FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
apache2 2.0.55 www Deleted on this many watch lists=349 search for ports that depend on this port This port version is marked as vulnerable.
Version 2 of Apache web server with prefork MPM.
Was Maintained by: clement@FreeBSD.org search for ports maintained by this maintainer
Port Added: 13 Apr 2001 01:43:49
Also Listed In: ipv6
License: not specified in port


The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/
SVNWeb : Main Web Site : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only required dependencies information. Optional dependencies are not covered.

Required To Build:
  1. lang/perl5.8
  2. devel/autoconf259
  3. devel/libtool15
Required To Run:
  1. sysutils/rc_subr
  2. lang/perl5.8
Required Libraries:
  1. textproc/expat2
  2. converters/libiconv
There are no ports dependent upon this port

No installation instructions: this port has been deleted.

The package name of this deleted port was: apache2


Configuration Options
     No options to configure

Master Sites:
  1. ftp://apache.rinet.ru/pub/mirror/apache.org/dist/httpd/
  2. ftp://apache.secsup.org/pub/apache/dist/httpd/
  3. ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/
  4. ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/apache2/
  5. ftp://ftp.apache.de/mirrors/dev.apache.org/dist/httpd/
  6. ftp://ftp.ccs.neu.edu/net/mirrors/Apache/dist/httpd/
  7. ftp://ftp.chg.ru/pub/WWW/apache/dist/httpd/
  8. ftp://ftp.esat.net/mirrors/ftp.apache.org/httpd/
  9. ftp://ftp.flirble.org/pub/web/apache/dist/httpd/
  10. ftp://ftp.forthnet.gr/pub/www/apache/httpd/
  11. ftp://ftp.gbnet.net/pub/apache/dist/httpd/
  12. ftp://ftp.gin.cz/pub/mirrors/www.apache.org/dist/httpd/
  13. ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/
  14. ftp://ftp.kappa.ro/pub/mirrors/ftp.apache.org/httpd/
  15. ftp://ftp.planetmirror.com/pub/apache/dist/httpd/
  16. ftp://ftp.pop-mg.com.br/pub/apache/dist/httpd/
  17. ftp://ftp.rhnet.is/pub/apache/httpd/
  18. ftp://ftp.saix.net/pub/apache/dist/httpd/
  19. ftp://ftp.sogang.ac.kr/www/apache/dist/httpd/
  20. ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/
  21. ftp://ftp.task.gda.pl/pub/www/apache/dist/httpd/
  22. ftp://ftp.tux.org/pub/net/apache/dist/httpd/
  23. ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/
  24. ftp://mirrors.rmplc.co.uk/pub/apache/httpd/
  25. ftp://sunsite.icm.edu.pl/pub/www/apache/dist/httpd/
  26. ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/
  27. http://archive.apache.org/dist/httpd/
  28. http://ring.ip-kyoto.ad.jp/archives/net/apache/dist/httpd/
  29. http://ring.riken.jp/archives/net/apache/dist/httpd/
  30. http://ring.sakura.ad.jp/archives/net/apache/dist/httpd/
  31. http://www.apache.org/dist/httpd/

Number of commits found: 188 (showing only 100 on this page)

1 | 2  »  

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
04 Dec 2005 00:27:20
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
clement search for other commits by this committer
- retire www/apache2
01 Dec 2005 18:54:16
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix IGNORE quoting in Makefile.modules.3rd; unbreak www/mod_vhsH
While I'm here fix typo

PR:             ports/89125
Submitted by:   Ion-Mihai "IOnut" Tetcu
Pointy hat to:  clement
15 Nov 2005 06:52:12
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
ade search for other commits by this committer
Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.
02 Nov 2005 09:13:28
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Backport WANT_APACHE= common21 from development version of bsd.apache.mk
  Now module selection in apache21 works properply
31 Oct 2005 18:04:24
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix a misuse of .error. Replace it by IGNORE.

PR:             ports/88281
Reported by:    Lowell Gilbert <freebsd-bugs-local@be-well.ilk.org>
30 Oct 2005 20:51:56
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Don't rerun the apache2.sh rc script on restart's, just stop and start
  normally

PR:             ports/86402
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au>
25 Oct 2005 18:58:53
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
fenner search for other commits by this committer
Use the proper syntax for groups when using ${MASTER_SITE_foo}

Approved by:    MAINTAINER timeout (2 weeks)
14 Oct 2005 13:54:09
Original commit files touched by this commit  2.0.55
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.55
20 Sep 2005 08:39:50
Original commit files touched by this commit  2.0.54_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Apply openssl 0.9.8 fix by default. OpenSSL 0.9.8 is now the default
  from ports

Reported by:    erwin
10 Sep 2005 14:46:13
Original commit files touched by this commit  2.0.54_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- remove a whitespace
10 Sep 2005 14:26:48
Original commit files touched by this commit  2.0.54_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix build if WITH_OPENSSL_BETA is defined.

PR:             ports/85457
Submitted by:   Daniel Roethlisberger <daniel@roe.ch>
07 Sep 2005 20:31:12
Original commit files touched by this commit  2.0.54_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix   CAN-2005-2700

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
renegotiation is performed for a transition from "SSLVerifyClient
optional" to "SSLVerifyClient require".
05 Sep 2005 15:07:49
Original commit files touched by this commit  2.0.54_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix reload/restart when using profiles

Submitted by:   thomas, Jarrod <jarrod@netleader.com.au>
25 Aug 2005 20:24:53
Original commit files touched by this commit  2.0.54_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix CAN-2005-2491 (integer overflow in pcre)
- Fix memory leak in byterange stuff, which can lead to DoS.
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29962

Obtained from:  Apache SVN repo
Reported by:    simon
Approved by:    portmgr (self)
01 Aug 2005 10:04:19
Original commit files touched by this commit  2.0.54_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- make sure SSL dependency doesn't exists if WITHOUT_MODULES_SSL is defined
26 Jul 2005 10:10:35
Original commit files touched by this commit  2.0.54_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add fix for CAN-2005-2088
From Changelog:
  *) SECURITY: CAN-2005-2088
     core: If a request contains both Transfer-Encoding and Content-Length
     headers, remove the Content-Length, mitigating some HTTP Request
     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]

- Rename previous patch to CVE ID
- bump PORTREVISION

Security:       CAN-2005-2088
Obtained From: Apache repository
26 Jul 2005 08:25:13
Original commit files touched by this commit  2.0.54_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
Security: fix a buffer overrun in ssl_callback_SSLVerify_CRL()
Reported by:    thierry
01 Jun 2005 17:49:31
Original commit files touched by this commit  2.0.54
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove debug line.
01 Jun 2005 17:47:53
Original commit files touched by this commit  2.0.54
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add support for multiple instances of apache2 to startup script.
  It's a little bit experimental, but it works.
17 Apr 2005 20:38:54
Original commit files touched by this commit  2.0.54
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.54
17 Mar 2005 21:09:56
Original commit files touched by this commit  2.0.53_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Correct misuse of APXS_PREFIX
15 Mar 2005 22:18:54
Original commit files touched by this commit  2.0.53_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix memory leak
  *) core_input_filter: Move buckets to a persistent brigade instead of
     creating a new brigade. This stop a memory leak when proxying a
     Streaming Media Server.

Obtained from:  Apache httpd repository
01 Mar 2005 13:36:30
Original commit files touched by this commit  2.0.53
 This port version is marked as vulnerable.
clement search for other commits by this committer
- promote kqueue to not-so-experiemental status.
  Please use WITH_KQUEUE_SUPPORT instead.

Success story reported by:      pav
24 Feb 2005 09:52:29
Original commit files touched by this commit  2.0.53
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Backport PORTDOCS fix from www/apache21.
  Recent changes in bsd.port.mk prevent from using PORTDOCS= #
11 Feb 2005 15:46:11
Original commit files touched by this commit  2.0.53
 This port version is marked as vulnerable.
clement search for other commits by this committer
- backout previous commit.
  I blindly committed a change from my dev tree. Since USE_APACHE design
  is flacky, it had a very annoying impact.

PR:                ports/77391 [1]
Also reported by: pointyhat via kris,
                  Scot Hetzel <swhetzel@gmail.com> [1]
Pointy hat to:    clement
08 Feb 2005 21:40:06
Original commit files touched by this commit  2.0.53
 This port version is marked as vulnerable.
clement search for other commits by this committer
- I want to keep APACHE_PORT overridable even with apache2.
08 Feb 2005 15:17:06
Original commit files touched by this commit  2.0.53
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.53
- Download bz2'd tarball [1]
- Add print-closest-mirrors target.
  It allows you to find the 6 (3 http/3 ftp) closest mirror,
  base on http://www.apache.org/dyn/closer.cgi/httpd/
  make print-closest-mirrors >> /etc/make.conf automatically add
  the six closest mirror to the head of ${MASTER_SITE_APACHE_HTTPD}.

Requested by:   delphij
26 Jan 2005 14:06:35
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix non DSO apache detection

Noticed by:     Xavier Beaudouin <kiwi@oav.net>
26 Jan 2005 10:00:11
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
Changes in Makefile.modules.3rd
o Major change(s)
   - in some cases, modules are still built as static modules, making
     modules selection useless and generate a non-desired httpd

o Minor change(s)
   - apxs detection is done only if port isn't a server one.
   - Mark modules ports as IGNORED if apaxhe is built statically
   - fix make show-modules when when WITH_ALL_STATIC_MODULES is defined

Most issues discovered by:      Jason Mealins <jason_mealins@bigfix.com>
25 Jan 2005 10:11:34
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- make WITHOUT_<CATEGORY>_MODULES really works.
  (it was still stuck with WITHOUT_<CATEGORY>)

Noticed by:     Jason Mealins <jason_mealins@bigfix.com>
17 Jan 2005 20:30:08
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add support for databases/db43 in apache2[1] and apache21.
- rename files/patch-srclib:apr-utils:build:dbm.m4 to
  files/patch-srclib:apr-util:build:dbm.m4

Based on PR:            ports/76152 [1]
Submitted by:           Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1]
11 Jan 2005 13:45:05
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]
27 Dec 2004 20:38:37
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add a note about the dangerousness of quotes in make.conf
19 Dec 2004 19:52:44
Original commit files touched by this commit  2.0.52_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Bump PORTREVISION to refect recent changes.
  Since www/mod_python3 needs envvars.d stuff to work.
17 Dec 2004 22:24:05
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix a bug in mod_ssl. When client aborts connection, mod_ssl still try
  to send its data, ad vitam eternam.

Noticed by:     Didier Bringer <bringer at echo dot fr>
Patched by:     Bruno Ducrot <ducrot at poupinou dot org>
17 Dec 2004 17:52:20
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove useless APR_FROM_PORTS check in post-install
- Add support for modular sbin/envvars
  You can now put your own scripts you want to execute at envvars
  stage in ${PREFIX}/etc/apache2/envvars.d
  Only script ending by *.env are run.

  Example:
        /usr/local/etc/apache2/envvars.d/mod_python3.env

Discussed with: perky on -apache@
13 Dec 2004 10:18:47
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- s/INSTALLS_SHILB/INSTALLS_SHLIB/
12 Dec 2004 11:48:56
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove installation of unused highperformance*.conf
- Move examples config files to ${EXAMPLESDIR}
- Relax permissions on ${PREFIX}/www instead of ${PREFIX}/www/data
11 Dec 2004 16:01:43
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Rename patch file.
29 Nov 2004 09:38:45
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- As discussed on apache@, don't create httpd.conf.bak, and remove stalled
  httpd.conf.bak file at deinstall time.
13 Nov 2004 18:23:34
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- minor cleanups.
10 Nov 2004 18:24:44
Original commit files touched by this commit  2.0.52_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix memory consumption DoS, CVE CAN-2004-0942

Reported by:    josef
Obtained from:  Apache CVS
08 Nov 2004 20:50:48
Original commit files touched by this commit  2.0.52_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- ldconfig'ify ${PREFIX}/lib/apache2 at install time.

PR:             ports/73566
Submitted by:   lev
04 Nov 2004 11:53:42
Original commit files touched by this commit  2.0.52_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix previous patch :-)

Huge pointy hat to: me
Noticed by:     Meno Abels <meno.abels@adviser.com>
31 Oct 2004 09:22:21
Original commit files touched by this commit  2.0.52_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
Makefile was errornously committed. Revert the changes
30 Oct 2004 19:44:41
Original commit files touched by this commit  2.0.52_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix apache2 build, I hope...

Noticed by:  many
Committed from: EuroBSDcon Hotel's bar.
Pointy hat to:  me
Under supervision from: mat, thierry, erwin (former mentor)
30 Oct 2004 15:32:53
Original commit files touched by this commit  2.0.52_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
util_ald_cache_purge() fails to relink the cache entries during a cache purge.
So apply the official patch
21 Oct 2004 07:08:46
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- sync with real life
19 Oct 2004 20:06:59
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix shared module building when WITH_STATIC_MODULES is defined.

Noticed by:     Nicola Tiling <nti at w4w dot net>
16 Oct 2004 14:45:40
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove WITH_APR_FROM_PORTS knob
- Add a note to UPDATING, to warn users they won't be able to build apache2
  if they keep apr 0.9.x

Discussed with: Craig Rodrigues (apr maintainer), kuriyama
16 Oct 2004 09:15:52
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix apr detection
  WARNING: apache2 + apr 1.0 is BROKEN
  I'm working on a small compat hack. But don't dream too much.
  apache 2.0.x is not designed to work with apr 1.x.

Forgotten by:   kuriyama
16 Oct 2004 05:03:07
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Chase apr shlib version bump.

Pointy Hat Autumn Collection 2004 to:   kuriyama
13 Oct 2004 14:03:06
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Use ${WWWOWN} and ${WWWGRP} for apache's user. (instead of harcoded
  www/www).
  It should help to keep consistancy in www-related ports.
13 Oct 2004 09:17:38
Original commit files touched by this commit  2.0.52_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Yet Another Security Fix
  Fix CAN-2004-0885:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
  correct cipher suite has been negotiated, else deny access.

  * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
  0.9.7, prevent session resumption during a renegotiation to force the
  client to negotiate a new (and acceptable) cipher suite.

Credits:        Hartmut Keil, Joe Orton
12 Oct 2004 08:27:40
Original commit files touched by this commit  2.0.52
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.52
- Use "PORTDOCS= #" and get rid of docs entry in plist.
- Support for FreeBSD 6 in apr
- Move of cache modules from THREADS to EXPERIMENTAL category and make
  sure we enable THREADS modules (cgid only) when a threaded MPM is
  selected.
- Resurect WITH_EXTRA_MODULES knob
- powerlogo.gif is now hosted by FreeBSD mirrors
- WITH_<category> is definitively no longer supported.
- Add Includes dir when installed via a package [1]

PR:             ports/72309 [1]
Submitted by:   Christian Kratzer <ck at cksoft dot de> [1]
10 Oct 2004 08:17:59
Original commit files touched by this commit  2.0.50_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix compilation with threads enabled on 5.x (due to PTHREAD_LIBS changes)

Approved by:    portmgr (krion)
15 Sep 2004 16:54:37
Original commit files touched by this commit  2.0.50_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
Security fixes [1]:
  *) SECURITY: CAN-2004-0786 (cve.mitre.org)
     Fix an input validation issue in apr-util which could be
     triggered by malformed IPv6 literal addresses.  [Joe Orton]

  *) SECURITY: CAN-2004-0747 (cve.mitre.org)
     Fix buffer overflow in expansion of environment variables in
     configuration file parsing.  [Andr<E9> Malo]

  *) SECURITY: CAN-2004-0809 (cve.mitre.org)
     mod_dav_fs: Fix a segfault in the handling of an indirect lock
     refresh.  PR 31183.  [Joe Orton]

- Update documentation (finally!) and fix WITH_<CATEGORY>_MODULES
  for special modules like LDAP or SSL [2]

Noticed by:     nectar [1]
Requested by:   Emile Heitor <imil at home dot imil dot net> [2]
Approved by:    portmgr (marcus)
03 Sep 2004 12:41:17
Original commit files touched by this commit  2.0.50_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- make AP_GENPLIST pseudo PREFFIX-safe until I find a correct fix.

Discussed with: eik (long time ago)
23 Aug 2004 15:44:51
Original commit files touched by this commit  2.0.50_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add a sanity check on apache2 configuration files before reloading or
  restarting apache2 (to avoid an expected failure on restart)
19 Aug 2004 14:38:36
Original commit files touched by this commit  2.0.50_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add support for exception hook:
  * WITH_EXCEPTION_HOOK now exists
  * Automatically add if WITH_DEBUG is set
  * Update still-outdated-documentation
- Remove automatic debuf mode if DEBUG_FLAGS is set

Exception hook is very useful for debugging (upcoming www/mod_backtrace
and www/mod_whatkilledus modules)

Makefile.modules.3rd:
- Fix CONFIGURE_ARGS for dynamic module selection.
  It's now fully usuable for apache13 ports
- Remove an useless WANT_APACHE check
- Move apxs detection at the beginning of the file, to use APXS_PREFIX
  for apache major version detection [1]
  The main advantage of this patch is to provide a nice way to
  have multiple apache versions, without altering ${LOCALBASE}.

Submitted by:    "ports/c0decafe.net" <ports at c0decafe dot net> [1]
18 Aug 2004 19:40:07
Original commit files touched by this commit  2.0.50_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Backport security fixes in ssl_engine_io.c

* [SECURITY] mod_ssl: Fix potential input filter segfaults in
  SPECULATIVE mode. (rollback handling for AP_MODE_SPECULATIVE)
  "This issue has possible security implications; it's been assigned CVE
  CAN-2004-0751 (cve.mitre.org)."
  http://issues.apache.org/bugzilla/show_bug.cgi?id=30134

* [SECURITY] mod_ssl: Fix potential infinite loop.
  (potential infinite loop in ssl_io_input_getline if connection is
  aborted without inctx->rc being set.)
  http://issues.apache.org/bugzilla/show_bug.cgi?id=27945
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29690

Obtained from:  Apache CVS (httpd-2.0 HEAD)
17 Aug 2004 12:41:26
Original commit files touched by this commit  2.0.50_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Bump PORTREVISION for all previous changes
- Allow access to /home if mod_userdir is loaded
- We don't need apache2libs.sh if apr is installed from ports.
- Add recent changes to UPGRADING
07 Aug 2004 20:25:02
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
Remove our config.layout support. FreeBSD layout is in apache2's one
since 2.0.48
07 Aug 2004 19:47:16
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
We don't need -DFREEBSD_THREAD_HACK when using kse or thr as threading
library.
05 Aug 2004 21:46:17
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add ldconfig -m to apache2's apr libs (install time and boot time)

Requested by, discussed with: lev
02 Aug 2004 13:21:36
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix brainless typo.

Noticed by: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
02 Aug 2004 08:40:05
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
apache2 NG patch 2/5.
Makefile.modules:
   - Export rewritten modules selection from Makefile.modules
     to Makefile.modules.3rd
   - Remove proxy support by default.

Makefile.modules.3rd:
   - Add support for WANT_APACHE common13/common2 to share
     code/functionalities between apache13 and apache2 server ports.

Rewrite of modules selection:
   - WITH_MODULES and WITHOUT_MODULES are no more conflicting
     WITHOUT_MODULES can be safely used internally to remove conflicting
     modules
   - Selection is based on modules categories to improve flexibility
        - WITH_${category}[_MODULES]
        - WITHOUT_${category}
        - WITH_CUSTOM_${category}
   -  Support apache13, apache2{0,1}
        This is EXPERIMENTAL. I'll test it IRL with www/apache13-ssl,
        and it should be easily usuable in future bsd.apache.mk
30 Jul 2004 17:04:47
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
apache2 NG patch 1/5.

o Changes in httpd.conf
  - mod_userdir:
        . set Userdir if mod_userdir is loaded [1]
        . Userdir is denied for users from /etc/ftpusers
  - set more "secure" permissions.
    By default, policy is to deny access to filesystem.
    You HAVE to _ENABLE_ access to your filesystem in httpd.conf.
  - Add an "Includes" directory to ${PREFIX}/etc/apache2/
    to make configuration more flexible
    ${PREFIX}/etc/apache2/*.conf files are now automatically loaded.

o apache.sh
  - be closer to apachectl, apache.sh need envvars [2]
    It should restore subversion behavior.

Partially submitted by:
                kuriyama [1],
                Gregory (Grisha) Trubetskoy <grisha at apache dot org> [2]

Future changes are mostly written, they should be committed during the
week-end.
If you're interrested in changes, feel free contact me.
13 Jul 2004 13:32:42
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Disable mod_cgi if MPM is threaded.
13 Jul 2004 09:53:43
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update experimental apr/kqueue patch

Obtained from:  apr CVS
13 Jul 2004 09:32:44
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix hostname resolution if IPv4 are mapped. [1]
- Add WITHOUT_V4MAPPED knob and explicitly set --disable-v4-mapped
  if WITHOUT_V4MAPPED or WITH_IPV6_V6ONLY

Also submitted by:      Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> [1]
11 Jul 2004 09:43:17
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Improve plist generation.
  It fixes problems when you deinstall a port with $PREFIX != $(apxs -q
  prefix). Now plist is aware of real location of apache module.
09 Jul 2004 16:41:38
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add WITHOUT_IPV6 knob to workaround problem with IP resolution
  when --enable-v4-mapped is used (default).
  Use WITHOUT_IPV6 knob if you have problem with "HostnameLookup On" on
  IPv4-only server(s).
  I hope I can provide a real fix soon.
03 Jul 2004 21:57:52
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- remove from plist reference to share/nls/en_US.US-ASCII
  and share/nls/POSIX

Noticed by:     thierry
02 Jul 2004 13:47:41
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Make configure script define DEFAULT_SCOREBOARD.
- Add NOTICE file to respect Apache 2.0 license
01 Jul 2004 18:06:35
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- revert ade's commit, since it breaks the ports due to something
  looking like a reverse patching.
01 Jul 2004 17:06:41
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
ade search for other commits by this committer
Autotools cleanup.  Remove autoconf257 (259), automake17 (18), and
libtool14 (13/15).

PR:             67768
Submitted by:   ade
Approved by:    4-exp bento runs (thanks, kris!)
01 Jul 2004 05:54:56
Original commit files touched by this commit  2.0.50
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.50
  Important changes:
  *) SECURITY: CAN-2004-0493 (cve.mitre.org)
     Close a denial of service vulnerability identified by Georgi
     Guninski which could lead to memory exhaustion with certain
     input data.  [Jeff Trawick]
  *) SECURITY: CAN-2004-0488 (cve.mitre.org)
     mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
     (trusted) client certificate subject DN which exceeds 6K in length.
     [Joe Orton]
  Details can be found here:
        http://www.apache.org/dist/httpd/CHANGES_2.0
- Use autoconf 2.59
- Add add SUEXEC_LOGFILE tunable to set suexec logfile [1]
- Silently ignore removal of libexec/apache2 directory
(Only the first 15 lines of the commit message are shown above View all of this commit message)
29 Jun 2004 08:06:20
Original commit files touched by this commit  2.0.49_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Security fix.
  CAN-2004-0493 - memory exhaustion denial of service
 
http://www.freebsd.org/ports/portaudit/81a8c9c2-c94f-11d8-8898-000d6111a684.html

Noticed by:     eik
Obtained from:  apache CVS
09 Jun 2004 06:16:07
Original commit files touched by this commit  2.0.49_2
 This port version is marked as vulnerable.
kris search for other commits by this committer
Don't remove www/ now that it is created by the system.
07 Jun 2004 14:56:53
Original commit files touched by this commit  2.0.49_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- change limits from user www to daemon class to be in sync with
  apachectl
- fix limits (missing eval)
06 Jun 2004 21:53:18
Original commit files touched by this commit  2.0.49_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Clarify pkg-message

Noticed by:     Hutterer Robert <robert.hutterer@univie.ac.at>
05 Jun 2004 13:52:20
Original commit files touched by this commit  2.0.49_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Sync pkg-descr with reality.
05 Jun 2004 11:14:18
Original commit files touched by this commit  2.0.49_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
-1- make show-options readable from a vt100 ;-)
-2- add WITH_DEBUG knob (supports DEBUG_FLAGS)
-3- convert start script to RCng [1]
    - add possibility to run limits(1) before apache starts
    - apache2.sh reload = apachectl graceful
-4- Add threadpool MPM
-5- Adapt COMMENT to fit MPM.
-6- Bump PORTREVISION

PR:             ports/66955 [1]
Submitted by:   nork [1] (partially)
Requested by:   ume [1]
02 Jun 2004 08:15:58
Original commit files touched by this commit  2.0.49_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- remove quotes from "bogus" IGNORE string

Noticed by:     kris
29 May 2004 22:17:16
Original commit files touched by this commit  2.0.49_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix IGNORE s,(,\(,
29 May 2004 22:07:37
Original commit files touched by this commit  2.0.49_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- s/BROKEN/IGNORE/
29 May 2004 21:37:38
Original commit files touched by this commit  2.0.49_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix build if WITH_APR_FROM_PORTS is defined.
- Advertise ServerToken i.e.:
Apache/2.0.49 (FreeBSD) Server at satan.cultdeadsheep.org Port 80
28 May 2004 15:27:02
Original commit files touched by this commit  2.0.49_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Import security fix from Apache CVS...
* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix buffer
overflow in FakeBasicAuth code if client's subject DN exceeds 6K in
length (CVE CAN-2004-0488); switch to using apr-util base64 encoder
functions.
- ... and of course bump PORTREVISION.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488
http://secunia.com/advisories/11534/

Reported by:    Charles-Damien Orbello <tazma@cultdeadsheep.org>
18 May 2004 13:43:19
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix plist after upgrading libtool to 1.5

Notice by:       Fritz Heinrichmeyer <fritz.heinrichmeyer@fernuni-hagen.de>
18 May 2004 11:58:57
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- import buildconf patch in ports tree.
  It has been living out the tree for historical reason.
18 May 2004 11:35:54
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- use autoconf 2.57
- use libtool 1.5.6
17 May 2004 10:48:22
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- s/BROKEN/IGNORE/
Per linimon's request correct {mis,ab}use of BROKEN.
17 Apr 2004 14:26:01
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Do not activate module automatically [1]
- Cosmectic change in autogenerated plist (run apxs before the removal
  of the module file, it can make apxs fail if you change module
  name/shortname)

Forgotten by:   me [1]
Reminded by:    discussion with kris [1]
16 Apr 2004 14:07:16
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
Add AP_EXTRA to support extra arguments to apxs during build.
AP_INC and AP_LIB were added.

Reminded by: mod_vdbh port
16 Apr 2004 13:29:30
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
Remove noisy apache version detection
16 Apr 2004 12:24:43
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
Add Makefile.modules.3rd, which should simplify apache modules porting.
It can not be used with USE_APACHE knob.

Most important knobs:
WANT_APACHE=    {13,2}
        Apache version required. if undefined, both apache version
        are allowed.
AP_FAST_BUILD
        Do ${APXS} -c ${APXS} -i for you
AP_GENPLIST
        Autogenerate a _SIMPLE_ plist:

See future commits to know how to use this file.
07 Apr 2004 14:27:47
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix install when people use a different /bin/sh
  This shouldn't have been fixed, but I don't like setting UID and GID
  variables.
  so ${*} -> ${WWW*}

PR:             64032
Noticed by:     Patrick Schoenfeld <schoenfeld@in-medias-res.com>
26 Mar 2004 17:05:03
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
- s/ac_cv_pthreads/apr_cv_pthreads/ (due to changes in 2.0.49)
  WITH_PTHREAD_LIBS and WITH_PTHREAD_CFLAGS are now working again

  WARNING: This option is still NOT offically supported.
  You can't flame me,but you still cansend me some backtrace ;-)
20 Mar 2004 12:27:46
Original commit files touched by this commit  2.0.49
 This port version is marked as vulnerable.
clement search for other commits by this committer
Update to 2.0.49

Full ChangeLogand announcement:
http://www.apache.org/dist/httpd/Announcement2.html

Port changes:
- buildconf patches improvement
- Fix typo [1]

PR:             64297 [1]
Submitted by:   TSUMAI Yasuyuki <ral@ta-ko.jp> [1]

Number of commits found: 188 (showing only 100 on this page)

1 | 2  »  

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
chromiumAug 26
fileAug 21
py-djangoAug 21
py-django-develAug 21
py-django14Aug 21
py-django15Aug 21
php53Aug 18
phpmyadminAug 17
chromiumAug 13
serfAug 11
subversionAug 11
subversion17Aug 11
nginxAug 09
nginx-develAug 09
mingw32-opensslAug 06

6 vulnerabilities affecting 9 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24040
Broken 145
Deprecated 174
Ignore 416
Forbidden 17
Restricted 212
No CDROM 94
Vulnerable 23
Expired 91
Set to expire 163
Interactive 0
new 24 hours 4
new 48 hours9
new 7 days34
new fortnight87
new month261

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.