apache22" package to version 2.2.25. Changes since 2.2.24: 2013-07-15 18:15:49 +00:00
MESSAGE Add a MESSAGE reminding upgraders to add LoadModule entries since Apache 2.2.16. 2010-08-02 10:38:16 +00:00
options.mk Changes 2.2.17: 2010-11-01 17:28:49 +00:00
PLIST Update "apache" package to version 2.2.24. Changes since 2.2.23: 2013-03-03 20:05:03 +00:00