FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Fri, 13 May 2011
[ 23:02:38 ohauer ] Original commit 
apache22 www files touched by this commit  An older version of this port was marked as vulnerable. Version 2.2.x of Apache web server with prefork MPM.
- update to version 2.2.18


Changes with Apache 2.2.18

  *) Log an error for failures to read a chunk-size, and return 408 instead
     413 when this is due to a read timeout.  This change also fixes some cases
     of two error documents being sent in the response for the same scenario.
     [Eric Covener] PR49167

  *) core: Only log a 408 if it is no keepalive timeout. PR 39785
     [Ruediger Pluem,  Mark Montague <markmont>]

  *) core: Treat timeout reading request as 408 error, not 400.
     Log 408 errors in access log as was done in Apache 1.3.x.
     PR 39785 [Nobutaka Mantani <nobutaka>, Stefan Fritsch,
     Dan Poirier]

  *) Core HTTP: disable keepalive when the Client has sent
     Expect: 100-continue
     but we respond directly with a non-100 response.  Keepalive here led
     to data from clients continuing being treated as a new request.
     PR 47087.  [Nick Kew]

  *) htpasswd: Change the default algorithm for htpasswd to MD5 on all
     platforms. Crypt with its 8 character limit is not useful anymore;
     improve out of disk space handling (PR 30877); print a warning if
     a password is truncated by crypt. [Stefan Fritsch]

  *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI.
     Win32's cscript interpreter can only use a single quote as comment char.
     [Guenter Knauf]

  *) configure: Fix htpasswd/htdbm libcrypt link errors with some newer
     linkers. [Stefan Fritsch]

  *) MinGW build improvements.  PR 49535.  [John Vandenberg
     <jayvdb>, Jeff Trawick]

  *) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support.
     [Stefan Fritsch]

  *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
     in request URL path info but not decode them. PR 35256,
     PR 46830.  [Dan Poirier]

  *) mod_rewrite: Allow to unset environment variables. PR 50746.
     [Rainer Jung]

  *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
     binary (Suexec Off), or force startup failure if suEXEC is required
     but not supported (Suexec On).  [Jeff Trawick]

  *) mod_proxy: Put the worker in error state if the SSL handshake with the
     backend fails. PR 50332.
     [Daniel Ruggeri <DRuggeri>, Ruediger Pluem]

  *) prefork: Update MPM state in children during a graceful restart.
     Allow the HTTP connection handling loop to terminate early
     during a graceful restart.  PR 41743.
     [Andrew Punch <andrew.punch>]

  *) mod_ssl: Correctly read full lines in input filter when the line is
     incomplete during first read. PR 50481. [Ruediger Pluem]

  *) mod_autoindex: Merge IndexOptions from server to directory context when
     the directory has no mod_autoindex directives. PR 47766. [Eric Covener]

  *) mod_cache: Make sure that we never allow a 304 Not Modified response
     that we asked for to leak to the client should the 304 response be
     uncacheable. PR45341 [Graham Leggett]

  *) mod_dav: Send 400 error if malformed Content-Range header is received for
     a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch]

  *) mod_userdir: Add merging of enable, disable, and filename arguments
     to UserDir directive, leaving enable/disable of userlists unmerged.
     PR 44076 [Eric Covener]

  *) core: Honor 'AcceptPathInfo OFF' during internal redirects,
     such as per-directory mod_rewrite substitutions.  PR 50349.
     [Eric Covener]

  *) mod_cache: Check the request to determine whether we are allowed
     to return cached content at all, and respect a "Cache-Control:
     no-cache" header from a client. Previously, "no-cache" would
     behave like "max-age=0". [Graham Leggett]

  *) mod_mem_cache: Add a debug msg when a streaming response exceeds
     MCacheMaxStreamingBuffer, since mod_cache will follow up with a scary
     'memory allocation failed' debug message. PR 49604. [Eric Covener]

  *) proxy_connect: Don't give up in the middle of a CONNECT tunnel
     when the child process is starting to exit.  PR50220. [Eric Covener]

PR:             156997
Submitted by:   Tsurutani Naoki <turutani _at_>

Number of ports [& non-ports] in this commit: 1

show all files

User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
How big is it?
The latest upgrade!

Enter Keywords:

Latest Vulnerabilities
php53Aug 18
phpmyadminAug 17
chromiumAug 13
serfAug 11
subversionAug 11
subversion17Aug 11
nginxAug 09
nginx-develAug 09
mingw32-opensslAug 06
opensslAug 06
krfbAug 03
gpgmeAug 02
samba4Aug 02
samba41Aug 02
kdelibs4Jul 31

7 vulnerabilities affecting 11 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Deleted ports
Sanity Test Failures

NEW Graphs (Javascript)

Calculated hourly:
Port count 24476
Broken 230
Deprecated 845
Ignore 573
Forbidden 36
Restricted 261
No CDROM 101
Vulnerable 23
Expired 0
Set to expire 832
Interactive 0
new 24 hours 5
new 48 hours12
new 7 days42
new fortnight160
new month215

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.