pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/apache24



Module Name:    pkgsrc
Committed By:   wiz
Date:           Mon Apr  6 08:27:26 UTC 2020

Modified Files:
        pkgsrc/www/apache24: Makefile PLIST distinfo

Log Message:
apache: update to 2.4.43.

Changes with Apache 2.4.43

  *) mod_ssl: Fix memory leak of OCSP stapling response. [Yann Ylavic]

Changes with Apache 2.4.42

  *) mod_proxy_http: Fix the forwarding of requests with content body when a
     balancer member is unavailable; the retry on the next member was issued
     with an empty body (regression introduced in 2.4.41). PR63891.
     [Yann Ylavic]

  *) mod_http2: Fixes issue where mod_unique_id would generate non-unique request
     identifier under load, see <https://github.com/icing/mod_h2/issues/195>.
     [Michael Kaufmann, Stefan Eissing]

  *) mod_proxy_hcheck: Allow healthcheck expressions to use %{Content-Type}.
     PR64140. [Renier Velazco <renier.velazco upr.edu>]

  *) mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info".
     PR64172.

  *) mod_usertrack: Add CookieSameSite, CookieHTTPOnly, and CookieSecure
     to allow customization of the usertrack cookie. PR64077.
     [Prashant Keshvani <prashant2400 gmail.com>, Eric Covener]

  *) mod_proxy_ajp: Add "secret" parameter to proxy workers to implement legacy
     AJP13 authentication.  PR 53098. [Dmitry A. Bakshaev <dab1818 gmail com>]

  *) mpm_event: avoid possible KeepAliveTimeout off by -100 ms.
     [Eric Covener, Yann Ylavic]

  *) Add a config layout for OpenWRT. [Graham Leggett]

  *) Add support for cross compiling to apxs. If apxs is being executed from
     somewhere other than its target location, add that prefix to includes and
     library directories. Without this, apxs would fail to find config_vars.mk
     and exit. [Graham Leggett]

  *) mod_ssl: Disable client verification on ACME ALPN challenges. Fixes github
     issue mod_md#172 (https://github.com/icing/mod_md/issues/172).
     [Michael Kaufmann <mail michael-kaufmann.ch>, Stefan Eissing]

  *) mod_ssl: use OPENSSL_init_ssl() to initialise OpenSSL on versions 1.1+.
     [Graham Leggett]

  *) mod_ssl: Support use of private keys and certificates from an
     OpenSSL ENGINE via PKCS#11 URIs in SSLCertificateFile/KeyFile.
     [Anderson Sasaki <ansasaki redhat.com>, Joe Orton]

  *) mod_md:
     - Prefer MDContactEmail directive to ServerAdmin for registration. New directive
       thanks to Timothe Litt (@tlhackque).
     - protocol check for pre-configured "tls-alpn-01" challenge has been improved. It will now
       check all matching virtual hosts for protocol support. Thanks to @mkauf.
     - Corrected a check when OCSP stapling was configured for hosts
       where the responsible MDomain is not clear, by Michal Karm Babacek (@Karm).
     - Softening the restrictions where mod_md configuration directives may appear. This should
       allow for use in <If> and <Macro> sections. If all possible variations lead to the configuration
       you wanted in the first place, is another matter.
     [Michael Kaufmann <mail michael-kaufmann.ch>, Timothe Litt (@tlhackque),
      Michal Karm Babacek (@Karm), Stefan Eissing (@icing)]

  *) test: Added continuous testing with Travis CI.
     This tests various scenarios on Ubuntu with the full test suite.
     Architectures tested: amd64, s390x, ppc64le, arm64
     The tests pass successfully.
     [Luca Toscano, Joe Orton, Mike Rumph, and others]

  *) core: Be stricter in parsing of Transfer-Encoding headers.
     [ZeddYu <zeddyu.lu gmail.com>, Eric Covener]

  *) mod_ssl: negotiate the TLS protocol version per name based vhost
     configuration, when linked with OpenSSL-1.1.1 or later. The base vhost's
     SSLProtocol (from the first vhost declared on the IP:port) is now only
     relevant if no SSLProtocol is declared for the vhost or globally,
     otherwise the vhost or global value apply.  [Yann Ylavic]

  *) mod_cgi, mod_cgid: Fix a memory leak in some error cases with large script
     output.  PR 64096.  [Joe Orton]

  *) config: Speed up graceful restarts by using pre-hashed command table. PR 64066.
     [Giovanni Bechis <giovanni paclan.it>, Jim Jagielski]

  *) mod_systemd: New module providing integration with systemd.  [Jan Kaluza]

  *) mod_lua: Add r:headers_in_table, r:headers_out_table, r:err_headers_out_table,
     r:notes_table, r:subprocess_env_table as read-only native table alternatives
     that can be iterated over. [Eric Covener]

  *) mod_http2: Fixed rare cases where a h2 worker could deadlock the main connection.
     [Yann Ylavic, Stefan Eissing]

  *) mod_lua: Accept nil assignments to the exposed tables (r.subprocess_env,
     r.headers_out, etc) to remove the key from the table. PR63971.
     [Eric Covener]

  *) mod_http2: Fixed interaction with mod_reqtimeout. A loaded mod_http2 was disabling the
     ssl handshake timeouts. Also, fixed a mistake of the last version that made `H2Direct`
     always `on`, regardless of configuration. Found and reported by
     <Armin.Abfalterer%united-security-providers.ch@localhost> and
     <Marcial.Rion%united-security-providers.ch@localhost>. [Stefan Eissing]

  *) mod_http2: Multiple field length violations in the same request no longer cause
     several log entries to be written. [@mkauf]

  *) mod_ssl: OCSP does not apply to proxy mode.  PR 63679.
     [Lubos Uhliarik <luhliari redhat.com>, Yann Ylavic]

  *) mod_proxy_html, mod_xml2enc: Fix build issues with macOS due to r1864469
     [Jim Jagielski]

  *) mod_authn_socache: Increase the maximum length of strings that can be cached by
     the module from 100 to 256.  PR 62149 [<thorsten.meinl knime.com>]

  *) mod_proxy: Fix crash by resolving pool concurrency problems. PR 63503
     [Ruediger Pluem, Eric Covener]

  *) core: On Windows, fix a start-up crash if <IfFile ...> is used with a path that is not
     valid (For example, testing for a file on a flash drive that is not mounted)
     [Christophe Jaillet]

  *) mod_deflate, mod_brotli: honor "Accept-Encoding: foo;q=0" as per RFC 7231; which
     means 'foo' is "not acceptable".  PR 58158 [Chistophe Jaillet]

  *) mod_md v2.2.3:
     - Configuring MDCAChallenges replaces any previous existing challenge configuration. It
       had been additive before which was not the intended behaviour. [@mkauf]
     - Fixing order of ACME challenges used when nothing else configured. Code now behaves as
       documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
     - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
     - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
       "transfer-encoding" to POST requests. This failed in directy communication with
       Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing. [Stefan Eissing]

  *) mod_md: Adding the several new features.
     The module offers an implementation of OCSP Stapling that can replace fully or
     for a limited set of domains the existing one from mod_ssl. OCSP handling
     is part of mod_md's monitoring and message notifications. If can be used
     for sites that do not have ACME certificates.
     The url for a CTLog Monitor can be configured. It is used in the server-status
     to link to the external status page of a certicate.
     The MDMessageCmd is called with argument "installed" when a new certificate
     has been activated on server restart/reload. This allows for processing of
     the new certificate, for example to applications that require it in different
     locations or formats.
     [Stefan Eissing]

  *) mod_proxy_balancer: Fix case-sensitive referer check related to CSRF/XSS
     protection. PR 63688. [Armin Abfalterer <a.abfalterer gmail.com>]


To generate a diff of this commit:
cvs rdiff -u -r1.88 -r1.89 pkgsrc/www/apache24/Makefile
cvs rdiff -u -r1.31 -r1.32 pkgsrc/www/apache24/PLIST
cvs rdiff -u -r1.41 -r1.42 pkgsrc/www/apache24/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/apache24/Makefile
diff -u pkgsrc/www/apache24/Makefile:1.88 pkgsrc/www/apache24/Makefile:1.89
--- pkgsrc/www/apache24/Makefile:1.88   Sat Jan 18 21:48:29 2020
+++ pkgsrc/www/apache24/Makefile        Mon Apr  6 08:27:26 2020
@@ -1,13 +1,12 @@
-# $NetBSD: Makefile,v 1.88 2020/01/18 21:48:29 jperkin Exp $
+# $NetBSD: Makefile,v 1.89 2020/04/06 08:27:26 wiz Exp $
 #
 # When updating this package, make sure that no strings like
 # "PR 12345" are in the commit message. Upstream likes
 # to reference their own PRs this way, but this ends up
 # in NetBSD GNATS.
 
-DISTNAME=      httpd-2.4.41
+DISTNAME=      httpd-2.4.43
 PKGNAME=       ${DISTNAME:S/httpd/apache/}
-PKGREVISION=   3
 CATEGORIES=    www
 MASTER_SITES=  ${MASTER_SITE_APACHE:=httpd/}
 MASTER_SITES+= http://archive.apache.org/dist/httpd/

Index: pkgsrc/www/apache24/PLIST
diff -u pkgsrc/www/apache24/PLIST:1.31 pkgsrc/www/apache24/PLIST:1.32
--- pkgsrc/www/apache24/PLIST:1.31      Thu Aug 15 08:03:38 2019
+++ pkgsrc/www/apache24/PLIST   Mon Apr  6 08:27:26 2020
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.31 2019/08/15 08:03:38 adam Exp $
+@comment $NetBSD: PLIST,v 1.32 2020/04/06 08:27:26 wiz Exp $
 bin/ab
 bin/apxs
 bin/dbmmanage
@@ -1092,6 +1092,7 @@ share/httpd/manual/mod/mod_macro.html.en
 share/httpd/manual/mod/mod_macro.html.fr.utf8
 share/httpd/manual/mod/mod_md.html
 share/httpd/manual/mod/mod_md.html.en
+share/httpd/manual/mod/mod_md.html.fr.utf8
 share/httpd/manual/mod/mod_mime.html
 share/httpd/manual/mod/mod_mime.html.en
 share/httpd/manual/mod/mod_mime.html.fr.utf8
@@ -1154,6 +1155,7 @@ share/httpd/manual/mod/mod_proxy_scgi.ht
 share/httpd/manual/mod/mod_proxy_scgi.html.fr.utf8
 share/httpd/manual/mod/mod_proxy_uwsgi.html
 share/httpd/manual/mod/mod_proxy_uwsgi.html.en
+share/httpd/manual/mod/mod_proxy_uwsgi.html.fr.utf8
 share/httpd/manual/mod/mod_proxy_wstunnel.html
 share/httpd/manual/mod/mod_proxy_wstunnel.html.en
 share/httpd/manual/mod/mod_proxy_wstunnel.html.fr.utf8
@@ -1220,6 +1222,7 @@ share/httpd/manual/mod/mod_socache_memca
 share/httpd/manual/mod/mod_socache_memcache.html.fr.utf8
 share/httpd/manual/mod/mod_socache_redis.html
 share/httpd/manual/mod/mod_socache_redis.html.en
+share/httpd/manual/mod/mod_socache_redis.html.fr.utf8
 share/httpd/manual/mod/mod_socache_shmcb.html
 share/httpd/manual/mod/mod_socache_shmcb.html.en
 share/httpd/manual/mod/mod_socache_shmcb.html.fr.utf8
@@ -1246,6 +1249,9 @@ share/httpd/manual/mod/mod_suexec.html.f
 share/httpd/manual/mod/mod_suexec.html.ja.utf8
 share/httpd/manual/mod/mod_suexec.html.ko.euc-kr
 share/httpd/manual/mod/mod_suexec.html.tr.utf8
+share/httpd/manual/mod/mod_systemd.html
+share/httpd/manual/mod/mod_systemd.html.en
+share/httpd/manual/mod/mod_systemd.html.fr.utf8
 share/httpd/manual/mod/mod_unique_id.html
 share/httpd/manual/mod/mod_unique_id.html.en
 share/httpd/manual/mod/mod_unique_id.html.fr.utf8
@@ -1637,5 +1643,3 @@ share/httpd/manual/vhosts/name-based.htm
 share/httpd/manual/vhosts/name-based.html.ja.utf8
 share/httpd/manual/vhosts/name-based.html.ko.euc-kr
 share/httpd/manual/vhosts/name-based.html.tr.utf8
-@pkgdir share/httpd/manual/style/xsl/util
-@pkgdir share/httpd/manual/style/lang

Index: pkgsrc/www/apache24/distinfo
diff -u pkgsrc/www/apache24/distinfo:1.41 pkgsrc/www/apache24/distinfo:1.42
--- pkgsrc/www/apache24/distinfo:1.41   Thu Aug 15 08:03:39 2019
+++ pkgsrc/www/apache24/distinfo        Mon Apr  6 08:27:26 2020
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.41 2019/08/15 08:03:39 adam Exp $
+$NetBSD: distinfo,v 1.42 2020/04/06 08:27:26 wiz Exp $
 
-SHA1 (httpd-2.4.41.tar.bz2) = b46a02237f03384fa50ddbde9be62092dc23e684
-RMD160 (httpd-2.4.41.tar.bz2) = ed572c262222034a699ab55f12eaebbe070cecb7
-SHA512 (httpd-2.4.41.tar.bz2) = 350cc7dcd2c439e0590338fa6da3f44df44f9bb885c381e91f91b14c2f48597f6f0bbac0ea118a8a67eaa70ae7edbb769beace368643ed73f6daee44c307b335
-Size (httpd-2.4.41.tar.bz2) = 7072373 bytes
+SHA1 (httpd-2.4.43.tar.bz2) = fc078df062503ffcf19319c4bf4e8cf27fe30cb4
+RMD160 (httpd-2.4.43.tar.bz2) = 8ccc599b50478330e5505bf75780145d80f4f4ce
+SHA512 (httpd-2.4.43.tar.bz2) = 16cfeecc8f6fab6eca478065a384bdf1872f7ac42206b0bc2bcac6c0d9c576f392c07107201f39e0601dec1bbafcb33d66153544de4d87d79b9a52094d334b64
+Size (httpd-2.4.43.tar.bz2) = 7155865 bytes
 SHA1 (patch-aa) = 9a66685f1d2e4710ab464beda98cbaad632aebf9
 SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
 SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d



Home | Main Index | Thread Index | Old Index