pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/apache24 apache24: updated to 2.4.41



details:   https://anonhg.NetBSD.org/pkgsrc/rev/be7f966f4db5
branches:  trunk
changeset: 399724:be7f966f4db5
user:      adam <adam%pkgsrc.org@localhost>
date:      Thu Aug 15 08:03:38 2019 +0000

description:
apache24: updated to 2.4.41

Changes with Apache 2.4.41

  *) SECURITY: CVE-2019-10081 (cve.mitre.org)
     mod_http2: HTTP/2 very early pushes, for example configured with "H2PushResource",
     could lead to an overwrite of memory in the pushing request's pool,
     leading to crashes. The memory copied is that of the configured push
     link header values, not data supplied by the client.

  *) SECURITY: CVE-2019-9517 (cve.mitre.org)
     mod_http2: a malicious client could perform a DoS attack by flooding
     a connection with requests and basically never reading responses
     on the TCP connection. Depending on h2 worker dimensioning, it was
     possible to block those with relatively few connections.

  *) SECURITY: CVE-2019-10098 (cve.mitre.org)
     rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable
     matches and substitutions with encoded line break characters.

  *) SECURITY: CVE-2019-10092 (cve.mitre.org)
     Remove HTML-escaped URLs from canned error responses to prevent misleading
     text/links being displayed via crafted links.

  *) SECURITY: CVE-2019-10097 (cve.mitre.org)
     mod_remoteip: Fix stack buffer overflow and NULL pointer deference
     when reading the PROXY protocol header.

  *) SECURITY: CVE-2019-10082 (cve.mitre.org)
     mod_http2: Using fuzzed network input, the http/2 session
     handling could be made to read memory after being freed,
     during connection shutdown.

  *) mod_proxy_balancer: Improve balancer-manager protection against
     XSS/XSRF attacks from trusted users.

  *) mod_session: Introduce SessionExpiryUpdateInterval which allows to
     configure the session/cookie expiry's update interval.

  *) modules/filters: Fix broken compilation when using old GCC (<4.2.x).

  *) mod_ssl: Fix startup failure in 2.4.40 with SSLCertificateChainFile
     configured for a domain managed by mod_md.

diffstat:

 www/apache24/Makefile         |  10 ++++------
 www/apache24/PLIST            |   5 ++++-
 www/apache24/distinfo         |  12 ++++++------
 www/apache24/patches/patch-ai |   4 ++--
 4 files changed, 16 insertions(+), 15 deletions(-)

diffs (108 lines):

diff -r 066610ed14a4 -r be7f966f4db5 www/apache24/Makefile
--- a/www/apache24/Makefile     Thu Aug 15 03:36:04 2019 +0000
+++ b/www/apache24/Makefile     Thu Aug 15 08:03:38 2019 +0000
@@ -1,13 +1,12 @@
-# $NetBSD: Makefile,v 1.83 2019/08/11 13:17:50 wiz Exp $
+# $NetBSD: Makefile,v 1.84 2019/08/15 08:03:38 adam Exp $
 #
 # When updating this package, make sure that no strings like
 # "PR 12345" are in the commit message. Upstream likes
 # to reference their own PRs this way, but this ends up
 # in NetBSD GNATS.
 
-DISTNAME=      httpd-2.4.39
+DISTNAME=      httpd-2.4.41
 PKGNAME=       ${DISTNAME:S/httpd/apache/}
-PKGREVISION=   4
 CATEGORIES=    www
 MASTER_SITES=  ${MASTER_SITE_APACHE:=httpd/}
 MASTER_SITES+= http://archive.apache.org/dist/httpd/
@@ -62,7 +61,7 @@
 
 # LDAP support
 PLIST_VARS+=           ldap
-.if exists(${LOCALBASE}/lib/apr-util-1/apr_ldap.la)
+.if exists(${PREFIX}/lib/apr-util-1/apr_ldap.la)
 DFLT_APACHE_MODULES+=  ldap authnz_ldap
 PLIST.ldap=            yes
 .endif
@@ -122,8 +121,7 @@
 SUBST_VARS.paths=      PREFIX
 SUBST_VARS.paths+=     VARBASE
 SUBST_SED.paths+=      -e "s|@SYSCONFDIR@|${PKG_SYSCONFDIR}|g"
-SUBST_VARS.paths+=     PAX
-SUBST_SED.paths+=      -e "s|@LOCALBASE@|${PREFIX}|g"
+SUBST_VARS.paths+=     PAX PREFIX
 
 SUBST_CLASSES+=                apr-lt
 SUBST_STAGE.apr-lt=    post-configure
diff -r 066610ed14a4 -r be7f966f4db5 www/apache24/PLIST
--- a/www/apache24/PLIST        Thu Aug 15 03:36:04 2019 +0000
+++ b/www/apache24/PLIST        Thu Aug 15 08:03:38 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.30 2019/06/07 11:26:20 tm Exp $
+@comment $NetBSD: PLIST,v 1.31 2019/08/15 08:03:38 adam Exp $
 bin/ab
 bin/apxs
 bin/dbmmanage
@@ -1218,6 +1218,8 @@
 share/httpd/manual/mod/mod_socache_memcache.html
 share/httpd/manual/mod/mod_socache_memcache.html.en
 share/httpd/manual/mod/mod_socache_memcache.html.fr.utf8
+share/httpd/manual/mod/mod_socache_redis.html
+share/httpd/manual/mod/mod_socache_redis.html.en
 share/httpd/manual/mod/mod_socache_shmcb.html
 share/httpd/manual/mod/mod_socache_shmcb.html.en
 share/httpd/manual/mod/mod_socache_shmcb.html.fr.utf8
@@ -1302,6 +1304,7 @@
 share/httpd/manual/mod/mpmt_os2.html.fr.utf8
 share/httpd/manual/mod/overrides.html
 share/httpd/manual/mod/overrides.html.en
+share/httpd/manual/mod/overrides.html.fr.utf8
 share/httpd/manual/mod/prefork.html
 share/httpd/manual/mod/prefork.html.de
 share/httpd/manual/mod/prefork.html.en
diff -r 066610ed14a4 -r be7f966f4db5 www/apache24/distinfo
--- a/www/apache24/distinfo     Thu Aug 15 03:36:04 2019 +0000
+++ b/www/apache24/distinfo     Thu Aug 15 08:03:38 2019 +0000
@@ -1,16 +1,16 @@
-$NetBSD: distinfo,v 1.40 2019/04/02 07:25:38 adam Exp $
+$NetBSD: distinfo,v 1.41 2019/08/15 08:03:39 adam Exp $
 
-SHA1 (httpd-2.4.39.tar.bz2) = 75695bb7bb589c308755bf496de8b34522133865
-RMD160 (httpd-2.4.39.tar.bz2) = 4ab6b73efdb326bd34e352ac34fd337f3fb5f60e
-SHA512 (httpd-2.4.39.tar.bz2) = 9742202040b3dc6344b301540f54b2d3f8e36898410d24206a7f8dcecb1bea7d7230fabc7256752724558af249facf64bffe2cf678b8f7cccb64076737abfda7
-Size (httpd-2.4.39.tar.bz2) = 7030539 bytes
+SHA1 (httpd-2.4.41.tar.bz2) = b46a02237f03384fa50ddbde9be62092dc23e684
+RMD160 (httpd-2.4.41.tar.bz2) = ed572c262222034a699ab55f12eaebbe070cecb7
+SHA512 (httpd-2.4.41.tar.bz2) = 350cc7dcd2c439e0590338fa6da3f44df44f9bb885c381e91f91b14c2f48597f6f0bbac0ea118a8a67eaa70ae7edbb769beace368643ed73f6daee44c307b335
+Size (httpd-2.4.41.tar.bz2) = 7072373 bytes
 SHA1 (patch-aa) = 9a66685f1d2e4710ab464beda98cbaad632aebf9
 SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
 SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d
 SHA1 (patch-ad) = 4ba4a9c812951f533fa316e5dbf17eaab5494157
 SHA1 (patch-ae) = 5bd3bf54e792bf8a2916d7e1b49b1702b02c6903
 SHA1 (patch-ag) = 50c7f0fab1cb90ac573f1c47f2d37f9c2a6247e1
-SHA1 (patch-ai) = 867ac81fd14b1bd6af048ec57390d915956e9568
+SHA1 (patch-ai) = d3870e46e41adc97c3fce86f9ffd224502ad6b0c
 SHA1 (patch-al) = 02d9ade5aac4270182063d5ad413970c832ee911
 SHA1 (patch-am) = acdf7198ae8b4353cfc70c8015a0f09de036b777
 SHA1 (patch-aw) = 43cd64df886853ef7b75b91ed20183f329fcc9df
diff -r 066610ed14a4 -r be7f966f4db5 www/apache24/patches/patch-ai
--- a/www/apache24/patches/patch-ai     Thu Aug 15 03:36:04 2019 +0000
+++ b/www/apache24/patches/patch-ai     Thu Aug 15 08:03:38 2019 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-ai,v 1.1.1.1 2012/04/13 18:50:49 ryoon Exp $
+$NetBSD: patch-ai,v 1.2 2019/08/15 08:03:39 adam Exp $
 
 --- support/apxs.in.orig       2010-06-22 17:12:44.000000000 +0000
 +++ support/apxs.in
@@ -10,7 +10,7 @@
 -chomp($libtool);
 +my $libtool = $ENV{'APR_LIBTOOL'};
 +unless ($libtool) {
-+      $libtool = `@LOCALBASE@/bin/apr-1-config --installbuilddir`;
++      $libtool = `@PREFIX@/bin/apr-1-config --installbuilddir`;
 +      chomp($libtool);
 +      $libtool = "$libtool/libtool";
 +}



Home | Main Index | Thread Index | Old Index