FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
apache22 2.2.27_2 www on this many watch lists=278 search for ports that depend on this port An older version of this port was marked as vulnerable.
Version 2.2.x of Apache web server with prefork MPM.
Maintained by: apache@FreeBSD.org search for ports maintained by this maintainer
Port Added: 03 Dec 2005 22:05:32
Also Listed In: ipv6
License: not specified in port


The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/
SVNWeb : Main Web Site : Distfiles Availability : PortsMon
Slave ports
  1. www/apache22-event-mpm
  2. www/apache22-itk-mpm
  3. www/apache22-peruser-mpm
  4. www/apache22-worker-mpm

NOTE: FreshPorts displays only required dependencies information. Optional dependencies are not covered.

Required To Build:
  1. security/openssl
  2. devel/autoconf
  3. devel/libtool
Required To Run:
  1. security/openssl
  2. lang/perl5.16
Required Libraries:
  1. textproc/expat2
  2. devel/apr1
  3. devel/pcre
  4. converters/libiconv

This port is required by:

for Build
  1. devel/pushmi
  2. lang/php4*
  3. mail/sympa5*
  4. net/p5-Apache2-SOAP
  5. net-mgmt/netmagis-www
  6. net-mgmt/observium
  7. security/openscep
  8. security/shibboleth2-sp
  9. sysutils/syscp*
  10. textproc/htdig
  11. www/cas
  12. www/ftasv
  13. www/gnome-user-share
  14. www/libapreq2
  15. www/mod_amazon_proxy
  16. www/mod_antiloris
  17. www/mod_asn
  18. www/mod_auth_cas
  19. www/mod_auth_cookie_mysql2
  20. www/mod_auth_external2
  21. www/mod_auth_form
  22. www/mod_auth_imap2
  23. www/mod_auth_kerb2
  24. www/mod_auth_mellon
  25. www/mod_auth_mysql2
  26. www/mod_auth_mysql_another
  27. www/mod_auth_openid
  28. www/mod_auth_pam2
  29. www/mod_auth_pgsql2
  30. www/mod_auth_pubtkt
  31. www/mod_auth_tkt
  32. www/mod_auth_xradius
  33. www/mod_authn_otp
  34. www/mod_authn_sasl
  35. www/mod_authnz_crowd
  36. www/mod_authnz_external*
  37. www/mod_authnz_external22
  38. www/mod_authz_unixgroup
  39. www/mod_backtrace
  40. www/mod_bw
  41. www/mod_cband
  42. www/mod_cfg_ldap
  43. www/mod_chroot
  44. www/mod_clamav
  45. www/mod_cplusplus
  46. www/mod_cvs2
  47. www/mod_dnssd
  48. www/mod_domaintree
  49. www/mod_encoding
  50. www/mod_evasive
  51. www/mod_extract_forwarded
  52. www/mod_fastcgi
  53. www/mod_fcgid
  54. www/mod_fileiri
  55. www/mod_flickr
  56. www/mod_ftp
  57. www/mod_geoip2
  58. www/mod_gnutls
  59. www/mod_gzip2
  60. www/mod_h264_streaming
  61. www/mod_hosts_access
  62. www/mod_jail
  63. www/mod_jk
  64. www/mod_jk-apache2*
  65. www/mod_layout22
  66. www/mod_limitipconn2
  67. www/mod_line_edit
  68. www/mod_lisp2*
  69. www/mod_log_config-st
  70. www/mod_log_dbd
  71. www/mod_log_firstbyte
  72. www/mod_log_mysql
  73. www/mod_log_sql2
  74. www/mod_log_sql2-dtc
  75. www/mod_macro22
  76. www/mod_memcache
  77. www/mod_memcache_block
  78. www/mod_mono
  79. www/mod_musicindex
  80. www/mod_myvhost
  81. www/mod_ntlm2
  82. www/mod_pagespeed
  83. www/mod_perl2
  84. www/mod_php5
  85. www/mod_php55
  86. www/mod_proctitle
  87. www/mod_proxy_html
  88. www/mod_proxy_uwsgi
  89. www/mod_proxy_xml
  90. www/mod_python3
  91. www/mod_qos
  92. www/mod_remoteip
  93. www/mod_reproxy
  94. www/mod_rivet
  95. www/mod_rpaf2
  96. www/mod_ruby
  97. www/mod_scgi
  98. www/mod_security
  99. www/mod_security21*
  100. www/mod_setenvifplus
  101. www/mod_smooth_streaming*
  102. www/mod_spdy
  103. www/mod_tidy
  104. www/mod_tsa
  105. www/mod_uid
  106. www/mod_umask
  107. www/mod_vhost_ldap
  108. www/mod_vhs
  109. www/mod_webkit
  110. www/mod_whatkilledus
  111. www/mod_wsgi*
  112. www/mod_wsgi2
  113. www/mod_wsgi3
  114. www/mod_xml2enc
  115. www/mod_xmlns
  116. www/mod_xsendfile
  117. www/p5-Apache-AuthCookie
  118. www/p5-Apache-AuthTicket
  119. www/p5-Apache-Clean2
  120. www/p5-Apache-DBI
  121. www/p5-Apache-Gallery
  122. www/p5-Apache-GopherHandler*
  123. www/p5-Apache-MP3
  124. www/p5-Apache-ParseFormData
  125. www/p5-Apache2-Scoreboard*
  126. www/p5-Bundle-Sledge*
  127. www/p5-CGI-SpeedyCGI
  128. www/p5-libapreq2
  129. www/rubygem-passenger
  130. www/suphp
  131. www/websh
for Run
  1. databases/gnatsweb4
  2. databases/mysqlard*
  3. databases/mysqldumper
  4. deskutils/myitcrm
  5. deskutils/simplegroupware
  6. deskutils/surrealtodo
  7. devel/otrs
  8. devel/pushmi
  9. devel/viewvc
  10. finance/frontaccounting
  11. french/facturier
  12. games/hlstatsx
  13. graphics/mapserver
  14. lang/php4*
  15. mail/automx
  16. mail/dracmail
  17. mail/p5-qpsmtpd
  18. mail/sympa5*
  19. mail/vqregister
  20. misc/instant-server*
  21. net/p5-Apache2-SOAP
  22. net/prosearch
  23. net-mgmt/argus-monitor
  24. net-mgmt/netdisco
  25. net-mgmt/netmagis-www
  26. net-mgmt/observium
  27. net-mgmt/ocsinventory-ng
  28. net-mgmt/ourmon
  29. net-mgmt/pandorafms_console
  30. ports-mgmt/tinderbox
  31. ports-mgmt/tinderbox-devel
  32. security/openscep
  33. security/phpdeadlock
  34. security/shibboleth2-sp
  35. sysutils/dtc*
  36. sysutils/froxlor
  37. sysutils/syscp*
  38. textproc/htdig
  39. www/blogsum
  40. www/cakephp11
  41. www/cas
  42. www/dansguardian
  43. www/dansguardian-devel
  44. www/dotproject
  45. www/formication
  46. www/foswiki-ModPerlEngineContrib
  47. www/ftasv
  48. www/gnome-user-share
  49. www/libapreq2
  50. www/mod_amazon_proxy
  51. www/mod_antiloris
  52. www/mod_asn
  53. www/mod_auth_cas
  54. www/mod_auth_cookie_mysql2
  55. www/mod_auth_external2
  56. www/mod_auth_form
  57. www/mod_auth_imap2
  58. www/mod_auth_kerb2
  59. www/mod_auth_mellon
  60. www/mod_auth_mysql2
  61. www/mod_auth_mysql_another
  62. www/mod_auth_openid
  63. www/mod_auth_pam2
  64. www/mod_auth_pgsql2
  65. www/mod_auth_pubtkt
  66. www/mod_auth_tkt
  67. www/mod_auth_xradius
  68. www/mod_authn_otp
  69. www/mod_authn_sasl
  70. www/mod_authnz_crowd
  71. www/mod_authnz_external*
  72. www/mod_authnz_external22
  73. www/mod_authz_unixgroup
  74. www/mod_backtrace
  75. www/mod_bw
  76. www/mod_cband
  77. www/mod_cfg_ldap
  78. www/mod_chroot
  79. www/mod_clamav
  80. www/mod_cplusplus
  81. www/mod_cvs2
  82. www/mod_dnssd
  83. www/mod_domaintree
  84. www/mod_encoding
  85. www/mod_evasive
  86. www/mod_extract_forwarded
  87. www/mod_fastcgi
  88. www/mod_fcgid
  89. www/mod_fileiri
  90. www/mod_flickr
  91. www/mod_ftp
  92. www/mod_geoip2
  93. www/mod_gnutls
  94. www/mod_gzip2
  95. www/mod_h264_streaming
  96. www/mod_hosts_access
  97. www/mod_jail
  98. www/mod_jk
  99. www/mod_jk-apache2*
  100. www/mod_layout22
  101. www/mod_limitipconn2
  102. www/mod_line_edit
  103. www/mod_lisp2*
  104. www/mod_log_config-st
  105. www/mod_log_dbd
  106. www/mod_log_firstbyte
  107. www/mod_log_mysql
  108. www/mod_log_sql2
  109. www/mod_log_sql2-dtc
  110. www/mod_macro22
  111. www/mod_memcache
  112. www/mod_memcache_block
  113. www/mod_mono
  114. www/mod_musicindex
  115. www/mod_myvhost
  116. www/mod_ntlm2
  117. www/mod_pagespeed
  118. www/mod_perl2
  119. www/mod_php5
  120. www/mod_php55
  121. www/mod_proctitle
  122. www/mod_proxy_html
  123. www/mod_proxy_uwsgi
  124. www/mod_proxy_xml
  125. www/mod_python3
  126. www/mod_qos
  127. www/mod_remoteip
  128. www/mod_reproxy
  129. www/mod_rivet
  130. www/mod_rpaf2
  131. www/mod_ruby
  132. www/mod_scgi
  133. www/mod_security
  134. www/mod_security21*
  135. www/mod_setenvifplus
  136. www/mod_smooth_streaming*
  137. www/mod_spdy
  138. www/mod_tidy
  139. www/mod_tsa
  140. www/mod_uid
  141. www/mod_umask
  142. www/mod_vhost_ldap
  143. www/mod_vhs
  144. www/mod_webkit
  145. www/mod_whatkilledus
  146. www/mod_wsgi*
  147. www/mod_wsgi2
  148. www/mod_wsgi3
  149. www/mod_xml2enc
  150. www/mod_xmlns
  151. www/mod_xsendfile
  152. www/mythplugin-mythweb
  153. www/nibbleblog
  154. www/p5-Apache-AuthCookie
  155. www/p5-Apache-AuthTicket
  156. www/p5-Apache-Clean2
  157. www/p5-Apache-DB
  158. www/p5-Apache-DBI
  159. www/p5-Apache-Gallery
  160. www/p5-Apache-GopherHandler*
  161. www/p5-Apache-MP3
  162. www/p5-Apache-ParseFormData
  163. www/p5-Apache2-Scoreboard*
  164. www/p5-Bundle-Sledge*
  165. www/p5-CGI-SpeedyCGI
  166. www/p5-MasonX-WebApp
  167. www/p5-Maypole
  168. www/p5-Text-MultiMarkdown-ApacheHandler
  169. www/p5-libapreq2
  170. www/photo_gallery
  171. www/phpscheduleit*
  172. www/prado
  173. www/redaxo
  174. www/rt38
  175. www/rubygem-passenger
  176. www/siteframe
  177. www/suphp
  178. www/thundercache
  179. www/thundersnarf
  180. www/websh
  181. www/wwwstat
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

To install the port: cd /usr/ports/www/apache22/ && make install clean
To add the package: pkg install www/apache22


Configuration Options
===> The following configuration options are available for apache22-2.2.27_2:
     AUTH_BASIC=on: mod_auth_basic
     AUTH_DIGEST=on: mod_auth_digest
     AUTHN_ALIAS=on: mod_authn_alias
     AUTHN_ANON=on: mod_authn_anon
     AUTHN_DBD=off: mod_authn_dbd
     AUTHN_DBM=on: mod_authn_dbm
     AUTHN_DEFAULT=on: mod_authn_default
     AUTHN_FILE=on: mod_authn_file
     AUTHZ_DBM=on: mod_authz_dbm
     AUTHZ_DEFAULT=on: mod_authz_default
     AUTHZ_GROUPFILE=on: mod_authz_groupfile
     AUTHZ_HOST=on: mod_authz_host
     AUTHZ_OWNER=on: mod_authz_owner
     AUTHZ_USER=on: mod_authz_user
     AUTHNZ_LDAP=off: mod_authnz_ldap
     LDAP=off: connection pooling, result caching
     DBD=off: Manages SQL database connections
     CACHE=on: mod_cache
     DISK_CACHE=on: mod_disk_cache
     FILE_CACHE=on: mod_file_cache
     MEM_CACHE=off: mod_mem_cache
     DAV=on: mod_dav
     DAV_FS=on: mod_dav_fs
     DAV_LOCK=off: mod_dav_lock
     ACTIONS=on: mod_actions
     ALIAS=on: mod_alias
     ASIS=on: mod_asis
     AUTOINDEX=on: mod_autoindex
     CERN_META=on: mod_cern_meta
     CGI=on: mod_cgi
     CGID=off: mod_cgid
     CHARSET_LITE=on: mod_charset_lite
     DEFLATE=on: mod_deflate
     DIR=on: mod_dir
     DUMPIO=on: mod_dumpio
     ENV=on: mod_env
     EXPIRES=on: mod_expires
     HEADERS=on: mod_headers
     IMAGEMAP=on: mod_imagemap
     INCLUDE=on: mod_include
     INFO=on: mod_info
     LOG_CONFIG=on: mod_log_config
     LOGIO=on: mod_logio
     MIME=on: mod_mime
     MIME_MAGIC=on: mod_mime_magic
     NEGOTIATION=on: mod_negotiation
     REWRITE=on: mod_rewrite
     SETENVIF=on: mod_setenvif
     SPELING=on: mod_speling
     STATUS=on: mod_status
     UNIQUE_ID=on: mod_unique_id
     USERDIR=on: mod_userdir
     USERTRACK=on: mod_usertrack
     VHOST_ALIAS=on: mod_vhost_alias
     FILTER=on: mod_filter
     SUBSTITUTE=off: mod_substitute
     VERSION=on: mod_version
     SSL=on: mod_ssl
     SUEXEC=off: mod_suexec
     SUEXEC_RSRCLIMIT=off: suEXEC rlimits based on login class
     SUEXEC_USERDIR=off: suEXEC UserDir support
     REQTIMEOUT=on: mod_reqtimeout
     PROXY=off: mod_proxy
     IPV4_MAPPED=off: Allow IPv6 socket to handle IPv4
     BUCKETEER=off: mod_bucketeer
     CASE_FILTER=off: mod_case_filter
     CASE_FILTER_IN=off: mod_case_filter_in
     EXT_FILTER=off: mod_ext_filter
     LOG_FORENSIC=off: mod_log_forensic
     OPTIONAL_HOOK_EXPORT=off: mod_optional_hook_export
     OPTIONAL_HOOK_IMPORT=off: mod_optional_hook_import
     OPTIONAL_FN_IMPORT=off: mod_optional_fn_import
     OPTIONAL_FN_EXPORT=off: mod_optional_fn_export
====> mod_proxy: you have to choose at least one of them
     PROXY_AJP=off: mod_proxy_ajp
     PROXY_BALANCER=off: mod_proxy_balancer
     PROXY_CONNECT=off: mod_proxy_connect
     PROXY_FTP=off: mod_proxy_ftp
     PROXY_HTTP=off: mod_proxy_http
     PROXY_SCGI=off: mod_proxy_scgi
===> Use 'make config' to modify these settings

Master Sites:
  1. ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/apache22/
  2. ftp://ftp.forthnet.gr/pub/www/apache/httpd/
  3. ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/
  4. ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/
  5. ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/
  6. ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/
  7. http://apache.mirror.uber.com.au/httpd/
  8. http://apache.spd.co.il/httpd/
  9. http://archive.apache.org/dist/httpd/
  10. http://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/
  11. http://ftp.mirrorservice.org/sites/ftp.apache.org/httpd/
  12. http://ftp.twaren.net/Unix/Web/apache/httpd/
  13. http://mirrors.ircam.fr/pub/apache/httpd/
  14. http://ring.nict.go.jp/archives/net/apache/httpd/
  15. http://www.apache.org/dist/httpd/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2014-02-11
    Affects: users of lang/php* database/postgresql* database/mysql* www/apache*
    Author: mat@FreeBSD.org
    Reason: 
      The default versions of lang/php*, databases/postgresql*,
      databases/mysql* and www/apache* have been changed to support the
      new DEFAULT_VERSIONS variable.
    
      DEFAULT_APACHE_VER, DEFAULT_MYSQL_VER, DEFAULT_PGSQL_VER,
      DEFAULT_FPC_VER and DEFAULT_PHP_VER are now deprecated.  You can use
      the new DEFAULT_VERSIONS variable like this:
    
      DEFAULT_VERSIONS=php=5.5 mysql=5.6 apache=2.4
    
    
  • 2012-09-02
    Affects: users of www/apache22, www/apache22-event-mpm, www/apache22-itk-mpm, www/apache22-peruser-mpm, www/apache22-worker-mpm
    Author: ohauer@FreeBSD.org
    Reason: 
      The port use now the options NG framework, this means WITH_xxx
      directives are no longer valid.
    
      Additional:
      - APR only specific options like THREADS, MYSQL, PGSQL, SQLITE,
        BDB and IPV6 where removed.
      - PKGNAME has changed from apache-2... to apache22-2...
      - PROXY is now a MULTI directive which means at last one additional
        PROXY_(AJP|BALANCER|CONNECT|FTP|HTTP|SCGI) module is required.
      - CGI is only a valid option for MPM prefork, peruser and itk.
    
    
  • 2011-08-20
    Affects: users of www/apache* and depending ports
    Author: ohauer@FreeBSD.org
    Reason: 
      The default apache version changed from www/apache13 to www/apache22.
      Users who will continue with apache13 should create the following entry
      in /etc/make.conf
    
      APACHE_PORT=	www/apache13
    
    
  • 2010-05-18
    Affects: users of devel/apr0, devel/apr1, www/apache20, www/apache22
    Author: pgollucci@FreeBSD.org
    Reason: 
      devel/apr port has been renamed to devel/apr1.
    
      WITH_APR_FROM_PORTS=yes for www/apache22 has been dissolved and may be
      removed from your configuration files; devel/apr1 is always used now.
    
      Please manually delete apache-2.\* if installed _before_ updating using
      either portmaster or portupgrade:
    
    	pkg_delete -f apache-2.\*
    
      Then, if you use portmaster:
    
    	portmaster -o devel/apr1 devel/apr
    
      If you use portupgrade:
    
    	portupgrade -f -o devel/apr1 devel/apr
    
      Finally, reinstall Apache port if you deleted it earlier and update ports as
      usual (`XX' below is either 20 or 22):
    
    	portinstall www/apacheXX
    
    
  • 2009-06-11
    Affects: users of www/apache22
    Author: pgollucci@FreeBSD.org
    Reason: 
      Two rc.d scripts have been renamed:
    
    	apache22.sh -> apache22
    	htcacheclean.sh -> htcacheclean
    
      You'll need to update any crons wrappers, etc. for the new paths.
    
    
  • 2008-06-22
    Affects: users of devel/subversion, subversion-devel and subversion-freebsd
             with apr from www/apache22
    Author: Clement Laforet <clement@FreeBSD.org>
    Reason: 
      apr and apr-util bundled with apache 2.2.9 have been upgraded to 1.3.x, so
      shared libraries versions have been bumped. If you are using subversion
      with apache22 apr, you must rebuild subversion after the update.
    
    
  • 2008-01-20
    Affects: users of www/apache22
    Author: clement@FreeBSD.org
    Reason: 
      BDB framework provided by bsd.database.mk is now used by www/apache22
      port. WITH_BERKELEYDB knob is deprecated in favor of WITH_BDB and
      WITH_BDB_VER/WITH_BDB_BASE, see documentation for more details.
      ('make show-options').
    
    
Port Moves
  • port moved here from www/apache20 on 2012-08-18
    REASON: Has expired

  • port moved here from www/apache13+ipv6 on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-modperl on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13 on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-modssl+ipv6 on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-ssl on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

  • port moved here from www/apache13-modssl on 2012-01-01
    REASON: apache13 is deprecated, use www/apache22

Number of commits found: 200 (showing only 100 on this page)

«  1 | 2 

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
12 Dec 2009 10:42:51
Original commit files touched by this commit  2.2.14_5
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Add support for db48 (with WITH_BDB=t and WITH_BDB_VER=48) by
  updating patch to dbm.m4.  Old patch for dbm.m4 is for db47.  But
  recent apache dist already includes code block for db47, so update a
  patch by replacing it to db48.
- No $PORTREVISION bump (no effect to packages with default options).

Submitted by:   ume
12 Dec 2009 00:43:27
Original commit files touched by this commit  2.2.14_5
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Allow install by a user other then root
[Duplicate fix for devel/apr here in www/apache22 too]

PR:             ports/13876 [based on]
Submitted by:   Mel Flynn <mel at rachie.is-a-geek.net>
                miwi@
11 Dec 2009 23:56:52
Original commit files touched by this commit  2.2.14_4
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
whitespace fixes only
11 Dec 2009 23:43:26
Original commit files touched by this commit  2.2.14_4
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- envvars needs to be sourced before _all_ commands if it exists

PR:             ports/138466 (based on)
Submitted by:   Dmitry Pryanishnikov <lynx.ripe@gmail.com>
11 Dec 2009 23:37:04
Original commit files touched by this commit  2.2.14_3
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix handling of apache22_http_accept_enable="YES|NO"
  o Note, don't use required_modules you can not check the return value
    to conditionalize the -DNOHTTPACCEPT flag

PR:             ports/138373
Submitted by:   Helmut Schneider <jumper99@gmx.de>
11 Dec 2009 22:57:29
Original commit files touched by this commit  2.2.14_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Fix option WITH_PATCH_PROXY_CONNECT

PR:             ports/138846
Submitted by:   "George D." <gi@azagal.com>
10 Dec 2009 08:09:46
Original commit files touched by this commit  2.2.14_1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- OPTIONS+= PROXY_SCGI

PR:             ports/140137
Submitted by:   olli hauer <ohauer@gmx.de>
09 Dec 2009 23:48:01
Original commit files touched by this commit  2.2.14
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Update to 2.2.14
- With hat apache@

Note: The 3 CVE's are a no-op for the FreeBSD port --

date: 2009/08/25 05:33:03;  author: kuriyama;  state: Exp;  lines: +0 -0
(Forced commit)

- 2.2.13 (acutally 2.2.12) includes fixes for several CVEs. [1]
  but in our ports tree, APR related ones (CVE-2009-0023,
  CVE-2009-1955, CVE-2009-1956) were already backported in 2.2.11_5.

References:     http://www.apache.org/dist/httpd/CHANGES_2.2.12 [1]

Changes:
(Only the first 15 lines of the commit message are shown above View all of this commit message)
16 Sep 2009 14:17:57
Original commit files touched by this commit  2.2.13
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update MPM-ITK patch to 20090414-00

PR:             ports/137953
Submitted by:   Emil Mikulic <emikulic@gmail.com>
Feature safe:   yes
25 Aug 2009 05:33:03
Original commit files touched by this commit  2.2.13
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
(Forced commit)

- 2.2.13 (acutally 2.2.12) includes fixes for several CVEs. [1]
  but in our ports tree, APR related ones (CVE-2009-0023,
  CVE-2009-1955, CVE-2009-1956) were already backported in 2.2.11_5.

References:     http://www.apache.org/dist/httpd/CHANGES_2.2.12 [1]
25 Aug 2009 04:58:54
Original commit files touched by this commit  2.2.13
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.2.13.

PR:             ports/137651
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
02 Aug 2009 19:36:34
Original commit files touched by this commit  2.2.11_7
 This port version is marked as vulnerable.
mezz search for other commits by this committer
-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr
15 Jul 2009 16:56:10
Original commit files touched by this commit  2.2.11_7
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Fix a few "bad example" problems in the rc.d scripts that have been
propogated by copy and paste.

1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).

No PORTREVISION bumps because all of these changes are noops.
16 Jun 2009 17:04:56
Original commit files touched by this commit  2.2.11_7
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Change OPTION help text for WITH_APR_FROM_PORTS
  beware -> preferred

  In preparation for making it the default and dropping the option.

Discussed on:   ports@, apache@
12 Jun 2009 17:24:58
Original commit files touched by this commit  2.2.11_7
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Revert the bdb change in the last batch

- Reported by: Serveral

With Hat:   apache@
12 Jun 2009 00:53:43
Original commit files touched by this commit  2.2.11_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- forced commit to note that previous message had an incorrect pr #
  ports/135457 should have been ports/134457
12 Jun 2009 00:37:51
Original commit files touched by this commit  2.2.11_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
crap, that was supposed to be in the previous commit
12 Jun 2009 00:33:30
Original commit files touched by this commit  2.2.11_6
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Drop .sh suffices on rc.d scripts, add note to UPDATING
- Commit the final part of the bdb patch improving the value passed
  to --with-berkely-db [1]
- Silence the blasted warnings about accf [2]
  (Will send this upstream)
- Address httpd issue 42829* -  graceful restart with multiple listeners
   using prefork MPM can result in hung processes [3]
- Address httpd issue 29744+ - CONNECT does not work over existing
   SSL connection [4]
- Drop .sh suffices on rc.d scripts, add note to UPDATING [5]
- Bump PORTREVISION

PRs:                ports/110651 [1], ports/132528 [2], ports/134457 [3]
                    ports/135478
Submitted by:       "Timur I. Bakeyev" <timur@gnu.org> [1]
                    bz@ [2]
                    Alexander <freebsd@nagilum.org> [4]
                    myself (pgollucci@) [5]
Requested by:       apache@ (several) [3]

Tested by:          P6 TB (running live > 5 days)
                    RideCharge TB (running live > 3 days)
                    Apache Software Foundation (ASF) TB (running live > 1 day)

Sponosored by:      RideCharge Inc.
08 Jun 2009 03:10:25
Original commit files touched by this commit  2.2.11_5
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Backport apr-util security fixes pending the 2.2.12 release (forthcomming)

Security:      
http://www.vuxml.org/freebsd/eb9212f7-526b-11de-bbf2-001b77d09812
PR:             ports/135310
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>
With Hat:       apache
17 May 2009 07:24:35
Original commit files touched by this commit  2.2.11_4
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Mark SAFE apache@ ports MAKE_JOBS_SAFE=yes
10 Apr 2009 06:39:46
Original commit files touched by this commit  2.2.11_4
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
Add note tp pkg-message informing users of FAQ:
  your hostname must be resolvable via at least
  1 mechanism configured in /etc/nsswitch.conf
  or depending on the modules you hae loaded
  apache might not be able to start.

PRs:            ports/131563, ports/131564, ports/131565
Submitted by:   Glen Barber <glen.j.barber@gmail.com>
Discussed with: me
02 Apr 2009 01:22:58
Original commit files touched by this commit  2.2.11_4
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Add a patch to fix ab(1) fails to connect with "Operation already in
  progress (37)" errno.

References:     https://issues.apache.org/bugzilla/show_bug.cgi?id=44584
Obtained from: 
http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?r1=748396&r2=749438
Reviewed by:    apache@ (pgollucci@)
29 Jan 2009 23:51:46
Original commit files touched by this commit  2.2.11_3
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- www/apache22-peruser-mpm overwrites the apache22.tbz package in Latest/
  due to the Master/Slave relationship
  (Needs LATEST_LINK et al)

Discussed on:   apache@
Reported by:    John Hay <jhay@meraka.org.za>
Approved by:    Jille Timmermans <jille@quis.cx>

With hat:       apache
19 Jan 2009 19:08:23
Original commit files touched by this commit  2.2.11_2
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
remove now unused option WITH_SVN
19 Jan 2009 19:05:11
Original commit files touched by this commit  2.2.11_1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
Chase devel/apr-svn removal

Reported by:    tabthorpe
Pointyhat:      me
09 Jan 2009 14:13:05
Original commit files touched by this commit  2.2.11
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Re-assign www/apache* ports to apache@
- Previous MATAINERs please welcome yourself to the apache@ team.

Approved by: portmgr (pav, flz), secteam (simon), clement
06 Jan 2009 16:53:07
Original commit files touched by this commit  2.2.11
 This port version is marked as vulnerable.
wxs search for other commits by this committer
- Remove conditional checks for FreeBSD 5.x and older

Approved by:    pav
15 Dec 2008 22:05:56
Original commit files touched by this commit  2.2.11
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.2.11
- Always depend on pcre from ports [1]
- Fix plist with LDAP/without apr-util DSO
- source envvars as late as possible [2]

Requested by:           ale
                        Eygene Ryabinkin <rea-fbsd at codelabs dot ru> [2]
PR:                     ports/127418 [2]
03 Sep 2008 19:08:17
Original commit files touched by this commit  2.2.9_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix @comment string

Pointy hat to:  clement
Reported by:    Christer Solskogen
03 Sep 2008 19:07:56
Original commit files touched by this commit  2.2.9_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix @comment string

Pointy hat to:  clement
Reported by:    Christer Solskogen
03 Sep 2008 13:19:24
Original commit files touched by this commit  2.2.9_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix plist where apr_dbd is used
- Fix Postgresql build, don't trust pg_config
- Don't overwrite apr_dbd_mysql.c
- Bump PORTREVISION

No cookie for:  clement
02 Sep 2008 12:26:37
Original commit files touched by this commit  2.2.9_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update MPM itk patch to 20080727-00 (it is actually a no op
  on FreeBSD)
- Move mpm-itk patch to EXTRA_PATCHES to avoid conflicts with
  alternative mpm patches [1]
- update PLIST_SUBS when SLAVE_PORT_MPM is defined

Requested by:           Jille Timmermans [1]
02 Sep 2008 07:34:21
Original commit files touched by this commit  2.2.9_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix incorrect redirection order in startup script
- Bump PORTREVISION

PR:             ports/127038 [1]
Submitted by:   edwin@ [1]
Reported by:    Tod McQuillin
31 Aug 2008 23:00:27
Original commit files touched by this commit  2.2.9_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Yet Another Plist Fix [1]
- Completely shut up rc.d script when no profiles are enabled
  (add add support to disable profiles) [2]
- Fix CVE-2008-2939 for mod_proxy_ftp
  (XSS attacks when using wildcards in the path of the FTP URL)
- Add "apache22_fib" to start apache22 prefixed by
  "setfib -F ${apache22_fib}", so apache can use an alternate
  network view (not carefully tested yet)
- Revert previous patch to "fix" missing rc.d scripts. It
  actually breaks profiles.
- Bump PORTREVISION

PR:             ports/126670 [1],
                ports/116627 [2]
Submitted by:   Joseph S. Atkinson [1],
                Eygene Ryabinkin [2]
Security:       CVE-2008-2939

Special thanks to: pgollucci@
31 Aug 2008 16:51:38
Original commit files touched by this commit  2.2.9_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix plist when NOPORTDOCS is defined [1]
- Add WITH_SVN knob. It enables BDB for apache22 port and
  force dependency on dev/apr-svn when WITH_APR_FROM_PORTS is
  defined. (should help fixing [2]).
  Introduce APR_PORT.
- Add support for db-4.7 [3]
- Add mod_ldap OPTIONS fixup [4]
- Sometimes, rc scripts aren't included in package
  Try to fix this. [5]

PR:    ports/126053 [2], ports/125520 [3]
       ports/124651 [4], ports/126670 [5] (partially)

Reported by: QA Tindy [1],
             Crazig Leres [2],
             Larry Rosenman [4]
             Kirk Strauser [3],
             Joseph S. Atkinson [5]
21 Aug 2008 06:18:49
Original commit files touched by this commit  2.2.9
 This port version is marked as vulnerable.
rafan search for other commits by this committer
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
(Only the first 15 lines of the commit message are shown above View all of this commit message)
20 Aug 2008 00:57:32
Original commit files touched by this commit  2.2.9
 This port version is marked as vulnerable.
ade search for other commits by this committer
Conversion from (now defunct) autoconf-2.61 to autoconf-2.62

Tested by:      exp build run (erwin)
23 Jun 2008 21:11:15
Original commit files touched by this commit  2.2.9
 This port version is marked as vulnerable.
clement search for other commits by this committer
 - Update to 2.2.9
 - Add a note to UPDATING about the forced build of subversion
   because of apr/apu bumped version.
28 Jan 2008 20:42:04
Original commit files touched by this commit  2.2.8
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix recursive use of WITH_BDB_VER when WITH_BERKELEYDB and WITH_BDB_VER
  are both defined.

Reported by:    Vivek Khera <VIVEK@KHERA.ORG>
20 Jan 2008 14:00:32
Original commit files touched by this commit  2.2.8
 This port version is marked as vulnerable.
clement search for other commits by this committer
- s/bsd.databases.mk/bsd.database.mk/

PR:             ports/119823
Submitted by:   mm
20 Jan 2008 11:29:31
Original commit files touched by this commit  2.2.8
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.2.8
- Update documentation
- Use BDB from bsd.databases.mk instead of homebrew [1]

PR:             ports/119711 [1]
Submitted by:   mm [1]
16 Jan 2008 09:33:45
Original commit files touched by this commit  2.2.6_3
 This port version is marked as vulnerable.
mm search for other commits by this committer
- Add support for db45 and db46

PR:             ports/117937
Submitted by:   mm
Approved by:    maintainer timeout
11 Dec 2007 20:22:16
Original commit files touched by this commit  2.2.6_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix slave ports [1]
- Fix plist [2]
- Fix CONFLICTS with devel/apr-svn [3]
- Fix install when index.html is modified
- Bump PORT_REVISION

PR:             ports/118348 [1], ports/118338 [2],ports/117097 [2]
                ports/90088 [3], ports/118349 [3]
Submitted by:   Andrey Beresovsky <and at sfedu dot ru> [1],
                Dimitry Andric <dimitry at andric dot com> [2],
                YAMAMOTO Takao <yamamoto at computec dot co dot jp>
                Melvyn Sopacua <melvyn atmelvyn dot homeunix dot org> [3],
                Dominic Fandrey <lon_kamikaze at gmx dot de> [3]
30 Sep 2007 04:47:37
Original commit files touched by this commit  2.2.6_2
 This port version is marked as vulnerable.
linimon search for other commits by this committer
Switch autoconf dependencies from 2.53 or 2.59 to 2.61.

PR:             ports/116639
Submitted by:   aDe
23 Sep 2007 10:22:07
Original commit files touched by this commit  2.2.6_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Make port more OPTIONS compliant (more OPTIONS workarounds)
- Add some IGNORE entries to warn users when the choose conflicting options
20 Sep 2007 08:04:34
Original commit files touched by this commit  2.2.6_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix PCRE_FROM_PORTS. it wasn't processed by OPTIONS stff [1]
  (I forgot to re-apply the patch locally)

Reminded by:    bland@
20 Sep 2007 07:57:36
Original commit files touched by this commit  2.2.6_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix PCRE_FROM_PORTS. it wasn't processed by OPTIONS stff [1]
- Preserve index.html
- We no longer install images in default DocumentRoot (there're still in icons/)
- Various plist cleanup
- bump PORTREVISION since we are now safe with index.html

Reminded by:    bland@
19 Sep 2007 21:05:23
Original commit files touched by this commit  2.2.6
 This port version is marked as vulnerable.
clement search for other commits by this committer
- remove duplicate entry of mod_charset_lite [1]
- add PCRE_FROM_PORTS to OPTIONS
- use @dirrmtry for include/apache22
- workaround plist issues when upgrading, but it's not as safe as I
  would expect, it requires more work.

Spotted by:     bland@ [1]
18 Sep 2007 20:03:15
Original commit files touched by this commit  2.2.6
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add experimental support of OPTIONS.
  From UPDATING:

  By popular request, OPTIONS support has been added. When actived
  (default), these knobs are ignored:
          * WITH_<CATEGORY>_MODULES
          * WITHOUT_<CATEGORY>_MODULES
          * WITH_CUSTOM_<CATEGORY>
          * WITH_MODULES
          * WITHOUT_MODULES
          * WITH_STATIC_MODULES
  However, you can disable OPTIONS by defining WITHOUT_APACHE_OPTIONS.

- move envvars support to the beginning of apache22_checkconfig() to be
  sure we're using envvars during configtest [1]

PR:             ports/116329 [1]
Submitted by:   Ruud Althuizen <ruud@il.fontys.nl> [1]
16 Sep 2007 19:05:42
Original commit files touched by this commit  2.2.6
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix build when WITHOUT_IPV6 is defined and system is IPv6-free

PR:                     ports/115200
Submitted by:           anray
Also reported by:       Peter Jeremy
16 Sep 2007 15:46:10
Original commit files touched by this commit  2.2.6_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Import MySQL DBD backend
  This will definitively fix checksum mismatches. Time to investigate...

Reported by:    many
10 Sep 2007 19:15:48
Original commit files touched by this commit  2.2.6
 This port version is marked as vulnerable.
clement search for other commits by this committer
\

- Cleanup MPM selection
- Update mpm itk to 20070425-00
09 Sep 2007 14:55:17
Original commit files touched by this commit  2.2.6
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.2.6
- Fix restart when profiles are used [1]

Submitted by:   Jarrod Sayers <jarrod at netleader dot com dot au>
04 Aug 2007 11:41:31
Original commit files touched by this commit  2.2.4_2
 This port version is marked as vulnerable.
gabor search for other commits by this committer
- Remove the DESTDIR modifications from individual ports as we have a new,
  fully chrooted DESTDIR, which does not need such any more.

Sponsored by:   Google Summer of Code 2007
Approved by:    portmgr (pav)
22 Jul 2007 11:03:37
Original commit files touched by this commit  2.2.4_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add htcacheclean startup script [1]
- Add support for PCRE from ports (WITH_PCRE_FROM_PORTS) [2]
- Install split-logfile [3]

Submitted by:   Christopher Shumway <cshumway at titan-project dot org> [1]
Requested by:   Gergely CZUCZY <phoemix at harmless dot hu>, [2]
                many [3]
17 Jun 2007 16:59:27
Original commit files touched by this commit  2.2.4_2
 This port version is marked as vulnerable.
anders search for other commits by this committer
Remove thttpd from conflicts list, it has a different name for its
passwd program now.

Approved by:    maintainers/erwin
17 Mar 2007 17:02:34
Original commit files touched by this commit  2.2.4_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- backout OpenSSL part of previous commit.
  Forcing -rpath can lead to strange side effects when using apxs
17 Mar 2007 16:03:24
Original commit files touched by this commit  2.2.4_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Ensure we use correct OpenSSL libs [1]
- Fix multiprofiles support in rc script [2]

PR:             ports/100315 [1],
                ports/109536 [2]
Submitted by:   Jo Rhett <jrhett@svcolo.com> [1]
                Eygene Ryabinkin <rea-fbsd@codelabs.ru> [2]
13 Jan 2007 13:18:35
Original commit files touched by this commit  2.2.4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Ensure configure script won't force us to use an unwanted apr dbd backend.
13 Jan 2007 12:13:12
Original commit files touched by this commit  2.2.4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.2.4
- Add dumpio module
- Fix rcorder [1]

PR:             ports/106429 [1]
Submitted by:   Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> [1]
07 Nov 2006 08:09:20
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Install correct apr_mysql_dbd revision

Spotted by:     Tigran Azaryantz <tigercost@yahoo.com>
05 Nov 2006 10:49:17
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update MySQL apr_dbd to rev 57
- Add support for itk mpm
- Update doc [1]

Reported by:    Volodymyr Kostyrko <arcade@synergetica.dn.ua> [1]
25 Sep 2006 05:41:50
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove obsolete patch

Reported by:            Rui Lopes <rgl@ruilopes.com>
24 Sep 2006 16:16:40
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- House keeping (update to current standards: USE_RC_SUBR, USE_LDCONFIG,etc.)
- Remove python dependency unless apr_dbd_mysql is built [1]

Required by:            many [1]
13 Sep 2006 12:29:33
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
mr search for other commits by this committer
Add support for setting WITH_BERKELEYDB to db44
12 Aug 2006 09:05:18
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix apr_dbd_mysql build
07 Aug 2006 17:10:39
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix apr_dbd_mysql stuff.

Pointyhat to:   clement
Spotted by:     Sean McNeil <sean@mcneil.com>
05 Aug 2006 20:46:43
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Force to add ${PTHREAD_CFLAGS} and ${PTHREAD_LIBS} to force detection
  of pthread_kill(3).
05 Aug 2006 20:37:23
Original commit files touched by this commit  2.2.3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.2.3
- Update apr_dbd to latest version [1]
- Add forgotten mod_authn_alias [2]

Spotted by:     Jim Riggs <freebsd-lists@jimandlissa.com> [1]
                Alexander Wittig <alexander@wittig.name> [2
27 Jul 2006 20:26:29
Original commit files touched by this commit  2.2.2_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix security issue in mod_rewrite.
All people using mod_rewrite are strongly encouraged to update.

An off-by-one flaw exists in the Rewrite module, mod_rewrite.
Depending on the manner in which Apache httpd was compiled, this
software defect may result in a vulnerability which, in combination
with certain types of Rewrite rules in the web server configuration
files, could be triggered remotely.  For vulnerable builds, the nature
of the vulnerability can be denial of service (crashing of web server
processes) or potentially allow arbitrary code execution.
This issue has been rated as having important security impact
by the Apache HTTP Server Security Team

Updates to latest versions will follow soon.

Notified by:    so@ (simon)
Obtained from:  Apache Security Team
Security:       CVE-2006-3747
13 May 2006 04:41:22
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Remove USE_REINPLACE from categories starting with W
10 May 2006 19:47:15
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Remove obsolete patch which add support to Windows Update Service when
  apache acts as a proxy.

Reported by:    Bjoern Voigt <bjoern@cs.tu-berlin.de>
01 May 2006 09:07:28
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 2.2.2
- Enable mod_version by default
30 Apr 2006 15:52:08
Original commit files touched by this commit  2.2.0_7
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix typos in bdb-4.1 m4 macro

Spotted by:     Frank Steinborn <steinex@ircnow.org>
23 Feb 2006 10:40:45
Original commit files touched by this commit  2.2.0_7
 This port version is marked as vulnerable.
ade search for other commits by this committer
Conversion to a single libtool environment.

Approved by:    portmgr (kris)
20 Feb 2006 20:47:50
Original commit files touched by this commit  2.2.0_6
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
30 Jan 2006 23:20:05
Original commit files touched by this commit  2.2.0_6
 This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Chase shlib bump of libexpat.
23 Jan 2006 11:37:04
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- add -v to kldload to prevent loading accf_http module if it's statically
  built into kernel

Reported by:    many
22 Jan 2006 02:58:25
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)
17 Jan 2006 09:40:53
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Finish cleanups and fix build with threads enables.
15 Jan 2006 18:58:38
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
Cleanups and fixes
- remove useless options (and fix thread stuff) [1]
- move print-closest-mirror to bsd.apache.mk
- move threads configure options out of Makefile.modules
- Fix stupid logic to disable v4mapped address [2]
- and more...

Submitted/spotted by:   many, Hirohisa Yamaguchi <umq@ueo.co.jp> [1]
                        ume[2]
PR:                     ports/91813 [1]
15 Jan 2006 08:56:50
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Moving Makefile.modules before b.p.pre.mk leads to weird results.

First problem spotted by:       leafy <leafy@leafy.idv.tw>
15 Jan 2006 01:11:11
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- ohoh fix apache22.sh

Reported by:    Adam McLaurin <adam.mclaurin@fastmail.fm>,
                Dominique Goncalves <dominique.goncalves@gmail.com>
14 Jan 2006 16:03:43
Original commit files touched by this commit  2.2.0_5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- SECURITY: CVE-2005-3357 (cve.mitre.org)
   mod_ssl: Fix a possible crash during access control checks if a
   non-SSL request is processed for an SSL vhost (such as the
   "HTTP request received on SSL port" error message when an 400
   ErrorDocument is configured, or if using "SSLEngine optional").
   [1]
- reintroduce support of multiple instances of apache in startup
  script [2]
- Add configtest command to apache22.sh [2]
- rewrite detection of accf_http filter to make it works on all
  supported branches.
- fix rcorder [3]
- fix startup at boot time when profiles are used [4]

Spotted by:     simon [1], flz[3]
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au> [2],
                Joe Horn <joehorn@mi.chu.edu.tw> [4]
PR:             ports/91154 [2], ports/90708 [4]
14 Jan 2006 13:42:56
Original commit files touched by this commit  2.2.0_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix some suexec CONFIGURE_ARGS for 1.3.x
- add show-categories and show-modules targets, for server ports.
  Remove these targets from www/apache22/Makefile
25 Dec 2005 18:58:05
Original commit files touched by this commit  2.2.0_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- remove useless powerlogo.gif
25 Dec 2005 18:56:53
Original commit files touched by this commit  2.2.0_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- remove useless powerlogo.gif
17 Dec 2005 15:51:16
Original commit files touched by this commit  2.2.0_4
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix plist and improve dbd /mem_cache logic
15 Dec 2005 21:38:38
Original commit files touched by this commit  2.2.0_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Grrrrr. mod_mem_cache needs threads-capable APR

Reported by:            pointyhat via kris
13 Dec 2005 22:26:57
Original commit files touched by this commit  2.2.0_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix envvars.d [1]
- Add apache22_http_accept_enable to load accf_http kernel module [2]
  Additionnally, if it's not defined, we drop accept filter support
- Drop obsolete apache22ssl_enable rc.conf option
- Sync apache22.sh behavior with apachectl
  Add graceful and graceful-stop targets
- Rework categories (add CACHE_MODULES)
- Add support for apr_dbd: MySQL, PostgrSQL and SQLite3 backends are supported
  It adds mod_auth_dbd and mod_dbd automatically

more fixes to come soon...

PR:             ports/90309 [1],
                ports/90103 [2]
Submitted by:   Simun Mikecin <sime@data.home.hr> [1],
                Melvyn Sopacua <melvyn@melvyn.homeunix.net> [2]
13 Dec 2005 10:51:41
Original commit files touched by this commit  2.2.0_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix typo (it's actually in apache SVN repo)

Reported by:     Matt Smith <matt@xtaz.co.uk>
12 Dec 2005 20:55:14
Original commit files touched by this commit  2.2.0_3
 This port version is marked as vulnerable.
clement search for other commits by this committer
SECURITY: CVE-2005-3352 (cve.mitre.org)
     mod_imap: Escape untrusted referer header before outputting in HTML
     to avoid potential cross-site scripting.  Change also made to
     ap_escape_html so we escape quotes.  Reported by JPCERT.
     [Mark Cox]

Reported by:    simon
10 Dec 2005 11:53:01
Original commit files touched by this commit  2.2.0_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Don't forget to add USE_BUNDLED_APR to CONFIGURE_ENV
10 Dec 2005 11:39:40
Original commit files touched by this commit  2.2.0_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix plist (forgot when I add mod_filter) [1]
- workaround apr detection. Now apache22 build his own apr, even if apr
  is installed, unless you define WITH_APR_FROM_PORTS.

Reported by:    pointyhat via kris [1]
07 Dec 2005 20:54:42
Original commit files touched by this commit  2.2.0_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add forgotten mod_filter

Spotted by:             Cheese Lottery <cheeselottery@gmail.com>
04 Dec 2005 14:59:41
Original commit files touched by this commit  2.2.0_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Various package fixes
- Bump PORTREVISION
04 Dec 2005 13:31:20
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
clement search for other commits by this committer
- clean plist
04 Dec 2005 11:10:03
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix duplicated modules
04 Dec 2005 10:57:19
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update documentation.
  We no longer support for WWW_* knobs
03 Dec 2005 22:02:58
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add apache 2.2.0
  It's a temporary layout, I need more time to find the best.
  note that ${PREFIX}/www/(data|errors|cgi)(-dist) disappeared in favor of
  ${PREFIX}/www/apache22

Number of commits found: 200 (showing only 100 on this page)

«  1 | 2 

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
bugzilla40*Apr 18
bugzilla40*Apr 18
bugzilla42*Apr 18
bugzilla42*Apr 18
bugzilla44*Apr 18
bugzilla44*Apr 18
curlApr 11
dbus-glibApr 11
libaudiofileApr 11
linux-f10-curlApr 11
linux-f10-dbus-glibApr 11
linux-f10-libaudiofileApr 11
linux-f10-nas-libsApr 11
linux-f10-openldapApr 11
mingw32-openssl*Apr 11

13 vulnerabilities affecting 18 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24366
Broken 177
Deprecated 90
Ignore 531
Forbidden 6
Restricted 263
No CDROM 108
Vulnerable 29
Expired 8
Set to expire 77
Interactive 22
new 24 hours 1
new 48 hours4
new 7 days14
new fortnight39
new month143

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.