pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/apache24 apache24: updated to 2.4.33
details: https://anonhg.NetBSD.org/pkgsrc/rev/bda22e564455
branches: trunk
changeset: 378021:bda22e564455
user: adam <adam%pkgsrc.org@localhost>
date: Mon Mar 26 09:30:23 2018 +0000
description:
apache24: updated to 2.4.33
Changes with Apache 2.4.33
*) core: Fix request timeout logging and possible crash for error_log hooks.
*) mod_slomem_shm: Fix failure to create balancers's slotmems in Windows MPM,
where children processes need to attach them instead since they are owned
by the parent process already.
*) ab: try all destination socket addresses returned by
apr_sockaddr_info_get instead of failing on first one when not available.
Needed for instance if localhost resolves to both ::1 and 127.0.0.1
e.g. if both are in /etc/hosts.
*) ab: Use only one connection to determine working destination socket
address.
*) ab: LibreSSL doesn't have or require Windows applink.c.
*) htpasswd/htdigest: Disable support for bcrypt on EBCDIC platforms.
apr-util's bcrypt implementation doesn't tolerate EBCDIC.
*) htpasswd/htdbm: report the right limit when get_password() overflows.
*) htpasswd: Don't fail in -v mode if password file is unwritable.
*) htpasswd: don't point to (unused) stack memory on output
to make static analysers happy.
Changes with Apache 2.4.32
*) mod_access_compat: Fail if a comment is found in an Allow or Deny
directive.
*) mod_authz_host: Ignore comments after "Require host", logging a
warning, or logging an error if the line is otherwise empty.
*) rotatelogs: Fix expansion of %Z in localtime (-l) mode, and fix
Y2K38 bug.
*) mod_ssl: Support SSL DN raw variable extraction without conversion
to UTF-8, using _RAW suffix on variable names.
*) ab: Fix https:// connection failures (regression in 2.4.30); fix
crash generating CSV output for large -n.
Changes with Apache 2.4.31
*) mod_proxy_fcgi: Add the support for mod_proxy's flushpackets and flushwait
parameters.
*) mod_ldap: Avoid possible crashes, hangs, and busy loops due to
improper merging of the cache lock in vhost config.
*) mpm_event: Do lingering close in worker(s).
*) mpm_queue: Put fdqueue code in common for MPMs event and worker.
Changes with Apache 2.4.30
*) SECURITY: CVE-2017-15710 (cve.mitre.org)
Out of bound write in mod_authnz_ldap with AuthLDAPCharsetConfig enabled
*) CVE-2018-1283 (cve.mitre.org)
mod_session: CGI-like applications that intend to read from mod_session's
'SessionEnv ON' could be fooled into reading user-supplied data instead.
*) SECURITY: CVE-2018-1303 (cve.mitre.org)
mod_cache_socache: Fix request headers parsing to avoid a possible crash
with specially crafted input data.
*) CVE-2018-1301 (cve.mitre.org)
core: Possible crash with excessively long HTTP request headers.
Impractical to exploit with a production build and production LogLevel.
*) mod_authnz_ldap: Fix language long names detection as short name.
*) mod_proxy: Worker schemes and hostnames which are too large are no
longer fatal errors; it is logged and the truncated values are stored.
*) CVE-2017-15715 (cve.mitre.org)
core: Configure the regular expression engine to match '$' to the end of
the input string only, excluding matching the end of any embedded
newline characters. Behavior can be changed with new directive
'RegexDefaultOptions'.
*) SECURITY: CVE-2018-1312 (cve.mitre.org)
mod_auth_digest: Fix generation of nonce values to prevent replay
attacks across servers using a common Digest domain. This change
may cause problems if used with round robin load balancers.
*) mod_proxy: Allow setting options to globally defined balancer from
ProxyPass used in VirtualHost. Balancers are now merged using the new
merge_balancers method which merges the balancers options.
*) logresolve: Fix incorrect behavior or segfault if -c flag is used
Fixes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823259
*) mod_remoteip: Add support for PROXY protocol (code donated by Cloudzilla).
Add ability for PROXY protocol processing to be optional to donated code.
See also: http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt
*) mod_proxy, mod_ssl: Handle SSLProxy* directives in <Proxy> sections,
allowing per backend TLS configuration.
*) mod_proxy_uwsgi: Add in UWSGI proxy (sub)module.
*) mod_proxy_balancer,mod_slotmem_shm: Rework SHM reuse/deletion to not
depend on the number of restarts (non-Unix systems) and preserve shared
*) CVE-2018-1302 (cve.mitre.org)
mod_http2: Potential crash w/ mod_http2.
names as much as possible on configuration changes for SHMs and persisted
files.
*) mod_http2: obsolete code removed, no more events on beam pool destruction,
discourage content encoders on http2-status response (where they do not work).
*) mpm_event: Let the listener thread do its maintenance job on resources
shortage.
*) mpm_event: Wakeup the listener to re-enable listening sockets.
*) mod_ssl: The SSLCompression directive will now give an error if used
with an OpenSSL build which does not support any compression methods.
*) mpm_event,worker: Mask signals for threads created by modules in child
init, so that they don't receive (implicitely) the ones meant for the MPM.
*) mod_md: new experimental, module for managing domains across virtual hosts,
implementing the Let's Encrypt ACMEv1 protocol to signup and renew
certificates. Please read the modules documentation for further instructions
on how to use it.
*) mod_proxy_html: skip documents shorter than 4 bytes
*) core, mpm_event: Avoid a small memory leak of the scoreboard handle, for
the lifetime of the connection, each time it is processed by MPM event.
*) mpm_event: Update scoreboard status for KeepAlive state.
*) mod_ldap: Fix a case where a full LDAP cache would continually fail to
purge old entries and log AH01323.
*) mpm_event: close connections not reported as handled by any module to
avoid losing track of them and leaking scoreboard entries.
*) core: A signal received while stopping could have crashed the main
process.
*) mod_ssl: support for mod_md added.
*) mod_proxy_html: process parsed comments immediately.
Fixes bug (seen in the wild when used with IBM's HTTPD bundle)
where parsed comments may be lost.
*) mod_proxy_html: introduce doctype for HTML 5
*) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
HTML/XHTML.
*) mpm_event: avoid a very unlikely race condition between the listener and
the workers when the latter fails to add a connection to the pollset.
*) core: silently ignore a not existent file path when IncludeOptional
is used.
*) mod_macro: fix usability of globally defined macros in .htaccess files.
*) mod_rewrite, core: add the Vary header when a condition evaluates to true
and the related RewriteRule is used in a Directory context
(triggering an internal redirect).
*) ab: Make the TLS layer aware that the underlying socket is nonblocking,
and use/handle POLLOUT where needed to avoid busy IOs and recover write
errors when appropriate.
*) ab: Keep reading nonblocking to exhaust TCP or SSL buffers when previous
read was incomplete (the SSL case can cause the next poll() to timeout
since data are buffered already).
*) mod_http2: avoid unnecessary data retrieval for a trace log. Allow certain
information retrievals on null bucket beams where it makes sense.
diffstat:
www/apache24/Makefile | 5 ++---
www/apache24/PLIST | 7 ++++++-
www/apache24/distinfo | 10 +++++-----
3 files changed, 13 insertions(+), 9 deletions(-)
diffs (72 lines):
diff -r 5b7e485d5827 -r bda22e564455 www/apache24/Makefile
--- a/www/apache24/Makefile Mon Mar 26 02:33:41 2018 +0000
+++ b/www/apache24/Makefile Mon Mar 26 09:30:23 2018 +0000
@@ -1,13 +1,12 @@
-# $NetBSD: Makefile,v 1.66 2018/01/25 14:01:27 jperkin Exp $
+# $NetBSD: Makefile,v 1.67 2018/03/26 09:30:23 adam Exp $
#
# When updating this package, make sure that no strings like
# "PR 12345" are in the commit message. Upstream likes
# to reference their own PRs this way, but this ends up
# in NetBSD GNATS.
-DISTNAME= httpd-2.4.29
+DISTNAME= httpd-2.4.33
PKGNAME= ${DISTNAME:S/httpd/apache/}
-PKGREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/}
MASTER_SITES+= http://archive.apache.org/dist/httpd/
diff -r 5b7e485d5827 -r bda22e564455 www/apache24/PLIST
--- a/www/apache24/PLIST Mon Mar 26 02:33:41 2018 +0000
+++ b/www/apache24/PLIST Mon Mar 26 09:30:23 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.24 2017/10/23 21:12:44 adam Exp $
+@comment $NetBSD: PLIST,v 1.25 2018/03/26 09:30:23 adam Exp $
bin/ab
bin/apxs
bin/dbmmanage
@@ -152,6 +152,7 @@
lib/httpd/mod_proxy_hcheck.so
lib/httpd/mod_proxy_http.so
lib/httpd/mod_proxy_scgi.so
+lib/httpd/mod_proxy_uwsgi.so
lib/httpd/mod_proxy_wstunnel.so
lib/httpd/mod_ratelimit.so
lib/httpd/mod_reflector.so
@@ -1079,6 +1080,8 @@
share/httpd/manual/mod/mod_macro.html
share/httpd/manual/mod/mod_macro.html.en
share/httpd/manual/mod/mod_macro.html.fr
+share/httpd/manual/mod/mod_md.html
+share/httpd/manual/mod/mod_md.html.en
share/httpd/manual/mod/mod_mime.html
share/httpd/manual/mod/mod_mime.html.en
share/httpd/manual/mod/mod_mime.html.fr
@@ -1137,6 +1140,8 @@
share/httpd/manual/mod/mod_proxy_scgi.html
share/httpd/manual/mod/mod_proxy_scgi.html.en
share/httpd/manual/mod/mod_proxy_scgi.html.fr
+share/httpd/manual/mod/mod_proxy_uwsgi.html
+share/httpd/manual/mod/mod_proxy_uwsgi.html.en
share/httpd/manual/mod/mod_proxy_wstunnel.html
share/httpd/manual/mod/mod_proxy_wstunnel.html.en
share/httpd/manual/mod/mod_ratelimit.html
diff -r 5b7e485d5827 -r bda22e564455 www/apache24/distinfo
--- a/www/apache24/distinfo Mon Mar 26 02:33:41 2018 +0000
+++ b/www/apache24/distinfo Mon Mar 26 09:30:23 2018 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.34 2017/10/23 21:12:44 adam Exp $
+$NetBSD: distinfo,v 1.35 2018/03/26 09:30:23 adam Exp $
-SHA1 (httpd-2.4.29.tar.bz2) = d99137fe45c6267653350f888bf745a3d242ddbe
-RMD160 (httpd-2.4.29.tar.bz2) = f4fad8391f88574b576336bb02c2f40373aa4d28
-SHA512 (httpd-2.4.29.tar.bz2) = 840982fd3d21463bc5c1747f211dfacf3abdf634d149e49bb49fd2e5deda140de602dbdf31e1bbe5337a48f718ab2261c408e83a8dd39a9291ee7b6b7a85639a
-Size (httpd-2.4.29.tar.bz2) = 6567926 bytes
+SHA1 (httpd-2.4.33.tar.bz2) = 9e56042515793a6992adc4b9f3a0345a0cb98176
+RMD160 (httpd-2.4.33.tar.bz2) = 5c8758954913c09549a01e40a7a5e59b54705f8e
+SHA512 (httpd-2.4.33.tar.bz2) = e74b2b3346d67be45a8bc8a7cbb8eabf5c403a5cfe5797a976f94a539529843fbcdf03b9ca0548816b2cf37f4ce0eb301f8d5af25b1270fdf8dd9f5bf0585269
+Size (httpd-2.4.33.tar.bz2) = 6934765 bytes
SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839
SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d
Home |
Main Index |
Thread Index |
Old Index