FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
apache24 Version 2.4.x of Apache web server
2.4.23_1 www on this many watch lists=44 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: apache@FreeBSD.org search for ports maintained by this maintainer
Port Added: 26 Mar 2013 21:35:55
Also Listed In: ipv6
License: not specified in port
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/www/apache24/ && make install clean
To add the package: pkg install apache24

PKGNAME: apache24

distinfo:

TIMESTAMP = 1467307196
SHA256 (apache24/httpd-2.4.23.tar.bz2) = 0c1694b2aad7765896faf92843452ee2555b9591ae10d4f19b245f2adfe85e58
SIZE (apache24/httpd-2.4.23.tar.bz2) = 6351875


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. autoconf-2.69 : devel/autoconf
  2. autoheader-2.69 : devel/autoconf
  3. autoreconf-2.69 : devel/autoconf
  4. aclocal-1.15 : devel/automake
  5. automake-1.15 : devel/automake
  6. libtoolize : devel/libtool
Runtime dependencies:
  1. perl5>=5.20<5.21 : lang/perl5.20
Library dependencies:
  1. libexpat.so : textproc/expat2
  2. libapr-1.so : devel/apr1
  3. libpcre.so : devel/pcre
  4. libiconv.so : converters/libiconv
  5. libxml2.so : textproc/libxml2

This port is required by:

for Build
  1. devel/pushmi
  2. graphics/mapcache
  3. mail/sympa
  4. net/p5-Apache2-SOAP
  5. security/openscep
  6. security/shibboleth2-sp
  7. textproc/htdig
  8. Expand this list (107 items)
  9. www/cas*
  10. www/ftasv
  11. www/gnome-user-share
  12. www/libapreq2
  13. www/mod_amazon_proxy
  14. www/mod_asn
  15. www/mod_auth_cas
  16. www/mod_auth_cookie_mysql2
  17. www/mod_auth_external2
  18. www/mod_auth_form*
  19. www/mod_auth_gssapi
  20. www/mod_auth_kerb2
  21. www/mod_auth_mellon*
  22. www/mod_auth_mysql2
  23. www/mod_auth_mysql_another
  24. www/mod_auth_openid
  25. www/mod_auth_pam2
  26. www/mod_auth_pgsql2
  27. www/mod_auth_pubtkt
  28. www/mod_auth_tkt
  29. www/mod_auth_xradius
  30. www/mod_authn_otp
  31. www/mod_authnz_crowd
  32. www/mod_authnz_external24
  33. www/mod_authz_unixgroup24
  34. www/mod_backtrace
  35. www/mod_cfg_ldap
  36. www/mod_chroot
  37. www/mod_cloudflare
  38. www/mod_cvs2
  39. www/mod_dav_svn
  40. www/mod_dnssd
  41. www/mod_domaintree
  42. www/mod_encoding
  43. www/mod_evasive
  44. www/mod_fastcgi
  45. www/mod_fcgid
  46. www/mod_fileiri
  47. www/mod_flickr
  48. www/mod_ftp*
  49. www/mod_geoip2
  50. www/mod_gnutls*
  51. www/mod_gzip2
  52. www/mod_h264_streaming
  53. www/mod_http2-devel
  54. www/mod_jail
  55. www/mod_jk
  56. www/mod_limitipconn2
  57. www/mod_line_edit
  58. www/mod_log_dbd*
  59. www/mod_log_firstbyte
  60. www/mod_log_sql2
  61. www/mod_macro24*
  62. www/mod_memcache
  63. www/mod_mono
  64. www/mod_mpm_itk
  65. www/mod_myvhost
  66. www/mod_pagespeed*
  67. www/mod_perl2
  68. www/mod_php5*
  69. www/mod_php55
  70. www/mod_php56
  71. www/mod_php70
  72. www/mod_proctitle
  73. www/mod_proxy_uwsgi
  74. www/mod_proxy_xml
  75. www/mod_python35
  76. www/mod_qos
  77. www/mod_realdoc
  78. www/mod_reproxy
  79. www/mod_rivet
  80. www/mod_rpaf2
  81. www/mod_scgi
  82. www/mod_security
  83. www/mod_setenvifplus
  84. www/mod_tidy
  85. www/mod_tsa
  86. www/mod_umask
  87. www/mod_vhs
  88. www/mod_webauth
  89. www/mod_webkit
  90. www/mod_wsgi3*
  91. www/mod_wsgi4
  92. www/mod_xmlns
  93. www/mod_xsendfile
  94. www/p5-Apache-AuthCookie
  95. www/p5-Apache-AuthTicket
  96. www/p5-Apache-Clean2
  97. www/p5-Apache-DBI
  98. www/p5-Apache-Gallery
  99. www/p5-Apache-MP3
  100. www/p5-Apache-ParseFormData
  101. www/p5-CGI-SpeedyCGI
  102. www/p5-libapreq2
  103. www/rt40
  104. www/rt42
  105. www/rt44
  106. www/rubygem-passenger
  107. www/suphp
  108. www/websh
  109. Collapse this list.
for Run
  1. databases/gnatsweb4
  2. databases/mysqldumper
  3. deskutils/moregroupware
  4. deskutils/myitcrm
  5. devel/pushmi
  6. devel/viewvc
  7. finance/frontaccounting
  8. Expand this list (154 items)
  9. games/hlstatsx*
  10. graphics/mapcache
  11. mail/dracmail
  12. mail/p5-qpsmtpd
  13. mail/sympa
  14. mail/vqregister*
  15. misc/achievo
  16. net/p5-Apache2-SOAP
  17. net/prosearch
  18. net-mgmt/argus-monitor*
  19. net-mgmt/hawk
  20. net-mgmt/librenms
  21. net-mgmt/observium
  22. net-mgmt/ocsinventory-ng
  23. net-mgmt/ourmon*
  24. net-mgmt/pandorafms_console
  25. ports-mgmt/tinderbox
  26. ports-mgmt/tinderbox-devel*
  27. print/phppdflib*
  28. security/openscep
  29. security/phpdeadlock
  30. security/py-crits
  31. security/shibboleth2-sp
  32. sysutils/froxlor
  33. textproc/htdig
  34. www/blogsum
  35. www/cakephp11*
  36. www/cas*
  37. www/dansguardian*
  38. www/dansguardian-devel*
  39. www/dotproject
  40. www/formication
  41. www/ftasv
  42. www/gnome-user-share
  43. www/libapreq2
  44. www/mod_amazon_proxy
  45. www/mod_asn
  46. www/mod_auth_cas
  47. www/mod_auth_cookie_mysql2
  48. www/mod_auth_external2
  49. www/mod_auth_form*
  50. www/mod_auth_gssapi
  51. www/mod_auth_kerb2
  52. www/mod_auth_mellon*
  53. www/mod_auth_mysql2
  54. www/mod_auth_mysql_another
  55. www/mod_auth_openid
  56. www/mod_auth_pam2
  57. www/mod_auth_pgsql2
  58. www/mod_auth_pubtkt
  59. www/mod_auth_tkt
  60. www/mod_auth_xradius
  61. www/mod_authn_otp
  62. www/mod_authnz_crowd
  63. www/mod_authnz_external24
  64. www/mod_authz_unixgroup24
  65. www/mod_backtrace
  66. www/mod_cfg_ldap
  67. www/mod_chroot
  68. www/mod_cloudflare
  69. www/mod_cvs2
  70. www/mod_dav_svn
  71. www/mod_dnssd
  72. www/mod_domaintree
  73. www/mod_encoding
  74. www/mod_evasive
  75. www/mod_fastcgi
  76. www/mod_fcgid
  77. www/mod_fileiri
  78. www/mod_flickr
  79. www/mod_ftp*
  80. www/mod_geoip2
  81. www/mod_gnutls*
  82. www/mod_gzip2
  83. www/mod_h264_streaming
  84. www/mod_http2-devel
  85. www/mod_jail
  86. www/mod_jk
  87. www/mod_limitipconn2
  88. www/mod_line_edit
  89. www/mod_log_dbd*
  90. www/mod_log_firstbyte
  91. www/mod_log_sql2
  92. www/mod_macro24*
  93. www/mod_memcache
  94. www/mod_mono
  95. www/mod_mpm_itk
  96. www/mod_myvhost
  97. www/mod_pagespeed*
  98. www/mod_perl2
  99. www/mod_php5*
  100. www/mod_php55
  101. www/mod_php56
  102. www/mod_php70
  103. www/mod_proctitle
  104. www/mod_proxy_uwsgi
  105. www/mod_proxy_xml
  106. www/mod_python35
  107. www/mod_qos
  108. www/mod_realdoc
  109. www/mod_reproxy
  110. www/mod_rivet
  111. www/mod_rpaf2
  112. www/mod_scgi
  113. www/mod_security
  114. www/mod_setenvifplus
  115. www/mod_tidy
  116. www/mod_tsa
  117. www/mod_umask
  118. www/mod_vhs
  119. www/mod_webauth
  120. www/mod_webkit
  121. www/mod_wsgi3*
  122. www/mod_wsgi4
  123. www/mod_xmlns
  124. www/mod_xsendfile
  125. www/mythplugin-mythweb
  126. www/nibbleblog
  127. www/otrs
  128. www/p5-Apache-AuthCookie
  129. www/p5-Apache-AuthTicket
  130. www/p5-Apache-Clean2
  131. www/p5-Apache-DB
  132. www/p5-Apache-DBI
  133. www/p5-Apache-Gallery
  134. www/p5-Apache-MP3
  135. www/p5-Apache-ParseFormData
  136. www/p5-CGI-SpeedyCGI
  137. www/p5-MasonX-WebApp
  138. www/p5-Maypole
  139. www/p5-Text-MultiMarkdown-ApacheHandler
  140. www/p5-libapreq2
  141. www/photo_gallery
  142. www/phpgroupware
  143. www/prado*
  144. www/redaxo
  145. www/rt38*
  146. www/rt40
  147. www/rt42
  148. www/rt44
  149. www/rubygem-passenger
  150. www/siteframe*
  151. www/suphp
  152. www/thundercache
  153. www/thundersnarf
  154. www/websh
  155. www/wwwstat*
  156. Collapse this list.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...
Configuration Options
===> The following configuration options are available for apache24-2.4.23_1:
     ACCESS_COMPAT=on: mod_access compatibility
     ACTIONS=on: Action triggering on requests
     ALIAS=on: Mapping of requests to different filesystem parts
     ALLOWMETHODS=on: Restrict allowed HTTP methods
     ASIS=on: Sends files that contain their own HTTP headers
     AUTHNZ_FCGI=on: FastCGI authorizer-based authentication and authorization
     AUTHNZ_LDAP=off: LDAP based authentication
     AUTHN_ANON=on: Anonymous user authentication control
     AUTHN_CORE=on: Core authentication module
     AUTHN_DBD=on: SQL-based authentication control
     AUTHN_DBM=on: DBM-based authentication control
     AUTHN_FILE=on: File-based authentication control
     AUTHN_SOCACHE=on: Cached authentication control
     AUTHZ_CORE=on: Core authorization provider vector module
     AUTHZ_DBD=on: SQL based authorization and Login/Session support
     AUTHZ_DBM=on: DBM-based authorization control
     AUTHZ_GROUPFILE=on: "require group" authorization control
     AUTHZ_HOST=on: Host-based authorization control
     AUTHZ_OWNER=on: "require file-owner" authorization control
     AUTHZ_USER=on: "require user" authorization control
     AUTH_BASIC=on: Basic authentication
     AUTH_DIGEST=on: RFC2617 Digest authentication
     AUTH_FORM=on: Form authentication
     AUTOINDEX=on: Directory listing
     BUFFER=on: Filter Buffering
     CACHE=on: Dynamic file caching
     CACHE_DISK=on: Disk caching module
     CACHE_SOCACHE=on: Shared object cacheing module
     CERN_META=on: CERN-type meta files
     CGI=on: CGI scripts (non-threaded MPMs)
     CGID=on: CGI scripts (threaded MPMs)
     CHARSET_LITE=on: Character set translation. Enabled by default only on EBCDIC systems
     DATA=on: RFC2397 data encoder
     DAV=on: WebDAV protocol handling. --enable-dav also enables mod_dav_fs
     DAV_FS=on: DAV provider for the filesystem. --enable-dav also enables mod_dav_fs
     DAV_LOCK=on: DAV provider for generic locking
     DBD=on: Apache DBD Framework
     DEFLATE=on: Deflate transfer encoding support
     DIALUP=on: Rate limits static files to dialup modem speeds
     DIR=on: Directory request handling
     DUMPIO=on: I/O dump filter
     ENV=on: Clearing/setting of ENV vars
     EXPIRES=on: Expires header control
     EXT_FILTER=on: External filter module
     FILE_CACHE=on: File cache
     FILTER=on: Smart Filtering
     HEADERS=on: HTTP header control
     HEARTBEAT=on: Generates Heartbeats
     HEARTMONITOR=on: Collects Heartbeats
     HTTP2=off: HTTP/2 (RFC 7540) support (experimental)
     IDENT=off: RFC 1413 ident lookups
     IMAGEMAP=on: Server-side imagemaps
     INCLUDE=on: Server-side includes
     INFO=on: Server information
     IPV4_MAPPED=off: Allow IPv6 sockets to handle IPv4 connections
     LBMETHOD_BYBUSYNESS=on: Apache proxy Load balancing by busyness
     LBMETHOD_BYREQUESTS=on: Apache proxy Load balancing by request counting
     LBMETHOD_BYTRAFFIC=on: Apache proxy Load balancing by traffic counting
     LBMETHOD_HEARTBEAT=on: Apache proxy Load balancing from Heartbeats
     LDAP=off: LDAP caching and connection pooling services
     LOGIO=on: Input and output logging
     LOG_DEBUG=on: Configurable debug logging
     LOG_FORENSIC=on: Forensic logging
     LUA=off: Apache Lua Framework
     LUAJIT=off: LuaJit Support
     MACRO=on: Define and use macros in configuration files
     MIME=on: Mapp file-ext. to MIME (recommended)
     MIME_MAGIC=on: Automagically determining MIME type
     NEGOTIATION=on: Content negotiation
     PROXY=on: Build enabled PROXY modules
     RATELIMIT=on: Output Bandwidth Limiting
     REFLECTOR=on: Reflect request through the output filter stack
     REMOTEIP=on: Translate header contents to an apparent client remote_ip
     REQTIMEOUT=on: Limit time waiting for request from client
     REQUEST=on: Request Body Filtering
     REWRITE=on: Rule based URL manipulation
     SED=on: Filter request and/or response bodies through sed
     SESSION=on: Build enabled SESSION modules
     SETENVIF=on: Modify ENV vars based on characteristics of the request
     SLOTMEM_PLAIN=on: Slotmem provider that uses plain memory
     SLOTMEM_SHM=on: Slotmem provider that uses shared memory
     SOCACHE_DBM=on: dbm small object cache provider
     SOCACHE_DC=off: distcache small object cache provider
     SOCACHE_MEMCACHE=on: memcache small object cache provider
     SOCACHE_SHMCB=on: shmcb small object cache provider
     SPELING=on: Correct common URL misspellings
     SSL=on: SSL/TLS support (mod_ssl)
     STATUS=on: Process/thread monitoring
     SUBSTITUTE=on: Response content rewrite-like filtering
     SUEXEC=off: Set uid and gid for spawned processes
     UNIQUE_ID=on: Per-request unique ids
     USERDIR=on: Mapping of requests to user-specific directories
     USERTRACK=on: User-session tracking
     VERSION=on: Determining httpd version in config files
     VHOST_ALIAS=on: Mass virtual hosting
     WATCHDOG=on: Watchdog module
     XML2ENC=on: i18n support for markup filters
====> Build enabled PROXY modules: you have to choose at least one of them
     PROXY_AJP=on: AJP support module for mod_proxy
     PROXY_BALANCER=on: mod_proxy extension for load balancing
     PROXY_CONNECT=on: mod_proxy extension for CONNECT request handling
     PROXY_EXPRESS=on: Dynamic mass reverse proxy extension for mod_proxy
     PROXY_FCGI=on: FastCGI support module for mod_proxy
     PROXY_FDPASS=on: fdpass external process support module for mod_proxy
     PROXY_FTP=on: FTP support module for mod_proxy
     PROXY_HCHECK=on: Dynamic health check of Balancer members (workers) for mod_proxy
     PROXY_HTML=on: Fix HTML Links in a Reverse Proxy
     PROXY_HTTP=on: HTTP support module for mod_proxy
     PROXY_SCGI=on: SCGI gateway module for mod_proxy
     PROXY_WSTUNNEL=on: Websockets Tunnel module for mod_proxy
     PROXY_HTTP2=off: Experimental http2 proxy module for h2 and h2c
====> Build enabled SESSION modules: you have to choose at least one of them
     SESSION_COOKIE=on: Session cookie module
     SESSION_CRYPTO=on: Session crypto module
     SESSION_DBD=on: Session dbd module
====> Example and devel modules (do not use in prod)
     BUCKETEER=off: (dev) buckets manipulation filter
     CASE_FILTER=off: (dev) example uppercase conversion filter
     CASE_FILTER_IN=off: (dev) example uppercase conversion input filter
     ECHO=off: (dev) example echo server
     EXAMPLE_HOOKS=off: (dev) example hook callback handler module
     EXAMPLE_IPC=off: (dev) example of shared memory and mutex usage
     OPTIONAL_FN_EXPORT=off: (dev) example optional function exporter
     OPTIONAL_FN_IMPORT=off: (dev) example optional function importer
     OPTIONAL_HOOK_EXPORT=off: (dev) example optional hook exporter
     OPTIONAL_HOOK_IMPORT=off: (dev) example optional hook importer
====> The default MPM module: you have to select exactly one of them
     MPM_PREFORK=on: non-threaded, pre-forking web server
     MPM_WORKER=off: hybrid multi-threaded multi-process web server
     MPM_EVENT=off: MPM worker variant with the goal of consuming threads only for connections with active processing
====> Build all MPMs as shared Module: you can only select none or one of them
     MPM_SHARED=on: all MPMs as loadable module
===> Use 'make config' to modify these settings

USES:
autoreconf cpe iconv libtool perl5 tar:bzip2 ssl gnome

pkg-mesage:
To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Master Sites:
  1. ftp://ftp.forthnet.gr/pub/www/apache/httpd/
  2. ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/
  3. ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/
  4. ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/
  5. ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/
  6. http://apache.mirror.uber.com.au/httpd/
  7. http://apache.spd.co.il/httpd/
  8. http://archive.apache.org/dist/httpd/
  9. http://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/
  10. http://ftp.mirrorservice.org/sites/ftp.apache.org/httpd/
  11. http://ftp.twaren.net/Unix/Web/apache/httpd/
  12. http://mirrors.ircam.fr/pub/apache/httpd/
  13. http://www.apache.org/dist/httpd/

Number of commits found: 48

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
17 Sep 2016 19:35:49
Original commit files touched by this commit  2.4.23_1
Revision:422343
ohauer search for other commits by this committer
- mod_proxy_http2 requires mod_proxy_balancer

No PORTREVISION bump
 defaults: PROXY_BALANCER=on PROXY_HTTP2=off

PR:		210868
Submitted by:	M. Macha
18 Jul 2016 20:14:19
Original commit files touched by this commit  2.4.23_1
Revision:418743
brnrd search for other commits by this committer
www/apache24: Fix httpoxy vulnerability (+2.2)

  - Add upstream patch to www/apache24
  - Add upstream patch to www/apache22
  - Bump PORTREVISION

Approved by:    feld (ports-secteam)
MFH:            2016Q3
Security:       cf0b5668-4d1b-11e6-b2ec-b499baebfeaf
Security:       CVE-2016-5387
05 Jul 2016 15:35:39
Original commit files touched by this commit  2.4.23
Revision:418091
ohauer search for other commits by this committer
o update to 2.4.23
o disable build time stamp in favor of reproducible build
o remove obsolate scoreboard/status patch
o s/USE_OPENSSL=yes/USES=ssl/
o add OPTION for two new modules:
   mod_proxy_hcheck (default=on)
   mod_http2_proxy (experimental => default=off)

Changelog:
 http://www.apache.org/dist/httpd/CHANGES_2.4.23

MFH:		2016Q3
19 May 2016 11:09:14
Original commit files touched by this commit  2.4.20_1
Revision:415503 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Fix trailing whitespace in pkg-messages

Approved by:	portmgr blanket
16 Apr 2016 19:02:48
Original commit files touched by this commit  2.4.20_1
Revision:413476 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- fix scoreboard, backport fix from [1]
- bump PORTREVISION

For details see discussion:
 http://mail-archives.apache.org/mod_mbox/httpd-dev/201604.mbox/browser

Thanks to Ken J. for reporting the issue and testing the patch!

Reported by:	Ken J. (on apache@ list)
Obtained from:	http://home.apache.org/~ylavic/patches/scoreboard-2.4.18.diff 
[1]
MFH:		2016Q2
11 Apr 2016 14:46:12
Original commit files touched by this commit  2.4.20
Revision:413035 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to 2.4.20
- use ${OPTION}_IMPLIES and remove some IGNORES
- turn on proxy_html and xml2enc as default [1]

[1] Often requested by users. The modules are not enabled in
    the default configuration.

Full changelog for apache version 2.4.19/2.4.20:
 http://www.apache.org/dist/httpd/CHANGES_2.4.20

Note: Apache httpd 2.4.19 was not released.

MFH:	2016Q2
01 Apr 2016 14:33:58
Original commit files touched by this commit  2.4.18
Revision:412351 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories v, w, x, y, and z.

With hat:	portmgr
Sponsored by:	Absolight
18 Jan 2016 19:44:48
Original commit files touched by this commit  2.4.18
Revision:406607 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- use new $opt-target
- improve kldstat check
- use new defined postexec, preunexec in pkg-plist

with hat apache@
14 Dec 2015 20:53:28
Original commit files touched by this commit  2.4.18
Revision:403736 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to 2.4.18
- backport r1719967
  mod_ssl: fix build with openssl < 0.9.8m (missing semicolon).

This release also contains the patch for FreeBSD PR 204304
 Make the fix for fully qualifying REDIRECT_URL from PR#57785 opt-in.
 http://svn.apache.org/viewvc?view=revision&revision=1712268

Changes with Apache 2.4.18

  *) mod_ssl: for all ssl_engine_vars.c lookups, fall back to master connection
     if conn_rec itself holds no valid SSLConnRec*. Fixes PR58666.
     [Stefan Eissing]

  *) mod_http2: connection level window for flow control is set to protocol
(Only the first 15 lines of the commit message are shown above View all of this commit message)
04 Nov 2015 18:38:59
Original commit files touched by this commit  2.4.17
Revision:400752
ohauer search for other commits by this committer
- fix build with nghttp2

no version bump as OPTION is off by default

PR:		204293
Submitted by:	<idefix_at_fechner.net>
13 Oct 2015 18:17:28
Original commit files touched by this commit  2.4.17
Revision:399207
ohauer search for other commits by this committer
- update to 2.4.17
- add support for HTTP/2 (RFC 7540)
- remove obsolate libressl patches [1]

In this release are some exciting new features including:

 *) HTTP/2 support via mod_http2 module
 *) Support for SO_REUSEPORT in MPMs for significant scalability

Changes with Apache 2.4.17

 *) mod_http2: added donated HTTP/2 implementation via core module. Similar
    configuration options to mod_ssl. [Stefan Eissing]

 *) mod_proxy: don't recyle backend announced "Connection: close" connections
(Only the first 15 lines of the commit message are shown above View all of this commit message)
17 Aug 2015 14:20:41
Original commit files touched by this commit  2.4.16_1
Revision:394508
mat search for other commits by this committer
Remove UNIQUENAME and LATEST_LINK.

UNIQUENAME was never unique, it was only used by USE_LDCONFIG and now,
we won't have conflicts there.

Use PKGBASE instead of LATEST_LINK in PKGLATESTFILE, the *only* consumer
is pkg-devel, and it works just fine without LATEST_LINK as pkg-devel
has the correct PKGNAME anyway.

Now that UNIQUENAME is gone, OPTIONSFILE is too. (it's been called
OPTIONS_FILE now.)

Reviewed by:	antoine, bapt
Exp-run by:	antoine
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D3336
02 Aug 2015 15:03:20
Original commit files touched by this commit  2.4.16_1
Revision:393429
tijl search for other commits by this committer
By default libtool replaces -export-symbols <file> with -retain-symbols-file
<file> on ELF systems, but this doesn't really do what -export-symbols is
meant to do.  On GNU ELF systems it converts <file> to a simple version
script first and then uses -version-script instead of -retain-symbols-file.
Let USES=libtool patch libtool scripts to do this on all systems with GNU
ld(1).

Bump PORTREVISION on all ports where the build log contains -export-symbols.

audio/calf: This port builds a module that now exports only one function,
but it also builds a number of executables that link to this module and
expect to see other functions.  Because it's already a bit dodgy to link to
a module (libtool warns about this) let the module continue to export only
one function and instead build an ordinary library from the same source that
the executables can link to.  Fix a number of other issues in the same
(Only the first 15 lines of the commit message are shown above View all of this commit message)
15 Jul 2015 17:16:06
Original commit files touched by this commit  2.4.16
Revision:392170
pgollucci search for other commits by this committer
www/apache24: fix CVEs, update 2.4.12 -> 2.4.16

- Convet to USES=autoreconf
- Sort USES
- Remove now empty patch files

Security:              
https://vuxml.freebsd.org/freebsd/a12494c1-2af4-11e5-86ff-14dae9d210b8.html
Differential Revision:  https://reviews.freebsd.org/D3101

Submitted by:           feld
Reviewed by:            pgollucci (myself)
With Hat:               apache@
MFH:                    2015Q3
14 May 2015 10:15:09
Original commit files touched by this commit  2.4.12
Revision:386312 This port version is marked as vulnerable.
mat search for other commits by this committer
MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
18 Apr 2015 09:47:30
Original commit files touched by this commit  2.4.12
Revision:384215 This port version is marked as vulnerable.
tijl search for other commits by this committer
- Remove libtool hacks and patches that are now handled by USES=libtool
- Remove CONFIG_SHELL from CONFIGURE_ENV because bsd.port.mk handles that
31 Jan 2015 15:22:51
Original commit files touched by this commit  2.4.12
Revision:378215 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to 2.4.12

- change MPM backend from static to dynamic,
  but keep mpm_prefork for compatiblity with e.g. php modules
- install dedicated MPM load file in case httpd was build with modular MPM
  (modules.d/000_mpm_prefork_fallback.conf)
- disable SSLv3 and SSLv2 fallback in sample httpd-ssl-conf
- use @sample macro instead EXAMPLESDIR
- add some SSLCipherSuite examples for OpenSSL >= 1.0.x
- add libressl support [1]
- add pkg-install script (to handle new modular MPM build)
- build now most all modules, so users using packages don't have
  to run a custom build for missing modules
- fix suexec mode

PR:		196139 [1]
MFH:		2015Q1
01 Dec 2014 22:50:42
Original commit files touched by this commit  2.4.10_2
Revision:373726 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- make QA script happy and RMDIR empty folder below $PORTDOCS
  the script complans on them even PORTDOCS=* is set
- do not slence INSTALL commands
22 Sep 2014 18:50:19
Original commit files touched by this commit  2.4.10_2
Revision:368986 This port version is marked as vulnerable.
ohauer search for other commits by this committer
apache24

- remove check if apr is build with threads
- bump PORTREVISION
- adopt new pkg-plist @dir

@with hat apache@
13 Sep 2014 19:24:23
Original commit files touched by this commit  2.4.10_1
Revision:368131 This port version is marked as vulnerable.
tijl search for other commits by this committer
Remove unused LIBTOOLFILES
09 Aug 2014 21:43:27
Original commit files touched by this commit  2.4.10_1
Revision:364481 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- adjust default modules, changed during the last revisions
  + SESSION_DBD
  + SLOTMEM_SHM (e.g neeed for mod_ajp)
  - CERN_META

- Use OPTION desc. from modules/config.m4 to match upstream
- bump PORTREVISION

with hat apache@

MFH:		2014Q3
20 Jul 2014 20:49:33
Original commit files touched by this commit  2.4.10
Revision:362371 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- security update to release 2.4.10

- add OPTION for new mod_authnz_fcgi module

- s/libluajit.so/libluajit-5.1.so/ (there is no libluajit.so)

- backport for mod_lua: Don't quote values in cookies
   Make IE happy again [#56734]
   http://svn.apache.org/viewvc?view=revision&revision=1611744

- disable sanity check on demand [1]

Release Notes:
 http://www.apache.org/dist/httpd/CHANGES_2.4.10

PR:		191398 [1]
Submitted by:	Robert Schulze <rs@bytecamp.net>
MFH:		2014Q3
Security:	4364e1f1-0f44-11e4-b090-20cf30e32f6d
		CVE-2014-0117
		CVE-2014-3523
		CVE-2014-0226
		CVE-2014-0118
		CVE-2014-0231
16 Jul 2014 06:48:08
Original commit files touched by this commit  2.4.9_4
Revision:362041 This port version is marked as vulnerable.
bapt search for other commits by this committer
Use modern LIB_DEPENDS on non default options

Submitted by:	ohauer
08 Jul 2014 22:44:49
Original commit files touched by this commit  2.4.9_4
Revision:361316 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- revert conflict (apache22 has MPM sub ports)
08 Jul 2014 22:38:44
Original commit files touched by this commit  2.4.9_4
Revision:361314 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- strip
- remove obsolete apache-*-2.2.* conflict
- add modules.d to EXAMPLESDIR
- always install DOC (remove Makefile hack)
- bump PORREVISION
- sort pkg-plist
21 Jun 2014 13:54:14
Original commit files touched by this commit  2.4.9_3
Revision:358701 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- fix build with lua51 / lua52
- strip trailing white space
- no PORTREVISION bump (LUA is not a default OPTION)

Lua build issue reported on apache@ and lua@
 by Peter Olsson and Jason Hellenthal
11 Jun 2014 13:49:55
Original commit files touched by this commit  2.4.9_3
Revision:357480 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- fix LIB_DEPENDS (after adding libtool:keepla to devel/apr1)
- bump PORTREVISION

Submitted by:	David Cecchin <dcecchin@gmail.com>
04 Jun 2014 16:54:09
Original commit files touched by this commit  2.4.9_2
Revision:356513 This port version is marked as vulnerable.
des search for other commits by this committer
Add CPE information.

With hat:	ports-secteam
30 May 2014 21:55:22
Original commit files touched by this commit  2.4.9_2
Revision:355919 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- /USE_AUTOTOOLS=libtool/USES=libtool/

with hat apache@
26 May 2014 15:28:29
Original commit files touched by this commit  2.4.9_2
Revision:355360 This port version is marked as vulnerable.
bapt search for other commits by this committer
Replace lang/lua with the new lang/lua51

lang/lua51 is working the same way lang/lua52, chase ports using lua 5.1
Make the default lua lua52
Make all lua ports using USES=lua

Approved by:	portmgr (implicit)
16 Apr 2014 18:28:50
Original commit files touched by this commit  2.4.9_2
Revision:351411 This port version is marked as vulnerable.
zeising search for other commits by this committer
The FreeBSD x11@ and graphics team proudly presents
a zeising, kwm production, with help from dumbbell, bdrewery:

NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE

This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.

This patch also contains updates of libxcb and related ports, pixman, as well
(Only the first 15 lines of the commit message are shown above View all of this commit message)
08 Apr 2014 21:41:04
Original commit files touched by this commit  2.4.9_1
Revision:350647 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- mod_authn_socache.c: fix creation of default socache_instance.
- add Note how the OpenSSL version used to build httpd is found (apr-1-config)

Upstream r1576233 commit message
================================
In pre_config, default socache_provider is created, but socache_instance
initialization is missing. This leads to crash on startup if default
socache_provider is used (AuthnCacheSOCache is not called) and
AuthnCacheEnable or AuthnCacheProvideFor is used.

Submitted by:	Michael Bennett (per PM)
Obtained from:	http://svn.apache.org/viewvc?view=revision&revision=1576233
22 Mar 2014 21:18:21
Original commit files touched by this commit  2.4.9
Revision:348808 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to 2.4.9
- enforcing use libapr-1.so.5 (apr-1.5.0 instead apr-1.4.8)

Changes with Apache 2.4.9

  *) mod_ssl: Work around a bug in some older versions of OpenSSL that
     would cause a crash in SSL_get_certificate for servers where the
     certificate hadn't been sent. [Stephen Henson]

   *) mod_lua: Add a fixups hook that checks if the original request is intended
      for LuaMapHandler. This fixes a bug where FallbackResource invalidates the
      LuaMapHandler directive in certain cases by changing the URI before the
map
      handler code executes [Daniel Gruno, Daniel Ferradal <dferradal gmail
com>].

Changes with Apache 2.4.8
(Only the first 15 lines of the commit message are shown above View all of this commit message)
21 Jan 2014 23:40:23
Original commit files touched by this commit  2.4.6_1
Revision:340674 This port version is marked as vulnerable.
bapt search for other commits by this committer
Fix properties on pkg-plist
24 Nov 2013 20:51:20
Original commit files touched by this commit  2.4.6_1
Revision:334790 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- add patch for apache bug-id 55306
- bump PORTREVISION

There is an subversion update on the way and we will see the new
subversion before apache24-2.4.7 so adopt the mod_dav patches
from upstrem.
24 Nov 2013 20:20:49
Original commit files touched by this commit  2.4.6
Revision:334787 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- fix include line
24 Nov 2013 20:09:07
Original commit files touched by this commit  2.4.6
Revision:334786 This port version is marked as vulnerable.
ohauer search for other commits by this committer
  - add new directory for modules (APACHEETCDIR/modules.d)

    New modules can be registered here with a simple
    file that contains the LoadModule directives.
    Additonal Maintaines can write instructions to the
    conf file and keep pkg-message short.
    As bonus the config file can be installed like every
    other config file with a .sample extention so modules
    are not disabled during pkg upgrades.

    Module config files should begin with three digits
    followed by '_' e.g. 100_php5.conf.
    The load order can be controlled via the three digits.

    Please wait some time before adopting the new directory
    so users have time to update and adjust axisting configs

- no revision bump, devel/apr was updated and we will see
  apache 2.2.7 in the next days (I only want to have the
  modules.d directory adopted)
05 Nov 2013 22:48:57
Original commit files touched by this commit  2.4.6
Revision:332927 This port version is marked as vulnerable.
ohauer search for other commits by this committer
 - fix package installation with old pkg tools (create empty
   folders in pkg-plist even staging is enabled)
27 Oct 2013 17:54:40
Original commit files touched by this commit  2.4.6
Revision:331790 This port version is marked as vulnerable.
ohauer search for other commits by this committer
  - support staging
  - partitial adopt new ${opt}_ notation
20 Sep 2013 23:36:54
Original commit files touched by this commit  2.4.6
Revision:327776 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
www)
14 Sep 2013 14:47:57
Original commit files touched by this commit  2.4.6
Revision:327292 This port version is marked as vulnerable.
az search for other commits by this committer
- convert to the new perl5 framework
- convert USE_GMAKE to Uses

Approved by:	portmgr (bapt@, blanket)
07 Sep 2013 19:49:42
Original commit files touched by this commit  2.4.6
Revision:326683 This port version is marked as vulnerable.
bsam search for other commits by this committer
Introduce variable ICONV_PREFIX at Mk/Uses/iconv.mk. The default for
pre 100043 is ${LOCALBASE} and /usr otherwise. Convert all ports to
new variable usage.

Approved by:	portmgr (bapt, implicit)
14 Aug 2013 22:35:54
Original commit files touched by this commit  2.4.6
Revision:324744  Sanity Test Failure
ak search for other commits by this committer
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
20 Jul 2013 17:11:54
Original commit files touched by this commit  2.4.6
Revision:323351 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- update to apache24-2.4.6
 - new modules: mod_cache_socache, mod_macro and mod_proxy_wstunnel

- add enty to vuxml

SECURITY: CVE-2013-1896 (cve.mitre.org)
 mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
 the source href (sent as part of the request body as XML) pointing to a
 URI that is not configured for DAV will trigger a segfault.

SECURITY: CVE-2013-2249 (cve.mitre.org)
 mod_session_dbd: Make sure that dirty flag is respected when saving
 sessions, and ensure the session ID is changed each time the session
 changes. This changes the format of the updatesession SQL statement.
 Existing configurations must be changed.

Changelog:
http://www.apache.org/dist/httpd/CHANGES_2.4.6

with hat apache@

Security:	ca4d63fb-f15c-11e2-b183-20cf30e32f6d
06 Jul 2013 08:56:37
Original commit files touched by this commit  2.4.4_2
Revision:322370 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- enable NSS crypto driver
- use service(8) in apachectl where it makes sence
- bump PORTREVISION
27 Apr 2013 18:25:25
Original commit files touched by this commit  2.4.4_1
Revision:316683 This port version is marked as vulnerable.
mva search for other commits by this committer
- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig and
  USE_GETTEXT=yes to USES=gettext while here
20 Apr 2013 17:28:37
Original commit files touched by this commit  2.4.4_1
Revision:316160 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- fix build on sparc64 machine

Feature safe: yes

with hat apache@

PR:		177693
Submitted by:	Michael Moll <kvedulv@kvedulv.de>
Obtained from:	http://svn.apache.org/viewvc?view=revision&revision=1470183
26 Mar 2013 21:35:33
Original commit files touched by this commit  2.4.4
Revision:315335 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- new port www/apache24

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/

Note:
 Since apache24 does not enable every module by default in httpd.conf the
 list of modules to build was preselected to match build param
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 48

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
bind9-develSep 28
bind910Sep 28
bind911Sep 28
bind99Sep 28
libresslSep 26
libressl-develSep 26
opensslSep 26
openssl-develSep 26
openssl*Sep 23
openssl-devel*Sep 23
irssi*Sep 22
irssi*Sep 22
firefoxSep 20
firefox*Sep 20
firefox-esrSep 20

11 vulnerabilities affecting 36 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26279
Broken 374
Deprecated 218
Ignore 638
Forbidden 0
Restricted 199
No CDROM 83
Vulnerable 61
Expired 14
Set to expire 204
Interactive 0
new 24 hours 2
new 48 hours8
new 7 days31
new fortnight59
new month117

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.