pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/apache Update to 1.3.34. This is a security fix re...
details: https://anonhg.NetBSD.org/pkgsrc/rev/df88c32fc9fe
branches: trunk
changeset: 501255:df88c32fc9fe
user: bouyer <bouyer%pkgsrc.org@localhost>
date: Wed Oct 19 20:30:20 2005 +0000
description:
Update to 1.3.34. This is a security fix release, fix pkg/31868 by
Zafer Aydogan. Changes from 1.3.33:
*) hsregex: fix potential core dumping on 64 bit machines, such as
AMD64. PR 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>]
*) SECURITY: core: If a request contains both Transfer-Encoding and
Content-Length headers, remove the Content-Length, mitigating some
HTTP Request Splitting/Spoofing attacks. This has no impact on
mod_proxy_http, yet affects any module which supports chunked
encoding yet fails to prefer T-E: chunked over the Content-Length
purported value. [Paul Querna, Joe Orton]
*) Added TraceEnable [on|off|extended] per-server directive to alter
the behavior of the TRACE method. This addresses a flaw in proxy
conformance to RFC 2616 - previously the proxy server would accept
a TRACE request body although the RFC prohibited it. The default
remains 'TraceEnable on'.
[William Rowe]
*) mod_digest: Fix another nonce string calculation issue.
[Eric Covener]
diffstat:
www/apache/Makefile | 9 ++++-----
www/apache/distinfo | 14 +++++++-------
2 files changed, 11 insertions(+), 12 deletions(-)
diffs (53 lines):
diff -r 1798d49aeeb7 -r df88c32fc9fe www/apache/Makefile
--- a/www/apache/Makefile Wed Oct 19 18:05:06 2005 +0000
+++ b/www/apache/Makefile Wed Oct 19 20:30:20 2005 +0000
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.172 2005/10/05 13:29:50 wiz Exp $
+# $NetBSD: Makefile,v 1.173 2005/10/19 20:30:20 bouyer Exp $
#
# This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of
# code hooks that allow mod_ssl to be compiled separately later, if desired).
-DISTNAME= apache_1.3.33
+DISTNAME= apache_1.3.34
PKGNAME= ${DISTNAME:S/_/-/}
-PKGREVISION= 7
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
${MASTER_SITE_APACHE:=httpd/old/}
@@ -18,8 +17,8 @@
NETBSD_LOGO= sitedrivenby.gif
SITES_${NETBSD_LOGO}= http://www.NetBSD.org/images/logos/
-MODSSL_VERSION= 2.8.24
-MODSSL_DISTNAME= mod_ssl-${MODSSL_VERSION}-1.3.33
+MODSSL_VERSION= 2.8.25
+MODSSL_DISTNAME= mod_ssl-${MODSSL_VERSION}-1.3.34
MODSSL_DIST= ${MODSSL_DISTNAME}.tar.gz
MODSSL_SRC= ${WRKDIR}/${MODSSL_DISTNAME}
SITES_${MODSSL_DIST}= http://www.modssl.org/source/ \
diff -r 1798d49aeeb7 -r df88c32fc9fe www/apache/distinfo
--- a/www/apache/distinfo Wed Oct 19 18:05:06 2005 +0000
+++ b/www/apache/distinfo Wed Oct 19 20:30:20 2005 +0000
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.46 2005/09/16 13:53:57 salo Exp $
+$NetBSD: distinfo,v 1.47 2005/10/19 20:30:21 bouyer Exp $
-SHA1 (apache_1.3.33.tar.gz) = 4cd49534d1abd04c81ab215f2457122d85855b0d
-RMD160 (apache_1.3.33.tar.gz) = 80e9ea2c7c75f49454acfd83cead5506c5ffddea
-Size (apache_1.3.33.tar.gz) = 2468567 bytes
+SHA1 (apache_1.3.34.tar.gz) = df082b73f1220555dc416c0c5afa746e30a9e0de
+RMD160 (apache_1.3.34.tar.gz) = e39dfc57b7f9164aa76641de3fa74f0314c9ec9e
+Size (apache_1.3.34.tar.gz) = 2468056 bytes
SHA1 (sitedrivenby.gif) = 7671e9a8ec2cad3961b268befd33c0920e07c658
RMD160 (sitedrivenby.gif) = 2e350e6531a800da8796207509c12fb590d0affa
Size (sitedrivenby.gif) = 8519 bytes
-SHA1 (mod_ssl-2.8.24-1.3.33.tar.gz) = cb2e77efa0c7df3368b3be0d6bbdf13fa92090f1
-RMD160 (mod_ssl-2.8.24-1.3.33.tar.gz) = 1651dcd85abd37d6955f241c730e101df482d545
-Size (mod_ssl-2.8.24-1.3.33.tar.gz) = 820292 bytes
+SHA1 (mod_ssl-2.8.25-1.3.34.tar.gz) = 150f726539d74c0d2af02e482be78bbcdb811395
+RMD160 (mod_ssl-2.8.25-1.3.34.tar.gz) = 90a3913d30c7f4d194907463125c90101005837a
+Size (mod_ssl-2.8.25-1.3.34.tar.gz) = 820352 bytes
SHA1 (patch-aa) = ae280b14dc0102ecfbe3675ca0b5d2b74ee790ca
SHA1 (patch-ab) = 084d52bb2afbacf18b9d0793293d8ae333c67802
SHA1 (patch-ac) = b961c90a58a94f48daff417af146df98d5ec428c
Home |
Main Index |
Thread Index |
Old Index