notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

FInally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combinatio for a given watch list. This is what FreshPorts will look for.

Port details
apache2 Version 2 of Apache web server with prefork MPM.
2.0.55 www Deleted on this many watch lists=341 search for ports that depend on this port This port version is marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 2.0.55Version of this port present on the latest quarterly branch.
Maintainer: clement@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2001-04-13 01:43:49
Last Update: 2005-12-04 00:27:20
SVN Revision: UNKNOWN
People watching this port, also watch:: gmake, expat, libiconv, gettext
Also Listed In: ipv6
License: not specified in port
WWW:
http://httpd.apache.org/
Description:
The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for various modern desktop and server operating systems, such as UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server which provides HTTP services in sync with the current HTTP standards. The 2.x branch of Apache Web Server includes several improvements like threading, use of APR, native IPv6 and SSL support, and many more. WWW: http://httpd.apache.org/
Homepage    cgit ¦ GitHub ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
There is no configure plist information for this port.
Dependency lines:
  • apache>0:www/apache2
No installation instructions:
This port has been deleted.
PKGNAME: apache
Flavors: there is no flavor information for this port.
distinfo:
There is no distinfo for this port.

No package information for this port in our database
Sometimes this happens. Not all ports have packages.
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. perl5.8.7 : lang/perl5.8
  2. autoconf259 : devel/autoconf259
  3. libtool15 : devel/libtool15
Runtime dependencies:
  1. rc.subr : sysutils/rc_subr
  2. perl5.8.7 : lang/perl5.8
Library dependencies:
  1. expat.5 : textproc/expat2
  2. iconv.3 : converters/libiconv
There are no ports dependent upon this port

Configuration Options:
No options to configure
Options name:
N/A
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (31 items)
Collapse this list.
  1. ftp://apache.rinet.ru/pub/mirror/apache.org/dist/httpd/
  2. ftp://apache.secsup.org/pub/apache/dist/httpd/
  3. ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/
  4. ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/apache2/
  5. ftp://ftp.apache.de/mirrors/dev.apache.org/dist/httpd/
  6. ftp://ftp.ccs.neu.edu/net/mirrors/Apache/dist/httpd/
  7. ftp://ftp.chg.ru/pub/WWW/apache/dist/httpd/
  8. ftp://ftp.esat.net/mirrors/ftp.apache.org/httpd/
  9. ftp://ftp.flirble.org/pub/web/apache/dist/httpd/
  10. ftp://ftp.forthnet.gr/pub/www/apache/httpd/
  11. ftp://ftp.gbnet.net/pub/apache/dist/httpd/
  12. ftp://ftp.gin.cz/pub/mirrors/www.apache.org/dist/httpd/
  13. ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/
  14. ftp://ftp.kappa.ro/pub/mirrors/ftp.apache.org/httpd/
  15. ftp://ftp.planetmirror.com/pub/apache/dist/httpd/
  16. ftp://ftp.pop-mg.com.br/pub/apache/dist/httpd/
  17. ftp://ftp.rhnet.is/pub/apache/httpd/
  18. ftp://ftp.saix.net/pub/apache/dist/httpd/
  19. ftp://ftp.sogang.ac.kr/www/apache/dist/httpd/
  20. ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/
  21. ftp://ftp.task.gda.pl/pub/www/apache/dist/httpd/
  22. ftp://ftp.tux.org/pub/net/apache/dist/httpd/
  23. ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/
  24. ftp://mirrors.rmplc.co.uk/pub/apache/httpd/
  25. ftp://sunsite.icm.edu.pl/pub/www/apache/dist/httpd/
  26. ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/
  27. http://archive.apache.org/dist/httpd/
  28. http://ring.ip-kyoto.ad.jp/archives/net/apache/dist/httpd/
  29. http://ring.riken.jp/archives/net/apache/dist/httpd/
  30. http://ring.sakura.ad.jp/archives/net/apache/dist/httpd/
  31. http://www.apache.org/dist/httpd/
Collapse this list.

Number of commits found: 188 (showing only 100 on this page)

1 | 2  »  

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
2.0.55
04 Dec 2005 00:27:20
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- retire www/apache2
2.0.55
01 Dec 2005 18:54:16
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix IGNORE quoting in Makefile.modules.3rd; unbreak www/mod_vhsH
While I'm here fix typo

PR:             ports/89125
Submitted by:   Ion-Mihai "IOnut" Tetcu
Pointy hat to:  clement
2.0.55
15 Nov 2005 06:52:12
Original commit files touched by this commit This port version is marked as vulnerable.
ade search for other commits by this committer
Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.
2.0.55
02 Nov 2005 09:13:28
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Backport WANT_APACHE= common21 from development version of bsd.apache.mk
  Now module selection in apache21 works properply
2.0.55
31 Oct 2005 18:04:24
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix a misuse of .error. Replace it by IGNORE.

PR:             ports/88281
Reported by:    Lowell Gilbert <freebsd-bugs-local@be-well.ilk.org>
2.0.55
30 Oct 2005 20:51:56
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Don't rerun the apache2.sh rc script on restart's, just stop and start
  normally

PR:             ports/86402
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au>
2.0.55
25 Oct 2005 18:58:53
Original commit files touched by this commit This port version is marked as vulnerable.
fenner search for other commits by this committer
Use the proper syntax for groups when using ${MASTER_SITE_foo}

Approved by:    MAINTAINER timeout (2 weeks)
2.0.55
14 Oct 2005 13:54:09
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.55
2.0.54_4
20 Sep 2005 08:39:50
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Apply openssl 0.9.8 fix by default. OpenSSL 0.9.8 is now the default
  from ports

Reported by:    erwin
2.0.54_4
10 Sep 2005 14:46:13
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- remove a whitespace
2.0.54_4
10 Sep 2005 14:26:48
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix build if WITH_OPENSSL_BETA is defined.

PR:             ports/85457
Submitted by:   Daniel Roethlisberger <daniel@roe.ch>
2.0.54_4
07 Sep 2005 20:31:12
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix   CAN-2005-2700

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
renegotiation is performed for a transition from "SSLVerifyClient
optional" to "SSLVerifyClient require".
2.0.54_3
05 Sep 2005 15:07:49
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix reload/restart when using profiles

Submitted by:   thomas, Jarrod <jarrod@netleader.com.au>
2.0.54_3
25 Aug 2005 20:24:53
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix CAN-2005-2491 (integer overflow in pcre)
- Fix memory leak in byterange stuff, which can lead to DoS.
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29962

Obtained from:  Apache SVN repo
Reported by:    simon
Approved by:    portmgr (self)
2.0.54_2
01 Aug 2005 10:04:19
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- make sure SSL dependency doesn't exists if WITHOUT_MODULES_SSL is defined
2.0.54_2
26 Jul 2005 10:10:35
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add fix for CAN-2005-2088
From Changelog:
  *) SECURITY: CAN-2005-2088
     core: If a request contains both Transfer-Encoding and Content-Length
     headers, remove the Content-Length, mitigating some HTTP Request
     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]

- Rename previous patch to CVE ID
- bump PORTREVISION

Security:       CAN-2005-2088
Obtained From: Apache repository
2.0.54_1
26 Jul 2005 08:25:13
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Security: fix a buffer overrun in ssl_callback_SSLVerify_CRL()
Reported by:    thierry
2.0.54
01 Jun 2005 17:49:31
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove debug line.
2.0.54
01 Jun 2005 17:47:53
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add support for multiple instances of apache2 to startup script.
  It's a little bit experimental, but it works.
2.0.54
17 Apr 2005 20:38:54
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.54
2.0.53_1
17 Mar 2005 21:09:56
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Correct misuse of APXS_PREFIX
2.0.53_1
15 Mar 2005 22:18:54
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix memory leak
  *) core_input_filter: Move buckets to a persistent brigade instead of
     creating a new brigade. This stop a memory leak when proxying a
     Streaming Media Server.

Obtained from:  Apache httpd repository
2.0.53
01 Mar 2005 13:36:30
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- promote kqueue to not-so-experiemental status.
  Please use WITH_KQUEUE_SUPPORT instead.

Success story reported by:      pav
2.0.53
24 Feb 2005 09:52:29
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Backport PORTDOCS fix from www/apache21.
  Recent changes in bsd.port.mk prevent from using PORTDOCS= #
2.0.53
11 Feb 2005 15:46:11
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- backout previous commit.
  I blindly committed a change from my dev tree. Since USE_APACHE design
  is flacky, it had a very annoying impact.

PR:                ports/77391 [1]
Also reported by: pointyhat via kris,
                  Scot Hetzel <swhetzel@gmail.com> [1]
Pointy hat to:    clement
2.0.53
08 Feb 2005 21:40:06
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- I want to keep APACHE_PORT overridable even with apache2.
2.0.53
08 Feb 2005 15:17:06
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.53
- Download bz2'd tarball [1]
- Add print-closest-mirrors target.
  It allows you to find the 6 (3 http/3 ftp) closest mirror,
  base on http://www.apache.org/dyn/closer.cgi/httpd/
  make print-closest-mirrors >> /etc/make.conf automatically add
  the six closest mirror to the head of ${MASTER_SITE_APACHE_HTTPD}.

Requested by:   delphij
2.0.52_4
26 Jan 2005 14:06:35
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix non DSO apache detection

Noticed by:     Xavier Beaudouin <kiwi@oav.net>
2.0.52_4
26 Jan 2005 10:00:11
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Changes in Makefile.modules.3rd
o Major change(s)
   - in some cases, modules are still built as static modules, making
     modules selection useless and generate a non-desired httpd

o Minor change(s)
   - apxs detection is done only if port isn't a server one.
   - Mark modules ports as IGNORED if apaxhe is built statically
   - fix make show-modules when when WITH_ALL_STATIC_MODULES is defined

Most issues discovered by:      Jason Mealins <jason_mealins@bigfix.com>
2.0.52_4
25 Jan 2005 10:11:34
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- make WITHOUT_<CATEGORY>_MODULES really works.
  (it was still stuck with WITHOUT_<CATEGORY>)

Noticed by:     Jason Mealins <jason_mealins@bigfix.com>
2.0.52_4
17 Jan 2005 20:30:08
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add support for databases/db43 in apache2[1] and apache21.
- rename files/patch-srclib:apr-utils:build:dbm.m4 to
  files/patch-srclib:apr-util:build:dbm.m4

Based on PR:            ports/76152 [1]
Submitted by:           Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1]
2.0.52_4
11 Jan 2005 13:45:05
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]
2.0.52_4
27 Dec 2004 20:38:37
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add a note about the dangerousness of quotes in make.conf
2.0.52_4
19 Dec 2004 19:52:44
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Bump PORTREVISION to refect recent changes.
  Since www/mod_python3 needs envvars.d stuff to work.
2.0.52_3
17 Dec 2004 22:24:05
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix a bug in mod_ssl. When client aborts connection, mod_ssl still try
  to send its data, ad vitam eternam.

Noticed by:     Didier Bringer <bringer at echo dot fr>
Patched by:     Bruno Ducrot <ducrot at poupinou dot org>
2.0.52_3
17 Dec 2004 17:52:20
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove useless APR_FROM_PORTS check in post-install
- Add support for modular sbin/envvars
  You can now put your own scripts you want to execute at envvars
  stage in ${PREFIX}/etc/apache2/envvars.d
  Only script ending by *.env are run.

  Example:
        /usr/local/etc/apache2/envvars.d/mod_python3.env

Discussed with: perky on -apache@
2.0.52_3
13 Dec 2004 10:18:47
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- s/INSTALLS_SHILB/INSTALLS_SHLIB/
2.0.52_3
12 Dec 2004 11:48:56
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove installation of unused highperformance*.conf
- Move examples config files to ${EXAMPLESDIR}
- Relax permissions on ${PREFIX}/www instead of ${PREFIX}/www/data
2.0.52_3
11 Dec 2004 16:01:43
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Rename patch file.
2.0.52_3
29 Nov 2004 09:38:45
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- As discussed on apache@, don't create httpd.conf.bak, and remove stalled
  httpd.conf.bak file at deinstall time.
2.0.52_3
13 Nov 2004 18:23:34
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- minor cleanups.
2.0.52_3
10 Nov 2004 18:24:44
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix memory consumption DoS, CVE CAN-2004-0942

Reported by:    josef
Obtained from:  Apache CVS
2.0.52_2
08 Nov 2004 20:50:48
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- ldconfig'ify ${PREFIX}/lib/apache2 at install time.

PR:             ports/73566
Submitted by:   lev
2.0.52_2
04 Nov 2004 11:53:42
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix previous patch :-)

Huge pointy hat to: me
Noticed by:     Meno Abels <meno.abels@adviser.com>
2.0.52_2
31 Oct 2004 09:22:21
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Makefile was errornously committed. Revert the changes
2.0.52_2
30 Oct 2004 19:44:41
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix apache2 build, I hope...

Noticed by:  many
Committed from: EuroBSDcon Hotel's bar.
Pointy hat to:  me
Under supervision from: mat, thierry, erwin (former mentor)
2.0.52_2
30 Oct 2004 15:32:53
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
util_ald_cache_purge() fails to relink the cache entries during a cache purge.
So apply the official patch
2.0.52_1
21 Oct 2004 07:08:46
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- sync with real life
2.0.52_1
19 Oct 2004 20:06:59
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix shared module building when WITH_STATIC_MODULES is defined.

Noticed by:     Nicola Tiling <nti at w4w dot net>
2.0.52_1
16 Oct 2004 14:45:40
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove WITH_APR_FROM_PORTS knob
- Add a note to UPDATING, to warn users they won't be able to build apache2
  if they keep apr 0.9.x

Discussed with: Craig Rodrigues (apr maintainer), kuriyama
2.0.52_1
16 Oct 2004 09:15:52
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix apr detection
  WARNING: apache2 + apr 1.0 is BROKEN
  I'm working on a small compat hack. But don't dream too much.
  apache 2.0.x is not designed to work with apr 1.x.

Forgotten by:   kuriyama
2.0.52_1
16 Oct 2004 05:03:07
Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Chase apr shlib version bump.

Pointy Hat Autumn Collection 2004 to:   kuriyama
2.0.52_1
13 Oct 2004 14:03:06
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Use ${WWWOWN} and ${WWWGRP} for apache's user. (instead of harcoded
  www/www).
  It should help to keep consistancy in www-related ports.
2.0.52_1
13 Oct 2004 09:17:38
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Yet Another Security Fix
  Fix CAN-2004-0885:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
  correct cipher suite has been negotiated, else deny access.

  * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
  0.9.7, prevent session resumption during a renegotiation to force the
  client to negotiate a new (and acceptable) cipher suite.

Credits:        Hartmut Keil, Joe Orton
2.0.52
12 Oct 2004 08:27:40
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.52
- Use "PORTDOCS= #" and get rid of docs entry in plist.
- Support for FreeBSD 6 in apr
- Move of cache modules from THREADS to EXPERIMENTAL category and make
  sure we enable THREADS modules (cgid only) when a threaded MPM is
  selected.
- Resurect WITH_EXTRA_MODULES knob
- powerlogo.gif is now hosted by FreeBSD mirrors
- WITH_<category> is definitively no longer supported.
- Add Includes dir when installed via a package [1]

PR:             ports/72309 [1]
Submitted by:   Christian Kratzer <ck at cksoft dot de> [1]
2.0.50_3
10 Oct 2004 08:17:59
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix compilation with threads enabled on 5.x (due to PTHREAD_LIBS changes)

Approved by:    portmgr (krion)
2.0.50_3
15 Sep 2004 16:54:37
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Security fixes [1]:
  *) SECURITY: CAN-2004-0786 (cve.mitre.org)
     Fix an input validation issue in apr-util which could be
     triggered by malformed IPv6 literal addresses.  [Joe Orton]

  *) SECURITY: CAN-2004-0747 (cve.mitre.org)
     Fix buffer overflow in expansion of environment variables in
     configuration file parsing.  [Andr<E9> Malo]

  *) SECURITY: CAN-2004-0809 (cve.mitre.org)
     mod_dav_fs: Fix a segfault in the handling of an indirect lock
     refresh.  PR 31183.  [Joe Orton]

- Update documentation (finally!) and fix WITH_<CATEGORY>_MODULES
  for special modules like LDAP or SSL [2]

Noticed by:     nectar [1]
Requested by:   Emile Heitor <imil at home dot imil dot net> [2]
Approved by:    portmgr (marcus)
2.0.50_2
03 Sep 2004 12:41:17
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- make AP_GENPLIST pseudo PREFFIX-safe until I find a correct fix.

Discussed with: eik (long time ago)
2.0.50_2
23 Aug 2004 15:44:51
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add a sanity check on apache2 configuration files before reloading or
  restarting apache2 (to avoid an expected failure on restart)
2.0.50_2
19 Aug 2004 14:38:36
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add support for exception hook:
  * WITH_EXCEPTION_HOOK now exists
  * Automatically add if WITH_DEBUG is set
  * Update still-outdated-documentation
- Remove automatic debuf mode if DEBUG_FLAGS is set

Exception hook is very useful for debugging (upcoming www/mod_backtrace
and www/mod_whatkilledus modules)

Makefile.modules.3rd:
- Fix CONFIGURE_ARGS for dynamic module selection.
  It's now fully usuable for apache13 ports
- Remove an useless WANT_APACHE check
- Move apxs detection at the beginning of the file, to use APXS_PREFIX
  for apache major version detection [1]
  The main advantage of this patch is to provide a nice way to
  have multiple apache versions, without altering ${LOCALBASE}.

Submitted by:    "ports/c0decafe.net" <ports at c0decafe dot net> [1]
2.0.50_2
18 Aug 2004 19:40:07
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Backport security fixes in ssl_engine_io.c

* [SECURITY] mod_ssl: Fix potential input filter segfaults in
  SPECULATIVE mode. (rollback handling for AP_MODE_SPECULATIVE)
  "This issue has possible security implications; it's been assigned CVE
  CAN-2004-0751 (cve.mitre.org)."
  http://issues.apache.org/bugzilla/show_bug.cgi?id=30134

* [SECURITY] mod_ssl: Fix potential infinite loop.
  (potential infinite loop in ssl_io_input_getline if connection is
  aborted without inctx->rc being set.)
  http://issues.apache.org/bugzilla/show_bug.cgi?id=27945
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29690

Obtained from:  Apache CVS (httpd-2.0 HEAD)
2.0.50_1
17 Aug 2004 12:41:26
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Bump PORTREVISION for all previous changes
- Allow access to /home if mod_userdir is loaded
- We don't need apache2libs.sh if apr is installed from ports.
- Add recent changes to UPGRADING
2.0.50
07 Aug 2004 20:25:02
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Remove our config.layout support. FreeBSD layout is in apache2's one
since 2.0.48
2.0.50
07 Aug 2004 19:47:16
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
We don't need -DFREEBSD_THREAD_HACK when using kse or thr as threading
library.
2.0.50
05 Aug 2004 21:46:17
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add ldconfig -m to apache2's apr libs (install time and boot time)

Requested by, discussed with: lev
2.0.50
02 Aug 2004 13:21:36
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix brainless typo.

Noticed by: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
2.0.50
02 Aug 2004 08:40:05
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
apache2 NG patch 2/5.
Makefile.modules:
   - Export rewritten modules selection from Makefile.modules
     to Makefile.modules.3rd
   - Remove proxy support by default.

Makefile.modules.3rd:
   - Add support for WANT_APACHE common13/common2 to share
     code/functionalities between apache13 and apache2 server ports.

Rewrite of modules selection:
   - WITH_MODULES and WITHOUT_MODULES are no more conflicting
     WITHOUT_MODULES can be safely used internally to remove conflicting
     modules
   - Selection is based on modules categories to improve flexibility
        - WITH_${category}[_MODULES]
        - WITHOUT_${category}
        - WITH_CUSTOM_${category}
   -  Support apache13, apache2{0,1}
        This is EXPERIMENTAL. I'll test it IRL with www/apache13-ssl,
        and it should be easily usuable in future bsd.apache.mk
2.0.50
30 Jul 2004 17:04:47
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
apache2 NG patch 1/5.

o Changes in httpd.conf
  - mod_userdir:
        . set Userdir if mod_userdir is loaded [1]
        . Userdir is denied for users from /etc/ftpusers
  - set more "secure" permissions.
    By default, policy is to deny access to filesystem.
    You HAVE to _ENABLE_ access to your filesystem in httpd.conf.
  - Add an "Includes" directory to ${PREFIX}/etc/apache2/
    to make configuration more flexible
    ${PREFIX}/etc/apache2/*.conf files are now automatically loaded.

o apache.sh
  - be closer to apachectl, apache.sh need envvars [2]
    It should restore subversion behavior.

Partially submitted by:
                kuriyama [1],
                Gregory (Grisha) Trubetskoy <grisha at apache dot org> [2]

Future changes are mostly written, they should be committed during the
week-end.
If you're interrested in changes, feel free contact me.
2.0.50
13 Jul 2004 13:32:42
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Disable mod_cgi if MPM is threaded.
2.0.50
13 Jul 2004 09:53:43
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Update experimental apr/kqueue patch

Obtained from:  apr CVS
2.0.50
13 Jul 2004 09:32:44
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix hostname resolution if IPv4 are mapped. [1]
- Add WITHOUT_V4MAPPED knob and explicitly set --disable-v4-mapped
  if WITHOUT_V4MAPPED or WITH_IPV6_V6ONLY

Also submitted by:      Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> [1]
2.0.50
11 Jul 2004 09:43:17
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Improve plist generation.
  It fixes problems when you deinstall a port with $PREFIX != $(apxs -q
  prefix). Now plist is aware of real location of apache module.
2.0.50
09 Jul 2004 16:41:38
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Add WITHOUT_IPV6 knob to workaround problem with IP resolution
  when --enable-v4-mapped is used (default).
  Use WITHOUT_IPV6 knob if you have problem with "HostnameLookup On" on
  IPv4-only server(s).
  I hope I can provide a real fix soon.
2.0.50
03 Jul 2004 21:57:52
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- remove from plist reference to share/nls/en_US.US-ASCII
  and share/nls/POSIX

Noticed by:     thierry
2.0.50
02 Jul 2004 13:47:41
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Make configure script define DEFAULT_SCOREBOARD.
- Add NOTICE file to respect Apache 2.0 license
2.0.50
01 Jul 2004 18:06:35
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- revert ade's commit, since it breaks the ports due to something
  looking like a reverse patching.
2.0.50
01 Jul 2004 17:06:41
Original commit files touched by this commit This port version is marked as vulnerable.
ade search for other commits by this committer
Autotools cleanup.  Remove autoconf257 (259), automake17 (18), and
libtool14 (13/15).

PR:             67768
Submitted by:   ade
Approved by:    4-exp bento runs (thanks, kris!)
2.0.50
01 Jul 2004 05:54:56
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.0.50
  Important changes:
  *) SECURITY: CAN-2004-0493 (cve.mitre.org)
     Close a denial of service vulnerability identified by Georgi
     Guninski which could lead to memory exhaustion with certain
     input data.  [Jeff Trawick]
  *) SECURITY: CAN-2004-0488 (cve.mitre.org)
     mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
     (trusted) client certificate subject DN which exceeds 6K in length.
     [Joe Orton]
  Details can be found here:
        http://www.apache.org/dist/httpd/CHANGES_2.0
- Use autoconf 2.59
- Add add SUEXEC_LOGFILE tunable to set suexec logfile [1]
- Silently ignore removal of libexec/apache2 directory
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.0.49_3
29 Jun 2004 08:06:20
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Security fix.
  CAN-2004-0493 - memory exhaustion denial of service
 
http://www.freebsd.org/ports/portaudit/81a8c9c2-c94f-11d8-8898-000d6111a684.html

Noticed by:     eik
Obtained from:  apache CVS
2.0.49_2
09 Jun 2004 06:16:07
Original commit files touched by this commit This port version is marked as vulnerable.
kris search for other commits by this committer
Don't remove www/ now that it is created by the system.
2.0.49_2
07 Jun 2004 14:56:53
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- change limits from user www to daemon class to be in sync with
  apachectl
- fix limits (missing eval)
2.0.49_2
06 Jun 2004 21:53:18
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Clarify pkg-message

Noticed by:     Hutterer Robert <robert.hutterer@univie.ac.at>
2.0.49_2
05 Jun 2004 13:52:20
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Sync pkg-descr with reality.
2.0.49_2
05 Jun 2004 11:14:18
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
-1- make show-options readable from a vt100 ;-)
-2- add WITH_DEBUG knob (supports DEBUG_FLAGS)
-3- convert start script to RCng [1]
    - add possibility to run limits(1) before apache starts
    - apache2.sh reload = apachectl graceful
-4- Add threadpool MPM
-5- Adapt COMMENT to fit MPM.
-6- Bump PORTREVISION

PR:             ports/66955 [1]
Submitted by:   nork [1] (partially)
Requested by:   ume [1]
2.0.49_1
02 Jun 2004 08:15:58
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- remove quotes from "bogus" IGNORE string

Noticed by:     kris
2.0.49_1
29 May 2004 22:17:16
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix IGNORE s,(,\(,
2.0.49_1
29 May 2004 22:07:37
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- s/BROKEN/IGNORE/
2.0.49_1
29 May 2004 21:37:38
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix build if WITH_APR_FROM_PORTS is defined.
- Advertise ServerToken i.e.:
Apache/2.0.49 (FreeBSD) Server at satan.cultdeadsheep.org Port 80
2.0.49_1
28 May 2004 15:27:02
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Import security fix from Apache CVS...
* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix buffer
overflow in FakeBasicAuth code if client's subject DN exceeds 6K in
length (CVE CAN-2004-0488); switch to using apr-util base64 encoder
functions.
- ... and of course bump PORTREVISION.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488
http://secunia.com/advisories/11534/

Reported by:    Charles-Damien Orbello <tazma@cultdeadsheep.org>
2.0.49
18 May 2004 13:43:19
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix plist after upgrading libtool to 1.5

Notice by:       Fritz Heinrichmeyer <fritz.heinrichmeyer@fernuni-hagen.de>
2.0.49
18 May 2004 11:58:57
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- import buildconf patch in ports tree.
  It has been living out the tree for historical reason.
2.0.49
18 May 2004 11:35:54
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- use autoconf 2.57
- use libtool 1.5.6
2.0.49
17 May 2004 10:48:22
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- s/BROKEN/IGNORE/
Per linimon's request correct {mis,ab}use of BROKEN.
2.0.49
17 Apr 2004 14:26:01
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Do not activate module automatically [1]
- Cosmectic change in autogenerated plist (run apxs before the removal
  of the module file, it can make apxs fail if you change module
  name/shortname)

Forgotten by:   me [1]
Reminded by:    discussion with kris [1]
2.0.49
16 Apr 2004 14:07:16
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Add AP_EXTRA to support extra arguments to apxs during build.
AP_INC and AP_LIB were added.

Reminded by: mod_vdbh port
2.0.49
16 Apr 2004 13:29:30
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Remove noisy apache version detection
2.0.49
16 Apr 2004 12:24:43
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Add Makefile.modules.3rd, which should simplify apache modules porting.
It can not be used with USE_APACHE knob.

Most important knobs:
WANT_APACHE=    {13,2}
        Apache version required. if undefined, both apache version
        are allowed.
AP_FAST_BUILD
        Do ${APXS} -c ${APXS} -i for you
AP_GENPLIST
        Autogenerate a _SIMPLE_ plist:

See future commits to know how to use this file.
2.0.49
07 Apr 2004 14:27:47
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix install when people use a different /bin/sh
  This shouldn't have been fixed, but I don't like setting UID and GID
  variables.
  so ${*} -> ${WWW*}

PR:             64032
Noticed by:     Patrick Schoenfeld <schoenfeld@in-medias-res.com>
2.0.49
26 Mar 2004 17:05:03
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
- s/ac_cv_pthreads/apr_cv_pthreads/ (due to changes in 2.0.49)
  WITH_PTHREAD_LIBS and WITH_PTHREAD_CFLAGS are now working again

  WARNING: This option is still NOT offically supported.
  You can't flame me,but you still cansend me some backtrace ;-)
2.0.49
20 Mar 2004 12:27:46
Original commit files touched by this commit This port version is marked as vulnerable.
clement search for other commits by this committer
Update to 2.0.49

Full ChangeLogand announcement:
http://www.apache.org/dist/httpd/Announcement2.html

Port changes:
- buildconf patches improvement
- Fix typo [1]

PR:             64297 [1]
Submitted by:   TSUMAI Yasuyuki <ral@ta-ko.jp> [1]

Number of commits found: 188 (showing only 100 on this page)

1 | 2  »