Module Name:	pkgsrc
Committed By:	adrianp
Date:		Mon Sep 20 17:19:34 UTC 2004

Modified Files:
	pkgsrc/www/apache2: Makefile Makefile.common PLIST buildlink3.mk
	    distinfo
	pkgsrc/www/apache2/patches: patch-ar
Removed Files:
	pkgsrc/www/apache2/patches: patch-ah patch-as

Log Message:
- Update apache to 2.0.51
- Remove patch-as and patch-ah as they are now outdated and included in the src

- ok'ed snj@, wiz@
- Thanks to epg@ for final check

This version of Apache is principally a bug fix release. Of particular note
is that 2.0.51 addresses five security vulnerabilities:

An input validation issue in IPv6 literal address parsing which can result
in a negative length parameter being passed to memcpy.
[CAN-2004-0786]

A buffer overflow in configuration file parsing could allow a local user to
gain the privileges of a httpd child if the server can be forced to parse a
carefully crafted .htaccess file.
[CAN-2004-0747]

A segfault in mod_ssl which can be triggered by a malicious remote server,
if proxying to SSL servers has been configured.
[CAN-2004-0751]

A potential infinite loop in mod_ssl which could be triggered given
particular timing of a connection abort.
[CAN-2004-0748]

A segfault in mod_dav_fs which can be remotely triggered by an indirect lock
refresh request.
[CAN-2004-0809]

For further details, see http://www.apache.org/dist/httpd/Announcement2.html
and http://apache.rmplc.co.uk/httpd/CHANGES_2.0.


To generate a diff of this commit:
cvs rdiff -r1.43 -r1.44 pkgsrc/www/apache2/Makefile
cvs rdiff -r1.9 -r1.10 pkgsrc/www/apache2/Makefile.common
cvs rdiff -r1.22 -r1.23 pkgsrc/www/apache2/PLIST
cvs rdiff -r1.6 -r1.7 pkgsrc/www/apache2/buildlink3.mk
cvs rdiff -r1.27 -r1.28 pkgsrc/www/apache2/distinfo
cvs rdiff -r1.6 -r0 pkgsrc/www/apache2/patches/patch-ah
cvs rdiff -r1.2 -r1.3 pkgsrc/www/apache2/patches/patch-ar
cvs rdiff -r1.3 -r0 pkgsrc/www/apache2/patches/patch-as

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.