Permalink
Browse files

Update to 2.4.2

* Disable mod_proxy_html explicitly.

Changes with Apache 2.4.2

  *) SECURITY: CVE-2012-0883 (cve.mitre.org)
     envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
     current working directory to be searched for DSOs. [Stefan Fritsch]

  *) mod_slotmem_shm: Honor DefaultRuntimeDir [Jim Jagielski]

  *) mod_ssl: Fix crash with threaded MPMs due to race condition when
     initializing EC temporary keys. [Stefan Fritsch]

  *) mod_proxy: Add the forcerecovery balancer parameter that determines if
     recovery for balancer workers is enforced. [Ruediger Pluem]

  *) Fix MPM DSO load failure on AIX.  [Jeff Trawick]

  *) mod_proxy: Correctly set up reverse proxy worker. PR 52935.
     [Petter Berntsen <petterb gmail.com>]

  *) mod_sed: Don't define PATH_MAX to a potentially undefined value, causing
     compile problems on GNU hurd. [Stefan Fritsch]

  *) core: Add ap_runtime_dir_relative() and DefaultRuntimeDir.
     [Jeff Trawick]

  *) core: Fix breakage of Listen directives with MPMs that use a
     per-directory config. PR 52904. [Stefan Fritsch]

  *) core: Disallow directives in AllowOverrideList which are only allowed
     in VirtualHost or server context. These are usually not prepared to be
     called in .htaccess files. [Stefan Fritsch]

  *) core: In AllowOverrideList, do not allow 'None' together with other
     directives. PR 52823. [Stefan Fritsch]

  *) mod_slotmem_shm: Support DEFAULT_REL_RUNTIMEDIR for file-based shm.
     [Jim Jagielski]

  *) core: Fix merging of AllowOverrideList and ContentDigest.
     [Stefan Fritsch]

  *) mod_request: Fix validation of the KeptBodySize argument so it
     doesn't always throw a configuration error. PR 52981 [Eric Covener]

  *) core: Add filesystem paths to access denied / access failed messages
     AH00035 and AH00036. [Eric Covener]

  *) mod_dumpio: Properly handle errors from subsequent input filters.
     PR 52914. [Stefan Fritsch]

  *) Unix MPMs: Fix small memory leak in parent process if connect()
     failed when waking up children.  [Joe Orton]

  *) "DirectoryIndex disabled" now undoes DirectoryIndex settings in
     the current configuration section, not just previous config sections.
     PR 52845. [Eric Covener]

  *) mod_xml2enc: Fix broken handling of EOS buckets which could lead to
     response headers not being sent. PR 52766. [Stefan Fritsch]

  *) mod_ssl: Properly free the GENERAL_NAMEs. PR 32652. [Kaspar Brand]

  *) core: Check during config test that directories for the access
     logs actually exist. PR 29941. [Stefan Fritsch]

  *) mod_xml2enc, mod_proxy_html: Enable per-module loglevels.
     [Stefan Fritsch]

  *) mod_filter: Fix segfault with AddOutputFilterByType. PR 52755.
     [Stefan Fritsch]

  *) mod_session: Sessions are encoded as application/x-www-form-urlencoded
     strings, however we do not handle the encoding of spaces properly.
     Fixed. [Graham Leggett]

  *) Configuration: Example in comment should use a path consistent
     with the default configuration. PR 52715.
     [Rich Bowen, Jens Schleusener, Rainer Jung]

  *) Configuration: Switch documentation links from trunk to 2.4.
     [Rainer Jung]

  *) configure: Fix out of tree build using apr and apr-util in srclib.
     [Rainer Jung]
  • Loading branch information...
ryoon
ryoon committed Apr 18, 2012
1 parent d14f2e3 commit 886c61f81303e57ca4a63b73e9a611850ec6869d
Showing with 14 additions and 8 deletions.
  1. +3 −3 www/apache24/Makefile
  2. +7 −1 www/apache24/PLIST
  3. +4 −4 www/apache24/distinfo
View
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.4 2012/04/15 12:23:49 ryoon Exp $
+# $NetBSD: Makefile,v 1.5 2012/04/18 11:27:01 ryoon Exp $
-DISTNAME= httpd-2.4.1
+DISTNAME= httpd-2.4.2
PKGNAME= ${DISTNAME:S/httpd/apache/}
-PKGREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
http://archive.apache.org/dist/httpd/ \
@@ -43,6 +42,7 @@ CONFIGURE_ENV+= CFLAGS=${APACHE_CUSTOM_CFLAGS:M*:Q}
.include "../../mk/pthread.buildlink3.mk"
CONFIGURE_ARGS+= --disable-xml2enc
+CONFIGURE_ARGS+= --disable-proxy-html
DFLT_APACHE_MODULES+= all
APACHE_MODULES?= ${DFLT_APACHE_MODULES}
View
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2012/04/15 12:23:49 ryoon Exp $
+@comment $NetBSD: PLIST,v 1.5 2012/04/18 11:27:01 ryoon Exp $
bin/ab
bin/apxs
bin/dbmmanage
@@ -172,6 +172,7 @@ libexec/cgi-bin/test-cgi
man/man1/ab.1
man/man1/apxs.1
man/man1/dbmmanage.1
+man/man8/fcgistarter.8
man/man1/htdbm.1
man/man1/htdigest.1
man/man1/htpasswd.1
@@ -976,6 +977,7 @@ share/httpd/manual/mod/mod_logio.html.ko.euc-kr
share/httpd/manual/mod/mod_logio.html.tr.utf8
share/httpd/manual/mod/mod_lua.html
share/httpd/manual/mod/mod_lua.html.en
+share/httpd/manual/mod/mod_lua.html.fr
share/httpd/manual/mod/mod_mime.html
share/httpd/manual/mod/mod_mime.html.en
share/httpd/manual/mod/mod_mime.html.ja.utf8
@@ -1266,15 +1268,19 @@ share/httpd/manual/programs/suexec.html.ko.euc-kr
share/httpd/manual/programs/suexec.html.tr.utf8
share/httpd/manual/rewrite/access.html
share/httpd/manual/rewrite/access.html.en
+share/httpd/manual/rewrite/access.html.fr
share/httpd/manual/rewrite/advanced.html
share/httpd/manual/rewrite/advanced.html.en
+share/httpd/manual/rewrite/advanced.html.fr
share/httpd/manual/rewrite/avoid.html
share/httpd/manual/rewrite/avoid.html.en
+share/httpd/manual/rewrite/avoid.html.fr
share/httpd/manual/rewrite/flags.html
share/httpd/manual/rewrite/flags.html.en
share/httpd/manual/rewrite/flags.html.fr
share/httpd/manual/rewrite/htaccess.html
share/httpd/manual/rewrite/htaccess.html.en
+share/httpd/manual/rewrite/htaccess.html.fr
share/httpd/manual/rewrite/index.html
share/httpd/manual/rewrite/index.html.en
share/httpd/manual/rewrite/index.html.fr
View
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.1.1.1 2012/04/13 18:50:49 ryoon Exp $
+$NetBSD: distinfo,v 1.2 2012/04/18 11:27:01 ryoon Exp $
-SHA1 (httpd-2.4.1.tar.bz2) = 23beffce77529971e09d0fb1e760cadf80afa4e6
-RMD160 (httpd-2.4.1.tar.bz2) = 6d21d828028ce1cff8648fb29c8eb1b75fd96451
-Size (httpd-2.4.1.tar.bz2) = 4101303 bytes
+SHA1 (httpd-2.4.2.tar.bz2) = 8d391db515edfb6623c0c7c6ce5c1b2e1f7c64c2
+RMD160 (httpd-2.4.2.tar.bz2) = 1b97ab44075bea0f398f507dacb5f719a87b720b
+Size (httpd-2.4.2.tar.bz2) = 4132105 bytes
SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839
SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d

0 comments on commit 886c61f

Please sign in to comment.