FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
apache22 2.2.27_5 www on this many watch lists=279 search for ports that depend on this port An older version of this port was marked as vulnerable.
Version 2.2.x of Apache web server with prefork MPM.
Maintained by: apache@FreeBSD.org search for ports maintained by this maintainer
Port Added: 03 Dec 2005 22:05:32
Also Listed In: ipv6
License: not specified in port


The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/
SVNWeb : Main Web Site : Distfiles Availability : PortsMon
Slave ports
  1. www/apache22-event-mpm
  2. www/apache22-itk-mpm
  3. www/apache22-peruser-mpm
  4. www/apache22-worker-mpm

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Required To Build:
  1. security/openssl
  2. devel/autoconf
Required To Run:
  1. security/openssl
  2. lang/perl5.16
Required Libraries:
  1. textproc/expat2
  2. devel/apr1
  3. devel/pcre
  4. converters/libiconv

This port is required by:

for Build
  1. devel/pushmi
  2. lang/php4*
  3. mail/sympa5*
  4. net/p5-Apache2-SOAP
  5. net-mgmt/observium
  6. security/openscep
  7. security/shibboleth2-sp
  8. sysutils/syscp*
  9. textproc/htdig
  10. www/cas
  11. www/ftasv
  12. www/gnome-user-share
  13. www/libapreq2
  14. www/mod_amazon_proxy
  15. www/mod_antiloris
  16. www/mod_asn
  17. www/mod_auth_cas
  18. www/mod_auth_cookie_mysql2
  19. www/mod_auth_external2
  20. www/mod_auth_form
  21. www/mod_auth_imap2
  22. www/mod_auth_kerb2
  23. www/mod_auth_mellon
  24. www/mod_auth_mysql2
  25. www/mod_auth_mysql_another
  26. www/mod_auth_openid
  27. www/mod_auth_pam2
  28. www/mod_auth_pgsql2
  29. www/mod_auth_pubtkt
  30. www/mod_auth_tkt
  31. www/mod_auth_xradius
  32. www/mod_authn_otp
  33. www/mod_authn_sasl
  34. www/mod_authnz_crowd
  35. www/mod_authnz_external*
  36. www/mod_authnz_external22
  37. www/mod_authz_unixgroup
  38. www/mod_backtrace
  39. www/mod_bw
  40. www/mod_cband
  41. www/mod_cfg_ldap
  42. www/mod_chroot
  43. www/mod_clamav
  44. www/mod_cloudflare
  45. www/mod_cplusplus
  46. www/mod_cvs2
  47. www/mod_dav_svn
  48. www/mod_dnssd
  49. www/mod_domaintree
  50. www/mod_encoding
  51. www/mod_evasive
  52. www/mod_extract_forwarded
  53. www/mod_fastcgi
  54. www/mod_fcgid
  55. www/mod_fileiri
  56. www/mod_flickr
  57. www/mod_ftp
  58. www/mod_geoip2
  59. www/mod_gnutls
  60. www/mod_gzip2
  61. www/mod_h264_streaming
  62. www/mod_hosts_access
  63. www/mod_jail
  64. www/mod_jk
  65. www/mod_jk-apache2*
  66. www/mod_layout22
  67. www/mod_limitipconn2
  68. www/mod_line_edit
  69. www/mod_lisp2*
  70. www/mod_log_config-st
  71. www/mod_log_dbd
  72. www/mod_log_firstbyte
  73. www/mod_log_mysql
  74. www/mod_log_sql2
  75. www/mod_log_sql2-dtc
  76. www/mod_macro22
  77. www/mod_memcache
  78. www/mod_memcache_block
  79. www/mod_mono
  80. www/mod_musicindex
  81. www/mod_myvhost
  82. www/mod_ntlm2
  83. www/mod_pagespeed
  84. www/mod_perl2
  85. www/mod_php5
  86. www/mod_php55
  87. www/mod_proctitle
  88. www/mod_proxy_html
  89. www/mod_proxy_uwsgi
  90. www/mod_proxy_xml
  91. www/mod_python3*
  92. www/mod_python33
  93. www/mod_python35
  94. www/mod_qos
  95. www/mod_realdoc
  96. www/mod_remoteip
  97. www/mod_reproxy
  98. www/mod_rivet
  99. www/mod_rpaf2
  100. www/mod_ruby*
  101. www/mod_scgi
  102. www/mod_security
  103. www/mod_security21*
  104. www/mod_setenvifplus
  105. www/mod_smooth_streaming*
  106. www/mod_spdy
  107. www/mod_tidy
  108. www/mod_tsa
  109. www/mod_uid
  110. www/mod_umask
  111. www/mod_vhost_ldap
  112. www/mod_vhs
  113. www/mod_webkit
  114. www/mod_whatkilledus
  115. www/mod_wsgi*
  116. www/mod_wsgi2*
  117. www/mod_wsgi3
  118. www/mod_xml2enc
  119. www/mod_xmlns
  120. www/mod_xsendfile
  121. www/p5-Apache-AuthCookie
  122. www/p5-Apache-AuthTicket
  123. www/p5-Apache-Clean2
  124. www/p5-Apache-DBI
  125. www/p5-Apache-Gallery
  126. www/p5-Apache-GopherHandler*
  127. www/p5-Apache-MP3
  128. www/p5-Apache-ParseFormData
  129. www/p5-Apache2-Scoreboard*
  130. www/p5-Bundle-Sledge*
  131. www/p5-CGI-SpeedyCGI
  132. www/p5-libapreq2
  133. www/rubygem-passenger
  134. www/suphp
  135. www/websh
for Run
  1. databases/gnatsweb4
  2. databases/mysqlard*
  3. databases/mysqldumper
  4. deskutils/moregroupware
  5. deskutils/myitcrm
  6. deskutils/phpcollab
  7. deskutils/simplegroupware
  8. deskutils/surrealtodo
  9. devel/otrs*
  10. devel/pushmi
  11. devel/viewvc
  12. finance/frontaccounting
  13. french/facturier
  14. games/hlstatsx
  15. lang/php4*
  16. mail/dracmail
  17. mail/p5-qpsmtpd
  18. mail/sympa5*
  19. mail/uebimiau
  20. mail/vqregister
  21. misc/achievo
  22. misc/instant-server*
  23. net/p5-Apache2-SOAP
  24. net/prosearch
  25. net-mgmt/argus-monitor
  26. net-mgmt/hawk
  27. net-mgmt/netdisco
  28. net-mgmt/observium
  29. net-mgmt/ocsinventory-ng
  30. net-mgmt/ourmon
  31. net-mgmt/pandorafms_console
  32. ports-mgmt/tinderbox
  33. ports-mgmt/tinderbox-devel
  34. security/openscep
  35. security/phpdeadlock
  36. security/shibboleth2-sp
  37. sysutils/dtc*
  38. sysutils/froxlor
  39. sysutils/ganglia-webfrontend
  40. sysutils/syscp*
  41. textproc/htdig
  42. www/blogsum
  43. www/cakephp11
  44. www/cas
  45. www/dansguardian
  46. www/dansguardian-devel
  47. www/dotproject
  48. www/formication
  49. www/foswiki-ModPerlEngineContrib
  50. www/ftasv
  51. www/gnome-user-share
  52. www/libapreq2
  53. www/mod_amazon_proxy
  54. www/mod_antiloris
  55. www/mod_asn
  56. www/mod_auth_cas
  57. www/mod_auth_cookie_mysql2
  58. www/mod_auth_external2
  59. www/mod_auth_form
  60. www/mod_auth_imap2
  61. www/mod_auth_kerb2
  62. www/mod_auth_mellon
  63. www/mod_auth_mysql2
  64. www/mod_auth_mysql_another
  65. www/mod_auth_openid
  66. www/mod_auth_pam2
  67. www/mod_auth_pgsql2
  68. www/mod_auth_pubtkt
  69. www/mod_auth_tkt
  70. www/mod_auth_xradius
  71. www/mod_authn_otp
  72. www/mod_authn_sasl
  73. www/mod_authnz_crowd
  74. www/mod_authnz_external*
  75. www/mod_authnz_external22
  76. www/mod_authz_unixgroup
  77. www/mod_backtrace
  78. www/mod_bw
  79. www/mod_cband
  80. www/mod_cfg_ldap
  81. www/mod_chroot
  82. www/mod_clamav
  83. www/mod_cloudflare
  84. www/mod_cplusplus
  85. www/mod_cvs2
  86. www/mod_dav_svn
  87. www/mod_dnssd
  88. www/mod_domaintree
  89. www/mod_encoding
  90. www/mod_evasive
  91. www/mod_extract_forwarded
  92. www/mod_fastcgi
  93. www/mod_fcgid
  94. www/mod_fileiri
  95. www/mod_flickr
  96. www/mod_ftp
  97. www/mod_geoip2
  98. www/mod_gnutls
  99. www/mod_gzip2
  100. www/mod_h264_streaming
  101. www/mod_hosts_access
  102. www/mod_jail
  103. www/mod_jk
  104. www/mod_jk-apache2*
  105. www/mod_layout22
  106. www/mod_limitipconn2
  107. www/mod_line_edit
  108. www/mod_lisp2*
  109. www/mod_log_config-st
  110. www/mod_log_dbd
  111. www/mod_log_firstbyte
  112. www/mod_log_mysql
  113. www/mod_log_sql2
  114. www/mod_log_sql2-dtc
  115. www/mod_macro22
  116. www/mod_memcache
  117. www/mod_memcache_block
  118. www/mod_mono
  119. www/mod_musicindex
  120. www/mod_myvhost
  121. www/mod_ntlm2
  122. www/mod_pagespeed
  123. www/mod_perl2
  124. www/mod_php5
  125. www/mod_php55
  126. www/mod_proctitle
  127. www/mod_proxy_html
  128. www/mod_proxy_uwsgi
  129. www/mod_proxy_xml
  130. www/mod_python3*
  131. www/mod_python33
  132. www/mod_python35
  133. www/mod_qos
  134. www/mod_realdoc
  135. www/mod_remoteip
  136. www/mod_reproxy
  137. www/mod_rivet
  138. www/mod_rpaf2
  139. www/mod_ruby*
  140. www/mod_scgi
  141. www/mod_security
  142. www/mod_security21*
  143. www/mod_setenvifplus
  144. www/mod_smooth_streaming*
  145. www/mod_spdy
  146. www/mod_tidy
  147. www/mod_tsa
  148. www/mod_uid
  149. www/mod_umask
  150. www/mod_vhost_ldap
  151. www/mod_vhs
  152. www/mod_webkit
  153. www/mod_whatkilledus
  154. www/mod_wsgi*
  155. www/mod_wsgi2*
  156. www/mod_wsgi3
  157. www/mod_xml2enc
  158. www/mod_xmlns
  159. www/mod_xsendfile
  160. www/mythplugin-mythweb
  161. www/nibbleblog
  162. www/otrs
  163. www/p5-Apache-AuthCookie
  164. www/p5-Apache-AuthTicket
  165. www/p5-Apache-Clean2
  166. www/p5-Apache-DB
  167. www/p5-Apache-DBI
  168. www/p5-Apache-Gallery
  169. www/p5-Apache-GopherHandler*
  170. www/p5-Apache-MP3
  171. www/p5-Apache-ParseFormData
  172. www/p5-Apache2-Scoreboard*
  173. www/p5-Bundle-Sledge*
  174. www/p5-CGI-SpeedyCGI
  175. www/p5-MasonX-WebApp
  176. www/p5-Maypole
  177. www/p5-Text-MultiMarkdown-ApacheHandler
  178. www/p5-libapreq2
  179. www/photo_gallery
  180. www/phpgroupware
  181. www/phpscheduleit*
  182. www/prado
  183. www/redaxo
  184. www/rt38
  185. www/rubygem-passenger
  186. www/siteframe
  187. www/suphp
  188. www/thundercache
  189. www/thundersnarf
  190. www/websh
  191. www/wwwstat
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

To install the port: cd /usr/ports/www/apache22/ && make install clean
To add the package: pkg install www/apache22


Configuration Options
===> The following configuration options are available for apache22-2.2.27_5:
     AUTH_BASIC=on: mod_auth_basic
     AUTH_DIGEST=on: mod_auth_digest
     AUTHN_ALIAS=on: mod_authn_alias
     AUTHN_ANON=on: mod_authn_anon
     AUTHN_DBD=off: mod_authn_dbd
     AUTHN_DBM=on: mod_authn_dbm
     AUTHN_DEFAULT=on: mod_authn_default
     AUTHN_FILE=on: mod_authn_file
     AUTHZ_DBM=on: mod_authz_dbm
     AUTHZ_DEFAULT=on: mod_authz_default
     AUTHZ_GROUPFILE=on: mod_authz_groupfile
     AUTHZ_HOST=on: mod_authz_host
     AUTHZ_OWNER=on: mod_authz_owner
     AUTHZ_USER=on: mod_authz_user
     AUTHNZ_LDAP=off: mod_authnz_ldap
     LDAP=off: connection pooling, result caching
     DBD=off: Manages SQL database connections
     CACHE=on: mod_cache
     DISK_CACHE=on: mod_disk_cache
     FILE_CACHE=on: mod_file_cache
     MEM_CACHE=off: mod_mem_cache
     DAV=on: mod_dav
     DAV_FS=on: mod_dav_fs
     DAV_LOCK=off: mod_dav_lock
     ACTIONS=on: mod_actions
     ALIAS=on: mod_alias
     ASIS=on: mod_asis
     AUTOINDEX=on: mod_autoindex
     CERN_META=on: mod_cern_meta
     CGI=on: mod_cgi
     CGID=off: mod_cgid
     CHARSET_LITE=on: mod_charset_lite
     DEFLATE=on: mod_deflate
     DIR=on: mod_dir
     DUMPIO=on: mod_dumpio
     ENV=on: mod_env
     EXPIRES=on: mod_expires
     HEADERS=on: mod_headers
     IMAGEMAP=on: mod_imagemap
     INCLUDE=on: mod_include
     INFO=on: mod_info
     LOG_CONFIG=on: mod_log_config
     LOGIO=on: mod_logio
     MIME=on: mod_mime
     MIME_MAGIC=on: mod_mime_magic
     NEGOTIATION=on: mod_negotiation
     REWRITE=on: mod_rewrite
     SETENVIF=on: mod_setenvif
     SPELING=on: mod_speling
     STATUS=on: mod_status
     UNIQUE_ID=on: mod_unique_id
     USERDIR=on: mod_userdir
     USERTRACK=on: mod_usertrack
     VHOST_ALIAS=on: mod_vhost_alias
     FILTER=on: mod_filter
     SUBSTITUTE=off: mod_substitute
     VERSION=on: mod_version
     SSL=on: mod_ssl
     SUEXEC=off: mod_suexec
     SUEXEC_RSRCLIMIT=off: suEXEC rlimits based on login class
     SUEXEC_USERDIR=off: suEXEC UserDir support
     REQTIMEOUT=on: mod_reqtimeout
     PROXY=off: mod_proxy
     IPV4_MAPPED=off: Allow IPv6 socket to handle IPv4
     BUCKETEER=off: mod_bucketeer
     CASE_FILTER=off: mod_case_filter
     CASE_FILTER_IN=off: mod_case_filter_in
     EXT_FILTER=off: mod_ext_filter
     LOG_FORENSIC=off: mod_log_forensic
     OPTIONAL_HOOK_EXPORT=off: mod_optional_hook_export
     OPTIONAL_HOOK_IMPORT=off: mod_optional_hook_import
     OPTIONAL_FN_IMPORT=off: mod_optional_fn_import
     OPTIONAL_FN_EXPORT=off: mod_optional_fn_export
====> mod_proxy: you have to choose at least one of them
     PROXY_AJP=off: mod_proxy_ajp
     PROXY_BALANCER=off: mod_proxy_balancer
     PROXY_CONNECT=off: mod_proxy_connect
     PROXY_FTP=off: mod_proxy_ftp
     PROXY_HTTP=off: mod_proxy_http
     PROXY_SCGI=off: mod_proxy_scgi
===> Use 'make config' to modify these settings

Master Sites:
  1. ftp://ftp.forthnet.gr/pub/www/apache/httpd/
  2. ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/
  3. ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/
  4. ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/
  5. ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/
  6. http://apache.mirror.uber.com.au/httpd/
  7. http://apache.spd.co.il/httpd/
  8. http://archive.apache.org/dist/httpd/
  9. http://distcache.FreeBSD.org/ports-distfiles/apache22/
  10. http://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/
  11. http://ftp.mirrorservice.org/sites/ftp.apache.org/httpd/
  12. http://ftp.twaren.net/Unix/Web/apache/httpd/
  13. http://mirrors.ircam.fr/pub/apache/httpd/
  14. http://ring.nict.go.jp/archives/net/apache/httpd/
  15. http://www.apache.org/dist/httpd/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2014-02-11
    Affects: users of lang/php* database/postgresql* database/mysql* www/apache*
    Author: mat@FreeBSD.org
    Reason: 
      The default versions of lang/php*, databases/postgresql*,
      databases/mysql* and www/apache* have been changed to support the
      new DEFAULT_VERSIONS variable.
    
      DEFAULT_APACHE_VER, DEFAULT_MYSQL_VER, DEFAULT_PGSQL_VER,
      DEFAULT_FPC_VER and DEFAULT_PHP_VER are now deprecated.  You can use
      the new DEFAULT_VERSIONS variable like this:
    
      DEFAULT_VERSIONS=php=5.5 mysql=5.6 apache=2.4
    
    
  • 2012-09-02
    Affects: users of www/apache22, www/apache22-event-mpm, www/apache22-itk-mpm, www/apache22-peruser-mpm, www/apache22-worker-mpm
    Author: ohauer@FreeBSD.org
    Reason: 
      The port use now the options NG framework, this means WITH_xxx
      directives are no longer valid.
    
      Additional:
      - APR only specific options like THREADS, MYSQL, PGSQL, SQLITE,
        BDB and IPV6 where removed.
      - PKGNAME has changed from apache-2... to apache22-2...
      - PROXY is now a MULTI directive which means at last one additional
        PROXY_(AJP|BALANCER|CONNECT|FTP|HTTP|SCGI) module is required.
      - CGI is only a valid option for MPM prefork, peruser and itk.
    
    
  • 2011-08-20
    Affects: users of www/apache* and depending ports
    Author: ohauer@FreeBSD.org
    Reason: 
      The default apache version changed from www/apache13 to www/apache22.
      Users who will continue with apache13 should create the following entry
      in /etc/make.conf
    
      APACHE_PORT=	www/apache13
    
    
  • 2010-05-18
    Affects: users of devel/apr0, devel/apr1, www/apache20, www/apache22
    Author: pgollucci@FreeBSD.org
    Reason: 
      devel/apr port has been renamed to devel/apr1.
    
      WITH_APR_FROM_PORTS=yes for www/apache22 has been dissolved and may be
      removed from your configuration files; devel/apr1 is always used now.
    
      Please manually delete apache-2.\* if installed _before_ updating using
      either portmaster or portupgrade:
    
    	pkg_delete -f apache-2.\*
    
      Then, if you use portmaster:
    
    	portmaster -o devel/apr1 devel/apr
    
      If you use portupgrade:
    
    	portupgrade -f -o devel/apr1 devel/apr
    
      Finally, reinstall Apache port if you deleted it earlier and update ports as
      usual (`XX' below is either 20 or 22):
    
    	portinstall www/apacheXX
    
    
  • 2009-06-11
    Affects: users of www/apache22
    Author: pgollucci@FreeBSD.org
    Reason: 
      Two rc.d scripts have been renamed:
    
    	apache22.sh -> apache22
    	htcacheclean.sh -> htcacheclean
    
      You'll need to update any crons wrappers, etc. for the new paths.
    
    
  • 2008-06-22
    Affects: users of devel/subversion, subversion-devel and subversion-freebsd
             with apr from www/apache22
    Author: Clement Laforet <clement@FreeBSD.org>
    Reason: 
      apr and apr-util bundled with apache 2.2.9 have been upgraded to 1.3.x, so
      shared libraries versions have been bumped. If you are using subversion
      with apache22 apr, you must rebuild subversion after the update.
    
    
  • 2008-01-20
    Affects: users of www/apache22
    Author: clement@FreeBSD.org
    Reason: 
      BDB framework provided by bsd.database.mk is now used by www/apache22
      port. WITH_BERKELEYDB knob is deprecated in favor of WITH_BDB and
      WITH_BDB_VER/WITH_BDB_BASE, see documentation for more details.
      ('make show-options').
    
    
Port Moves
  • port moved here from www/apache20 on 2012-08-18
    REASON: Has expired

  • port moved here from www/apache13+ipv6 on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-modperl on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13 on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-modssl+ipv6 on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-ssl on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-modssl on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

Number of commits found: 206 (showing only 100 on this page)

1 | 2 | 3  »  

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
13 Jul 2014 15:58:45
Original commit files touched by this commit  2.2.27_5
Revision:361691
ohauer search for other commits by this committer
- reflect new preferred apache version
08 Jul 2014 22:46:03
Original commit files touched by this commit  2.2.27_4
Revision:361317
ohauer search for other commits by this committer
- fix strip command (use ${PREFIX} instead real path)
08 Jul 2014 21:31:49
Original commit files touched by this commit  2.2.27_4
Revision:361294
ohauer search for other commits by this committer
- strip files
- sort pkg-plist
- always install DOCS (remove Makefile hack)
- reflect modules.d in EXAMPLESDIR, next target
  will be a new keyword for pkg-plist to handle
  module installation.
- bump PORTREVISION

- add warning about default version change (2014-07-11)
  (pkg-message, files/HEADS_UP)
12 Jun 2014 09:17:33
Original commit files touched by this commit  2.2.27_3
Revision:357574
tijl search for other commits by this committer
Bump PORTREVISION on everything that depends on devel/apr1 due to the
library version change.

Approved by:	portmgr (implicit)
04 Jun 2014 16:54:02
Original commit files touched by this commit  2.2.27_2
Revision:356512
des search for other commits by this committer
Add CPE information.

With hat:	ports-secteam
30 May 2014 21:55:22
Original commit files touched by this commit  2.2.27_2
Revision:355919
ohauer search for other commits by this committer
- /USE_AUTOTOOLS=libtool/USES=libtool/

with hat apache@
10 Apr 2014 20:57:36
Original commit files touched by this commit  2.2.27_2
Revision:350852
ohauer search for other commits by this committer
- fix build against security/openssl on FreeBSD-10
  in case port is build with tinderbox or poudriere.

  openssl is registered as BUILD/RUN dependency not
  as LIB dependency, therefore the check for openssl
  fails since it will be installed in a later stage
  by tinderbox / poudriere.

Thanks to Katsuya Higuchi who noted this issue on
the apache@ mailing list.
http://lists.freebsd.org/pipermail/freebsd-apache/2014-April/003490.html

MFH: 2014Q2

Submitted by:	Katsuya Higuchi <higuchi@jt-sys.co.jp>
08 Apr 2014 23:33:58
Original commit files touched by this commit  2.2.27_1
Revision:350649
ohauer search for other commits by this committer
- fix build on FreeBSD-10+ with OpenSSL from ports
- bump PORTVERSION because of CVE-2014-0076 / CVE-2014-0160

Special Thanks to Philip Jocks for reporting and testing!
http://lists.freebsd.org/pipermail/freebsd-apache/2014-April/003483.html

with hat apache@
05 Apr 2014 22:03:24
Original commit files touched by this commit  2.2.27
Revision:350274
ohauer search for other commits by this committer
- revert r350271
05 Apr 2014 21:52:11
Original commit files touched by this commit  2.2.27
Revision:350271
ohauer search for other commits by this committer
- remove comment from patch
27 Mar 2014 05:28:11
Original commit files touched by this commit  2.2.27
Revision:349319
ohauer search for other commits by this committer
- update to version 2.2.27
- fix apache-mpm-peruser graceful reload [1]

Changes with Apache 2.2.27

  *) SECURITY: CVE-2014-0098 (cve.mitre.org)
     Clean up cookie logging with fewer redundant string parsing passes.
     Log only cookies with a value assignment. Prevents segfaults when
     logging truncated cookies.
     [William Rowe, Ruediger Pluem, Jim Jagielski]

  *) SECURITY: CVE-2013-6438 (cve.mitre.org)
     mod_dav: Keep track of length of cdata properly when removing
     leading spaces. Eliminates a potential denial of service from
     specifically crafted DAV WRITE requests
(Only the first 15 lines of the commit message are shown above View all of this commit message)
16 Mar 2014 16:07:59
Original commit files touched by this commit  2.2.26
Revision:348417 This port version is marked as vulnerable.
ohauer search for other commits by this committer
ports in cat www where MAINTAINER=ports

- USE_BZIP2 -> USES= tar:bzip2
- LICENSE=BSD -> BSD[n]CLAUSE
21 Jan 2014 23:40:23
Original commit files touched by this commit  2.2.26
Revision:340674 This port version is marked as vulnerable.
bapt search for other commits by this committer
Fix properties on pkg-plist
24 Nov 2013 19:56:27
Original commit files touched by this commit  2.2.26
Revision:334783 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to 2.2.26

- add new directory for modules (APACHEETCDIR/modules.d)

  New modules can be registered here with a simple
  file that contains the LoadModule directives.
  Additonal Maintaines can write instructions to the
  conf file and keep pkg-message short.
  As bonus the config file can be installed like every
  other config file with a .sample extention so modules
  are not disabled during pkg upgrades.

  Module config files should begin with three digits
  followed by '_' e.g. 100_php5.conf.
  The load order can be controlled via the three digits.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
05 Nov 2013 22:18:46
Original commit files touched by this commit  2.2.25_1
Revision:332920 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- do not silence directory creation

Submitted by:	mandree
05 Nov 2013 22:00:08
Original commit files touched by this commit  2.2.25_1
Revision:332914 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- backport upstream commit r1528718 into mod_dav [1].
  This is needed because of a bug [2] due to an incorrect
  implementation of RFC 4918.
  The symptoms are a failure to copy a svn tree via DAV:

- fix package installation with old pkg tools (create empty
  folders in pkg-plist even staging is enabled)

[1] http://svn.apache.org/viewvc?view=revision&revision=1528718
[2] https://issues.apache.org/bugzilla/show_bug.cgi?id=55306

PR:		ports/183685
Submitted by:	Pietro Cerutti <gahr@FreeBSD.org>
27 Oct 2013 17:40:21
Original commit files touched by this commit  2.2.25
Revision:331788 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- support staging
- partitial adopt new ${opt}_ notation
20 Sep 2013 23:36:54
Original commit files touched by this commit  2.2.25
Revision:327776 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
www)
14 Sep 2013 13:38:21
Original commit files touched by this commit  2.2.25
Revision:327283 This port version is marked as vulnerable.
az search for other commits by this committer
- convert to the new perl5 framework
- convert USE_GMAKE to Uses

Approved by:	portmgr (bapt@, blanket)
07 Sep 2013 19:49:42
Original commit files touched by this commit  2.2.25
Revision:326683 This port version is marked as vulnerable.
bsam search for other commits by this committer
Introduce variable ICONV_PREFIX at Mk/Uses/iconv.mk. The default for
pre 100043 is ${LOCALBASE} and /usr otherwise. Convert all ports to
new variable usage.

Approved by:	portmgr (bapt, implicit)
14 Aug 2013 22:35:54
Refresh Original commit files touched by this commit
Revision:324744  Sanity Test Failure
ak search for other commits by this committer
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
10 Jul 2013 19:01:44
Original commit files touched by this commit  2.2.25
Revision:322728 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to apache-2.2.25
- update vuxml with additional CVE-2013-1896 entry

Changes with Apache 2.2.25
  http://www.apache.org/dist/httpd/CHANGES_2.2.25

  *) SECURITY: CVE-2013-1896 (cve.mitre.org)
     mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
     the source href (sent as part of the request body as XML) pointing to a
     URI that is not configured for DAV will trigger a segfault. [Ben Reser
     <ben reser.org>]

  *) SECURITY: CVE-2013-1862 (cve.mitre.org)
     mod_rewrite: Ensure that client data written to the RewriteLog is
     escaped to prevent terminal escape sequences from entering the
(Only the first 15 lines of the commit message are shown above View all of this commit message)
06 Jul 2013 08:46:40
Original commit files touched by this commit  2.2.24_1
Revision:322368 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- add fix for CVE-2013-1862
- adjust vuxml
27 Apr 2013 18:25:25
Original commit files touched by this commit  2.2.24
Revision:316683 This port version is marked as vulnerable.
mva search for other commits by this committer
- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig and
  USE_GETTEXT=yes to USES=gettext while here
26 Mar 2013 21:31:27
Original commit files touched by this commit  2.2.24
Revision:315333 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- prepare for apache24
05 Mar 2013 22:00:14
Original commit files touched by this commit  2.2.24
Revision:313481 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- disable new ab SSL extensions until a better way is found.

  only builds with OpenSSL from ports are affected which is
  not default, so no version bump.

Noted on the apache@ list by Jukka A. Ukkonen <jau@iki.fi>
and per PR by Arnis Rozentals <admin@liepajaport.lv>

PR:		176659
02 Mar 2013 19:31:50
Original commit files touched by this commit  2.2.24
Revision:313287 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to version 2.2.24
- move mpm itk patches to itk-mpm/files dir
- add sshd to REQUIRE line in the rc script to prevent boot
  issues in case a SSL cert is password protected [1]

Changes with Apache 2.2.24
 SECURITY: CVE-2012-3499 (cve.mitre.org) Various XSS flaws due to
 unescaped hostnames and URIs HTML output in mod_info, mod_status,
 mod_imagemap, mod_ldap, and mod_proxy_ftp.  [Jim Jagielski, Stefan
 Fritsch, Niels Heinen <heinenn google com>]

 SECURITY: CVE-2012-4558 (cve.mitre.org)
 XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
 Niels Heinen <heinenn google com>]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
09 Feb 2013 12:00:53
Original commit files touched by this commit  2.2.23_4
Revision:311969 This port version is marked as vulnerable.
crees search for other commits by this committer
Various spelling corrections

PR:		ports/175331
Submitted by:	Christoph Mallon
Approved by:	No objections within three weeks from any maintainer

While here, style and duplicate phrase fixes in bsdcflow pkg-descr

Submitted by:	mi
07 Feb 2013 12:37:48
Original commit files touched by this commit  2.2.23_4
Revision:311829 This port version is marked as vulnerable.
gahr search for other commits by this committer
- Get rid of PTHREAD_CFLAGS and PTHREAD_LIBS (category: www)

Approved by:	portmgr
02 Jan 2013 02:12:17
Original commit files touched by this commit  2.2.23_4
Revision:309798 This port version is marked as vulnerable.
ache search for other commits by this committer
Use
LockFile "/var/run/accept.lock"
instead of previous
LockFile "/var/log/accept.lock"

If system is crashed and rebooted, Apache refuses to start in case
/var/log/accept.lock.<pid> is found. That <pid> is almost always the same
due to minimum pid variance right after boot.
So use /var/run instead, which is cleaned on each boot.
10 Dec 2012 19:11:12
Refresh Original commit files touched by this commit
Revision:308630  Sanity Test Failure
mm search for other commits by this committer
Update PCRE to 8.32
Introduces the UTF-32 library pcre32
Bump PORTREVISION in dependent ports
18 Nov 2012 18:48:29
Original commit files touched by this commit  2.2.23_2
Revision:307544 This port version is marked as vulnerable.
hrs search for other commits by this committer
Fix a typo.

Spotted by:	ume
Pointy hat to:	hrs
Feature safe:	yes
18 Nov 2012 16:33:31
Original commit files touched by this commit  2.2.23_1
Revision:307542 This port version is marked as vulnerable.
hrs search for other commits by this committer
Fix rc.d script to support systems before and after ${name}_fib is introduced
into rc.subr.  Bump PORTREVISION.

Feature safe:	yes
02 Nov 2012 18:45:32
Original commit files touched by this commit  2.2.23
Revision:306878 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update apache22 to version 2.22.23
- trim vuxml/Makefile header

with hat apache@

Feature safe: yes

Security:       CVE-2012-2687
09 Sep 2012 17:01:30
Original commit files touched by this commit  2.2.22_8
Revision:303982 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- notice the users that old WITH/WITHOUT parameters are obsolete.
  Point them to the wiki

Thanks to crees@ for this suggestion to
implement this direct in the port

PR:		171509
08 Sep 2012 16:35:31
Original commit files touched by this commit  2.2.22_8
Revision:303916 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- add a note about devel/apr1 and apache22 updates
- adjust DBD IGNORE message
05 Sep 2012 07:40:26
Original commit files touched by this commit  2.2.22_8
Revision:303687 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- fix build on IPv4 only systems

Thanks to John Marshall to identify the issue!
04 Sep 2012 21:17:07
Original commit files touched by this commit  2.2.22_8
Revision:303674 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- Simplify options with the removal of the last APR only related parameter [1]

- disallow IPv6 sockets to handle IPv4 requests per default. [2]

- move extra-patch-server__config.c
    -> patch-server__config.c
    https://issues.apache.org/bugzilla/show_bug.cgi?id=53823

- bump PORTREVISION

[1] Credits to Hajimu UMEMOTO (ume@) for finding the last APR related parameter
[2] http://httpd.apache.org/docs/2.2/bind.html

with hat apache@
02 Sep 2012 14:31:59
Original commit files touched by this commit  2.2.22_7
Revision:303550 This port version is marked as vulnerable.
ohauer search for other commits by this committer
devel/apr1 [1]
- update APR to 1.4.6
- update APR-util to 1.4.1
- remove PKGNAMESUFFIX'es

www/apache-(event|itk|peruser|worker)-mpm
- adopt new Makefile header, adjust
  PKGNAMESUFFIX in apache22 masterport
  PKGNAME match now LATEST_LINK

www/apache22 [2]-[6]
- rewrite for options NG
- PORTNAME s|apache|apache22|
- remove APR APR-util specific otions,
  will be checked now with help of apr/u-1-config
(Only the first 15 lines of the commit message are shown above View all of this commit message)
23 Aug 2012 04:49:37
Original commit files touched by this commit  2.2.22_6
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- rewite apache port
 - remove all apr/apu related parts (leftovers from bundled apr)
 - remove invalid parts from Makefile.doc
 - move MODULES to Makefile.options

- remove apache20 parts
- remove category handling

with hat apache@
13 Aug 2012 19:51:11
Original commit files touched by this commit  2.2.22_6
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- rewrite bsd.apache.mk  (prepare for options NG support)
   keep full backward support until apache20 is removed from the tree
   comment code to remove with MFC TODO:

- adjust apache20 and apache22 ports
   changes are transparent for users (no PORTREVISION bump)

 Users who are using special build instructions in make.conf, such as
  - WITH_STATIC_MODULES= alias dir log_config mime rewrite setenvif vhost_alias

 should convert the values to UPPERCASE
  - WITH_STATIC_MODULES= ALIAS DIR LOG_CONFIG MIME REWRITE SETENVIF VHOST_ALIAS

 At the moment code to support old lowercase style is in place, but
 target to remove in favor for options NG.

with hat apache@
02 Aug 2012 03:17:26
Original commit files touched by this commit  2.2.22_6
 This port version is marked as vulnerable.
wxs search for other commits by this committer
Document Apache 2.2.x insecure handling of LD_LIBRARY_PATH.
Add patch[1] to address problem to apache port.

[1]:
http://svn.apache.org/viewvc/httpd/httpd/trunk/support/envvars-std.in?view=log&pathrev=1296428

Approved by:	apache@ (pgollucci@)
Obtained from:	Apache SVN
22 Jul 2012 21:13:35
Original commit files touched by this commit  2.2.22_5
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
apache22
- centralise OPTIONS in Makefile.options
- s/Enable// in OPTIONS
- rewrite Makefile.modules (last defined SLAVE_PORT_MPM port use now WITH_MPM
var)
- no REVISION bump, nothing changed in the logic / functionality

apache22-peruser-mpm
- use WITH_MPM instead SLAVE_PORT_MPM
08 Jul 2012 21:32:23
Original commit files touched by this commit  2.2.22_5
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- cleanup conflicts (remove no longer existent ports)
- remove explicit ABI version number from LIB_DEPENDS
14 Feb 2012 12:44:23
Original commit files touched by this commit  2.2.22_5
 This port version is marked as vulnerable.
mm search for other commits by this committer
Bump pcre library dependency due to 8.30 update
Add (vendor) patch for deprecated pcre_info()
09 Feb 2012 02:49:55
Original commit files touched by this commit  2.2.22_4
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- use $SYSCTL
- use full path setfib

PR:             ports/153264
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>
With Hat:       apache@
Sponsored by:   Apache Software Foundation (ASF)
08 Feb 2012 22:49:54
Original commit files touched by this commit  2.2.22_3
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Remove 0 length file breaking pkg

Reported by:    glarkin
08 Feb 2012 04:35:31
Original commit files touched by this commit  2.2.22_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Convert to USERS/GROUPS [1]
- Resync proxy connect patch [2]
- Bump PORTREVISION since the proxy patch is unconditionally applied
  which means we can remove that OPTION too

PR:             ports/164698 [1], ports/164711 [2]
Submitted by:   jgh@ [1], freebsd@nagilum.org [2]
With Hat:       apache@
Sponsored by:   RideCharge Inc. / TaxiMagic
01 Feb 2012 18:56:08
Original commit files touched by this commit  2.2.22
 This port version is marked as vulnerable.
jgh search for other commits by this committer
- Update to 2.2.22

Addresses:
* SECURITY: CVE-2011-3607 (cve.mitre.org)
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP
Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif
module is enabled, allows local users to gain privileges via a .htaccess file
with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request
header, leading to a heap-based buffer overflow.

* SECURITY: CVE-2012-0021 (cve.mitre.org)
The log_cookie function in mod_log_config.c in the mod_log_config module in the
Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not
properly handle a %{}C format string, which allows remote attackers to cause a
denial of service (daemon crash) via a cookie that lacks both a name and a
(Only the first 15 lines of the commit message are shown above View all of this commit message)
23 Jan 2012 23:24:38
Original commit files touched by this commit  2.2.21
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Restore inadvertently removed log renames from previous commit

Noticed by:     sunpoet@
Pointy Hat:     pgollucci@
18 Jan 2012 03:44:39
Original commit files touched by this commit  2.2.21
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Pull r1227293 from httpd svn
  Note, you have to actually uncomment the include for this to take affect
- No PORTREVISION bump since nothing changes by default

PR:             ports/156987
Reported by:    Adrian Dimcev <adimcev@carbonwind.net>
With Hat:       apache@
14 Jan 2012 08:57:23
Original commit files touched by this commit  2.2.21
 This port version is marked as vulnerable.
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
23 Sep 2011 22:26:39
Original commit files touched by this commit  2.2.21
 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav
15 Sep 2011 05:00:28
Original commit files touched by this commit  2.2.21
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to version 2.2.21

Addresses:
* SECURITY: CVE-2011-3348 (cve.mitre.org)
 mod_proxy_ajp when combined with mod_proxy_balancer: Prevents
 unrecognized HTTP methods from marking ajp: balancer members
 in an error state, avoiding denial of service.

* SECURITY: CVE-2011-3192 (cve.mitre.org)
 core: Further fixes to the handling of byte-range requests to use
 less memory, to avoid denial of service. This patch includes fixes
 to the patch introduced in release 2.2.20 for protocol compliance,
 as well as the MaxRanges directive.

PR:             ports/160743
Submitted by:   Jason Helfman <jhelfman@experts-exchange.com>
12 Sep 2011 23:17:33
Original commit files touched by this commit  2.2.20_1
 This port version is marked as vulnerable.
gabor search for other commits by this committer
- Track dependencies after databases/gdbm update
12 Sep 2011 13:46:59
Original commit files touched by this commit  2.2.20
 This port version is marked as vulnerable.
gabor search for other commits by this committer
- Track dependencies after databases/gdbm update
02 Sep 2011 06:18:02
Original commit files touched by this commit  2.2.20
 This port version is marked as vulnerable.
ade search for other commits by this committer
Emergency upgrade to 2.2.20 - CVE-2011-3192.  Any complaints, talk to me.

PR:             160381
29 Jun 2011 17:28:44
Original commit files touched by this commit  2.2.19
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- Close a race condition that sometimes resulted in configure.in
  patches being ignored
22 May 2011 21:33:31
Original commit files touched by this commit  2.2.19
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to httpd-2.2.19

Changes with Apache 2.2.19

  *) Revert ABI breakage in 2.2.18 caused by the function signature change
     of ap_unescape_url_keep2f().  This release restores the signature from
     2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
     [Eric Covener]

commit with hat apache@
14 May 2011 21:53:21
Original commit files touched by this commit  2.2.18
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- unbreak mpm-itk-20110321-01 patch

PR:             ports/157041
Submitted by:   zlopi.ru <zlopi.ru _at gmail.com>
13 May 2011 23:02:38
Original commit files touched by this commit  2.2.18
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to version 2.2.18

Changes:
http://www.apache.org/dist/httpd/CHANGES_2.2.18

Changes with Apache 2.2.18

  *) Log an error for failures to read a chunk-size, and return 408 instead
     413 when this is due to a read timeout.  This change also fixes some cases
     of two error documents being sent in the response for the same scenario.
     [Eric Covener] PR49167

  *) core: Only log a 408 if it is no keepalive timeout. PR 39785
     [Ruediger Pluem,  Mark Montague <markmont umich.edu>]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
18 Apr 2011 20:32:33
Original commit files touched by this commit  2.2.17_2
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
 - fix Ports with version numbers going backwards for www/apache22-peruser-mpm
 - by changing PORTREVISION= to ?=

   Issue reported by erwin@
31 Mar 2011 17:00:37
Original commit files touched by this commit  2.2.17_2
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
 - update Apache 2 ITK MPM patch to version 20110321-01 [1]
 - add additional patch for mpm-itk [2]
 - add mod_substitute to apache22 [3]
 - add some documentation into the mpm-itk* patches
 - bump portrevision

 Changes:
 [1] apache2.2-mpm-itk 2.2.17-01, released 2011-03-21:
  * Fixed CVE-2011-1176: If NiceValue was set, the default with no
    AssignUserID was to run as root:root instead of the default Apache user
    and group, due to the configuration merger having an incorrect default
    configuration.
  * Rebase against Apache 2.2.17.
  * Fix an issue where users can sometimes get spurious 403s on persistent
    connections, if the .htaccess files are not world readable.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
19 Mar 2011 12:38:54
Original commit files touched by this commit  2.2.17_1
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Get Rid MD5 support
07 Dec 2010 20:38:17
Original commit files touched by this commit  2.2.17_1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- update conflicts
04 Dec 2010 07:34:27
Original commit files touched by this commit  2.2.17_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to new bsd.autotools.mk
21 Oct 2010 18:00:15
Original commit files touched by this commit  2.2.17_1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- The previous update to the rc.d script didn't quite maintain the old behavior
  correctly.  This fixes the pid file name

PR:                             ports/151623
Submitted by:   Vivek Khera <vivek@khera.org>
With Hat:               apache@
Point hat to:   myself (pgollucci)
20 Oct 2010 21:04:58
Original commit files touched by this commit  2.2.17
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Update to 2.2.17

**
* Note, no CVE affects the FREEBSD port.  devel/apr1 was updated to
* apr-util 1.3.10 on 2010/10/06 05:32:24.
**

Changes:        http://www.apache.org/dist/httpd/CHANGES_2.2
PR:             ports/151594
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
With Hat:       apache@

<ChangeLog>
  *) prefork MPM: Run cleanups for final request when process exits gracefully
     to work around a flaw in apr-util.  PR 43857.  [Tom Donovan]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
16 Oct 2010 11:52:47
Original commit files touched by this commit  2.2.16_2
 This port version is marked as vulnerable.
ade search for other commits by this committer
Punt autoconf267->autoconf268
14 Oct 2010 20:20:06
Original commit files touched by this commit  2.2.16_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- s,/usr/local,%%PREFIX%%,'

Reported by:    stas
14 Oct 2010 19:53:25
Original commit files touched by this commit  2.2.16_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Allow overriding of the following on a profile basis.
    pidfile
    command
    envvars

Without profiles, the old defaults remain unchanged.  With profiles the old
defaults
remain unchanged.

Sponsored by:           RideCharge Inc. / TaxiMagic
Tested by:                      RideCharge Inc. / TaxiMagic (> 1 yr in
production)
With Hat:                       apache@
15 Sep 2010 18:35:24
Original commit files touched by this commit  2.2.16_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs
26 Jul 2010 01:28:40
Original commit files touched by this commit  2.2.16
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.2.16.

Security:       CVE-2010-1452 (mod_{cache,dev} remote DoS),
                CVE-2010-2068 (mod_{proxy_{ajp,http},reqtimeout} related on some
platforms)
21 May 2010 16:28:25
Original commit files touched by this commit  2.2.15_9
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
Bump PORTREVISION forgotten in last commit, by /home/ncvs lied to me.

- Fix misnamed patch that was unconditionally applied.

PR:             ports/146789
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
With Hat:       apache@
21 May 2010 16:27:10
Original commit files touched by this commit  2.2.15_8
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix misnamed patch that was unconditionally applied.

PR:             ports/146789
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
With Hat:       apache@
20 May 2010 21:43:47
Original commit files touched by this commit  2.2.15_8
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Enable,build, and install mod_reqtimeout.so which mitigates solaris attacks.
- Default on, so bump PORTREVISION

Reuested by:        Jonas Eckerman <jonas@fsdb.org> (via apache@)
With Hat:           apache@
18 May 2010 04:58:08
Original commit files touched by this commit  2.2.15_7
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Bump PORTREVISION

With Hat:   apache@
18 May 2010 04:57:46
Original commit files touched by this commit  2.2.15_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Whitespace only

With Hat:   apache@
18 May 2010 04:57:10
Original commit files touched by this commit  2.2.15_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
-  only need to set grandfather deps
   the dbm maze is a bit harder so is left alone for now

With Hat:   apache@
18 May 2010 04:55:44
Original commit files touched by this commit  2.2.15_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- file is only in devel/apr[01] now.

With Hat:   apache@
18 May 2010 04:55:15
Original commit files touched by this commit  2.2.15_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- remove apr/apr-util vestiges
- fullbuild not needed anymore
- buildconf not needed anymore
- scripts_env not needed anymore

With Hat:   apache@
18 May 2010 04:53:40
Original commit files touched by this commit  2.2.15_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Remove WITH_APR_FROM_PORTS option. Always use devel/apr1 port now.
  Bundled srclib/apr is never used now.

With Hat:   apache@
18 May 2010 04:08:06
Original commit files touched by this commit  2.2.15_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Chase devel/apr -> devel/apr1 shuffling

PR:             ports/146553
Submitted by:   myself (pgollucci@)
With Hat:       apache@
18 May 2010 04:05:05
Original commit files touched by this commit  2.2.15_5
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Convert ports/ to devel/apr1

PR:             ports/146553
Submitted by:   myself (pgollucci@)
With Hat:       apache@
14 May 2010 05:05:13
Original commit files touched by this commit  2.2.15_5
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- blasted whitespace
14 May 2010 05:03:30
Original commit files touched by this commit  2.2.15_5
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
By default suexec doesn't enforces different resource limitations configured in
login.conf(5). This is probably because resource limitations are handled
differently on various different platforms.

This modifies suexec behaviour to set resource limits for CGI's
from /etc/login.conf before execing the customers CGI script.

Doesn't affect default package, so no PORTREVISION bumps.

I will follow up at dev@httpd.apache.org to see about adding this
with #ifdefs.

PR:             ports/136091
Submitted by:   Alexey V.Degtyarev <alexey@renatasystems.org>
With Hat:       apache@
13 May 2010 00:59:32
Original commit files touched by this commit  2.2.15_5
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Remove use of $] which is deprecated in perl and gone in perl 5.12
  This is already being discussed at dev@httpd and will be committed upstream

Reported by:    brad clawsie <clawsie@fastmail.fm> (on apache@ list)
With Hat:       apache@
07 May 2010 21:46:21
Original commit files touched by this commit  2.2.15_4
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Continuation of ports/133704
  apxs -A comments out the LoadModule line
  This adds custom FreeBSD mod to 'DELETE' the line so that it works with
  our pkg-plists in packages.
- Remove -s form the cmp httpd.conf in pkg-plist to be blatant about why
  it didn't get removed
- Tested with lang/php5
- Bump PORTREVISION

PR:             ports/133704
With Hat:       apache@
07 May 2010 20:53:45
Original commit files touched by this commit  2.2.15_3
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix -A and -a options for apxs to correctly ignore whitespace.
  This will fix about 100 pkg-plist left overs for httpd.conf
- Bump PORTREVISION
-  This will be in 2.2.16.

PR:             ports/133704
Obtained from:  http://svn.apache.org/viewvc?rev=942210&view=rev
Reported by:    olli hauer <ohauer@gmx.de> (and very good pr!)
With Hat:       apache@
07 May 2010 18:33:45
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- FreeBSD doesn't use EGD sockets. Also the option handling doesn't honor
  without-egd.
  Carry the devel/apr fix through

PR:             ports/146376
Submitted by:   Guido Fals
07 May 2010 05:56:58
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
2/2:    fix mod_auth_digest builds which needs EGD and DEVRANDOM.
        This fixes both bundled apr using the port (devel/apr for
WITH_APR_FROM_PORTS)

PR: ports/134577
Requested by: Pascal Vizeli <pvizeli@yahoo.de>
With Hat: apache@
07 May 2010 05:16:39
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- silence this warning -- libtool: ignoring unknown tag CXX

With Hat:   apache@
07 May 2010 05:14:38
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- fix ldap support (duplicate www/apache20 fix)
    --with-ldap switches on LDAP library linking in apr-util
    --enable-ldap option switches on the LDAP caching module
    --enable-authnz-ldap option switches on the LDAP authentication module
   [AAA was rewritten in 3 peices in 2.4.x, hence the option change]
  - no custom patch, the linking was fixed in 2.2.x
  - ldap is not in the default package, so no PORTREVISION bump

PR:             ports/128079
Reported by:    koitsu, skreuzer
With Hat:       apache@
07 May 2010 03:15:44
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix the owner to be root:wheel on files* when running sudo make ...
  This doesn't affect the package b/c pointyhat/tb run as root

PR:             ports/134456
With Hat:       apache@
07 May 2010 01:46:06
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Forced commit to note the following CVEs were fixed in 2.2.15
  [from CHANGES file]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
     attack when compiled against OpenSSL version 0.9.8m or later. Introduces
     the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
     and offer unsafe legacy renegotiation with clients which do not yet
     support the new secure renegotiation protocol, RFC 5746.
     [Joe Orton, and with thanks to the OpenSSL Team]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
     for OpenSSL versions prior to 0.9.8l; reject any client-initiated
     renegotiations. Forcibly disable keepalive for the connection if there
(Only the first 15 lines of the commit message are shown above View all of this commit message)
07 May 2010 00:06:21
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Update CONFLICTS to make apr package names.

With Hat:   apache@
07 May 2010 00:02:16
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Regenerate patch files with make makepatch for they have
  piled up and additional patches conflict.
  This also will help when we try to syncronize www/apache20&www/apache22
- Unconditionally apply the mod_proxy_connect patch, you just may or may
  not actually compile the file to save some logic in Makefile

With Hat:   apache@
06 May 2010 23:19:56
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- This file isn't even used, it doesn't matter anyway devel/apr(1.4.2) and
  the apr bundled with www/apache22 include this file as the licensing
  issue was resolved ages ago

With Hat:   apache@
05 May 2010 22:20:29
Original commit files touched by this commit  2.2.15_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Install check_forensic script if mod_log_forensic is enabled

PR:             ports/144292
Submitted by:   Dan Mahoney <danm@prime.gushi.org>
With Hat:       apache@
05 May 2010 22:18:39
Original commit files touched by this commit  2.2.15_1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- move OPTION handling out of targets section [no-op]

With Hat:   apache@

Number of commits found: 206 (showing only 100 on this page)

1 | 2 | 3  »  

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
firefoxJul 23
firefox-develJul 23
firefox-esrJul 23
firefox10Jul 23
firefox15Jul 23
firefox3Jul 23
firefox3-develJul 23
firefox35Jul 23
firefox36Jul 23
linux-firefoxJul 23
linux-thunderbirdJul 23
nssJul 23
thunderbirdJul 23
thunderbird-esrJul 23
thunderbird3Jul 23

9 vulnerabilities affecting 26 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24425
Broken 196
Deprecated 792
Ignore 531
Forbidden 16
Restricted 263
No CDROM 102
Vulnerable 27
Expired 21
Set to expire 779
Interactive 13
new 24 hours 1
new 48 hours4
new 7 days19
new fortnight46
new month104

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.