notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: www/apache24/distinfo

Number of commits found: 34

Thursday, 19 Oct 2023
17:27 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Security update to 2.4.58

Security:	f923205f-6e66-11ee-85eb-84a93843eb75
MFH:		2023Q4
commit hash: a4d3066e1e23e58d4e10d085c7c3beea34dbe3ab commit hash: a4d3066e1e23e58d4e10d085c7c3beea34dbe3ab commit hash: a4d3066e1e23e58d4e10d085c7c3beea34dbe3ab commit hash: a4d3066e1e23e58d4e10d085c7c3beea34dbe3ab a4d3066
Friday, 7 Apr 2023
08:35 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Update to 2.4.57

With hat:	apache
commit hash: 0fc7992b69db931bb703de5ac16f4de1d18eca5e commit hash: 0fc7992b69db931bb703de5ac16f4de1d18eca5e commit hash: 0fc7992b69db931bb703de5ac16f4de1d18eca5e commit hash: 0fc7992b69db931bb703de5ac16f4de1d18eca5e 0fc7992
Sunday, 12 Mar 2023
16:39 Jochen Neumeister (joneum) search for other commits by this committer Author: Vincent Jancso
www/apache24: Update to 2.4.56

Changes with Apache 2.4.56

  *) SECURITY: CVE-2023-27522: Apache HTTP Server: mod_proxy_uwsgi
     HTTP response splitting (cve.mitre.org)
     HTTP Response Smuggling vulnerability in Apache HTTP Server via
     mod_proxy_uwsgi. This issue affects Apache HTTP Server: from
     2.4.30 through 2.4.55.
     Special characters in the origin response header can
     truncate/split the response forwarded to the client.
     Credits: Dimas Fariski Setyawan Putra (nyxsorcerer)

  *) SECURITY: CVE-2023-25690: HTTP request splitting with
     mod_rewrite and mod_proxy (cve.mitre.org)
     Some mod_proxy configurations on Apache HTTP Server versions
     2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.
     Configurations are affected when mod_proxy is enabled along with
     some form of RewriteRule
     or ProxyPassMatch in which a non-specific pattern matches
     some portion of the user-supplied request-target (URL) data and
     is then
     re-inserted into the proxied request-target using variable
     substitution. For example, something like:
     RewriteEngine on
     RewriteRule "^/here/(.*)" "
     http://example.com:8080/elsewhere?$1"
     http://example.com:8080/elsewhere ; [P]
     ProxyPassReverse /here/  http://example.com:8080/
     http://example.com:8080/
     Request splitting/smuggling could result in bypass of access
     controls in the proxy server, proxying unintended URLs to
     existing origin servers, and cache poisoning.
     Credits: Lars Krapf of Adobe

  *) rotatelogs: Add -T flag to allow subsequent rotated logfiles to be
     truncated without the initial logfile being truncated.  [Eric Covener]

  *) mod_ldap: LDAPConnectionPoolTTL should accept negative values in order to
     allow connections of any age to be reused. Up to now, a negative value
     was handled as an error when parsing the configuration file.  PR 66421.
     [nailyk <bzapache nailyk.fr>, Christophe Jaillet]

  *) mod_proxy_ajp: Report an error if the AJP backend sends an invalid number
     of headers. [Ruediger Pluem]

  *) mod_md:
     - Enabling ED25519 support and certificate transparency information when
       building with libressl v3.5.0 and newer. Thanks to Giovanni Bechis.
     - MDChallengeDns01 can now be configured for individual domains.
       Thanks to Jérôme Billiras (@bilhackmac) for the initial PR.
     - Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the
challenge
       teardown not being invoked as it should.
     [Stefan Eissing]

  *) mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors
     reported in access logs and error documents. The processing of the
     reset was correct, only unneccesary reporting was caused.
     [Stefan Eissing]

  *) mod_proxy_uwsgi: Stricter backend HTTP response parsing/validation.
     [Yann Ylavic]

PR:	270037
Reported by:	Fabian Wenk <fabian@wenks.ch>
Sponsored by:	Netzkommune GmbH
commit hash: 8ec7b3510f11d22eedea008ad340daf96057207f commit hash: 8ec7b3510f11d22eedea008ad340daf96057207f commit hash: 8ec7b3510f11d22eedea008ad340daf96057207f commit hash: 8ec7b3510f11d22eedea008ad340daf96057207f 8ec7b35
Tuesday, 17 Jan 2023
21:12 Cy Schubert (cy) search for other commits by this committer
www/apache24: Update to 2.4.55

Fixes multiple vulnerabilities.

PR:		269015
MFH:		2023Q1
Security:	00919005-96a3-11ed-86e9-d4c9ef517024
		CVE-2022-37436, CVE-2022-36760, CVE-2006-20001
commit hash: 57ca2ea50da81d0223f6c3660a704f7098cac282 commit hash: 57ca2ea50da81d0223f6c3660a704f7098cac282 commit hash: 57ca2ea50da81d0223f6c3660a704f7098cac282 commit hash: 57ca2ea50da81d0223f6c3660a704f7098cac282 57ca2ea
Thursday, 9 Jun 2022
11:06 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Security update to 2.5.54

With hat:	apache
Security:	49adfbe5-e7d1-11ec-8fbd-d4c9ef517024
MFH:		2022Q2
commit hash: 096bce036f68c82978511a3c5cb950f39d6352c7 commit hash: 096bce036f68c82978511a3c5cb950f39d6352c7 commit hash: 096bce036f68c82978511a3c5cb950f39d6352c7 commit hash: 096bce036f68c82978511a3c5cb950f39d6352c7 096bce0
Tuesday, 15 Mar 2022
14:48 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Security update to 2.4.53

Security:	6601c08d-a46c-11ec-8be6-d4c9ef517024
MFH:		2022Q1
commit hash: 2f6e31015256b03b53ae2890fc427e6355256028 commit hash: 2f6e31015256b03b53ae2890fc427e6355256028 commit hash: 2f6e31015256b03b53ae2890fc427e6355256028 commit hash: 2f6e31015256b03b53ae2890fc427e6355256028 2f6e310
Monday, 20 Dec 2021
17:23 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Update to 2.4.52

Security:	ca982e2d-61a9-11ec-8be6-d4c9ef517024
MFH:		2021Q4
commit hash: e721e5aeffbd529fb28aeae0bf0b90b128a965e8 commit hash: e721e5aeffbd529fb28aeae0bf0b90b128a965e8 commit hash: e721e5aeffbd529fb28aeae0bf0b90b128a965e8 commit hash: e721e5aeffbd529fb28aeae0bf0b90b128a965e8 e721e5a
Thursday, 7 Oct 2021
17:05 Cy Schubert (cy) search for other commits by this committer
www/apache24: Update to 2.4.51

Fixes: critical: Path Traversal and Remote Code Execution in Apache
HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
(CVE-2021-42013)

PR:		258988
MFH:		2021Q4
Security:	CVE-2021-41773, CVE-2021-42013
commit hash: e721865a668c739dc5be7f15790024682bbc1dda commit hash: e721865a668c739dc5be7f15790024682bbc1dda commit hash: e721865a668c739dc5be7f15790024682bbc1dda commit hash: e721865a668c739dc5be7f15790024682bbc1dda e721865
Tuesday, 5 Oct 2021
07:26 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Bugfix update to 2.4.50

 * Fixes hang with event MPM

PR:		258767
commit hash: 17acc171db1e4fd164df884e49072c91178b4831 commit hash: 17acc171db1e4fd164df884e49072c91178b4831 commit hash: 17acc171db1e4fd164df884e49072c91178b4831 commit hash: 17acc171db1e4fd164df884e49072c91178b4831 17acc17
Friday, 17 Sep 2021
17:41 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Security update to 2.4.49

Security:	38f9-17dd-11ec-b335-d4c9ef517024
MFH:		2021Q3
commit hash: c6420e9593b40649d04dbe20868f25046cdfccac commit hash: c6420e9593b40649d04dbe20868f25046cdfccac commit hash: c6420e9593b40649d04dbe20868f25046cdfccac commit hash: c6420e9593b40649d04dbe20868f25046cdfccac c6420e9
Thursday, 27 May 2021
08:31 Bernard Spil (brnrd) search for other commits by this committer
www/apache24: Update to 2.4.48

Approved by:	apache (with hat)
commit hash: 1085fbd715563d82bb1eb5598a4448bce0de505d commit hash: 1085fbd715563d82bb1eb5598a4448bce0de505d commit hash: 1085fbd715563d82bb1eb5598a4448bce0de505d commit hash: 1085fbd715563d82bb1eb5598a4448bce0de505d 1085fbd
Wednesday, 5 Aug 2020
18:29 brnrd search for other commits by this committer
www/apache24: Update to 2.4.46
Original commitRevision:544237 
Thursday, 2 Apr 2020
14:05 joneum search for other commits by this committer
Update to 2.4.43

Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.43

MFH:		2020Q2
Security:	b360b120-74b1-11ea-a84a-4c72b94353b5
Sponsored by:	Netzkommune GmbH
Original commitRevision:530372 
Wednesday, 14 Aug 2019
19:25 joneum search for other commits by this committer
Update to 2.4.41

Changelog: http://www.apache.org/dist/httpd/CHANGES_2.4.41

Sponsored by:	Netzkommune GmbH
Original commitRevision:508964 
Tuesday, 2 Apr 2019
08:00 brnrd search for other commits by this committer
www/apache24: Security update to 2.4.39

 - Adds mod_socache_redis feature

Changes: https://www.apache.org/dist/httpd/CHANGES_2.4.39

MFH:		2019Q2
Security:	cf2105c6-551b-11e9-b95c-b499baebfeaf
Original commitRevision:497554 
Wednesday, 23 Jan 2019
14:40 joneum search for other commits by this committer
Update to 2.4.38

Changelog:
  *) SECURITY: CVE-2018-17199 (cve.mitre.org)
     mod_session: mod_session_cookie does not respect expiry time allowing
     sessions to be reused.  [Hank Ibell]

  *) SECURITY: CVE-2018-17189 (cve.mitre.org)
     mod_http2: fixes a DoS attack vector. By sending slow request bodies
     to resources not consuming them, httpd cleanup code occupies a server
     thread unnecessarily. This was changed to an immediate stream reset
     which discards all stream state and incoming data.  [Stefan Eissing]

  *) SECURITY: CVE-2019-0190 (cve.mitre.org)
     mod_ssl: Fix infinite loop triggered by a client-initiated
     renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and
     later.  PR 63052.  [Joe Orton]

  *) mod_ssl: Clear retry flag before aborting client-initiated renegotiation.
     PR 63052 [Joe Orton]

  *) mod_negotiation: Treat LanguagePriority as case-insensitive to match
     AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet]

  *) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges
     have been fixed. [Michael Kaufmann, Stefan Eissing]

  *) mod_setenvif: We can have expressions that become true if a regex pattern
     in the expression does NOT match. In this case val is NULL
     and we should just set the value for the environment variable
     like in the pattern case. [Ruediger Pluem]

  *) mod_session: Always decode session attributes early. [Hank Ibell]

  *) core: Incorrect values for environment variables are substituted when
     multiple environment variables are specified in a directive. [Hank Ibell]

  *) mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when
     this type of map is present in the configuration.  PR62311.
     [Hank Ibell <hwibell gmail.com>]

  *) mod_dav: Fix invalid Location header when a resource is created by
     passing an absolute URI on the request line [Jim Jagielski]

  *) mod_session_cookie: avoid duplicate Set-Cookie header in the response.
     [Emmanuel Dreyfus <manu@netbsd.org>, Luca Toscano]

  *) mod_ssl: clear *SSL errors before loading certificates and checking
     afterwards. Otherwise errors are reported when other SSL using modules
     are in play. Fixes PR 62880. [Michael Kaufmann]

  *) mod_ssl: Fix the error code returned in an error path of
     'ssl_io_filter_handshake()'. This messes-up error handling performed
     in 'ssl_io_filter_error()' [Yann Ylavic]

  *) mod_ssl: Fix $HTTPS definition for "SSLEngine optional" case, and fix
     authz provider so "Require ssl" works correctly in HTTP/2.
     PR 61519, 62654.  [Joe Orton, Stefan Eissing]

  *) mod_proxy: If ProxyPassReverse is used for reverse mapping of relative
     redirects, subsequent ProxyPassReverse statements, whether they are
     relative or absolute, may fail.  PR 60408.  [Peter Haworth <pmh1wheel
gmail.com>]

  *) mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1]

MFH:		2019Q1
Security:	eb888ce5-1f19-11e9-be05-4c72b94353b5
Sponsored by:	Netzkommune GmbH
Original commitRevision:491041 
Saturday, 27 Oct 2018
14:36 brnrd search for other commits by this committer
www/apache24: Update to 2.4.37

 - Adds TLSv1.3 support with security/openssl111

PR:		232687
Submitted by:	Pascal Christen <pascal christen hostpoint.ch>
Reported by:	Markus Kohlmeyer <rootservice gmail com>
Reviewed by:	ohauer
Approved by:	joneum
Differential Revision:	https://reviews.freebsd.org/D17668
Original commitRevision:483139 
Tuesday, 25 Sep 2018
18:40 joneum search for other commits by this committer
www/apache24: Update to 2.4.35

Changelog:

  *) http: Enforce consistently no response body with both 204 and 304
     statuses.  [Yann Ylavic]

  *) mod_status: Cumulate CPU time of exited child processes in the
     "cu" and "cs" values. Add CPU time of the parent process to the
     "c" and "s" values.
     [Rainer Jung]

  *) mod_proxy: Improve the balancer member data shown in mod_status when
     "ProxyStatus" is "On": add "busy" count and show byte counts in
     auto mode always in units of kilobytes.  [Rainer Jung]

  *) mod_status: Add cumulated response duration time in milliseconds.
     [Rainer Jung]

  *) mod_status: Complete the data shown for async MPMs in "auto" mode.
     Added number of processes, number of stopping processes and number
     of busy and idle workers.  [Rainer Jung]

  *) mod_ratelimit: Don't interfere with "chunked" encoding, fixing regression
     introduced in 2.4.34.  PR 62568.  [Yann Ylavic]

  *) mod_proxy: Remove load order and link dependency between mod_lbmethod_*
     modules and mod_proxy. PR 62557. [Ruediger Pluem, William Rowe]

  *) Allow the argument to <IfFile>, <IfDefine>, <IfSection>, <IfDirective>,
     and <IfModule> to be quoted.  This is primarily for the benefit of
     <IfFile>. [Eric Covener]

  *) mod_watchdog: Correct some log messages.  [Rainer Jung]

  *) mod_md: When the last domain name from an MD is moved to another one,
     that now empty MD gets moved to the store archive. PR 62572.
     [Stefan Eissing]

  *) mod_ssl: Fix merging of SSLOCSPOverrideResponder.  [Jeff Trawick,
     [Frank Meier <frank meier ergon.ch>]

  *) mod_proxy_balancer: Restore compatibility with APR 1.4.  [Joe Orton]

With hat:	apache
Original commitRevision:480688 
Friday, 20 Jul 2018
14:26 joneum search for other commits by this committer
www/apache24: Update to 2.4.34

 - fixes vulns in mod_http2 and mod_md
 - include SSL_* options in alphabetic ordering
 - Remove unneeded SSL_CFLAGS and _LDFLAGS
 - Remove WITH_HTTP_PORT and WITH_SSL_PORT
 - Remove trailing whitespace
 - Fix build with HTTP2 but without SSL [1]

PR:		229802, 227944 [1]
With hat:	apache
Approved by:	brnrd (apache)
MFH:		2018Q3
Security:	8b1a50ab-8a8e-11e8-add2-b499baebfeaf
Differential Revision:	https://reviews.freebsd.org/D16294
Original commitRevision:475018 
Saturday, 24 Mar 2018
18:26 joneum search for other commits by this committer
www/apache24: Update to 2.4.33

 - Add new uwsgi and md modules
 - Fix LibreSSL 2.7.x builds
 - Remove conflicts for non-existent ports
 - There are no slave-ports
 - Coalesce .if WITH_DEBUG blocks
 - Use OPTIONS where possible
 - Remove dead code
 - Actually enable/disable modules in ALL_MODULES loop
 - Add suexec warning
 - Move Makefile.options to Makefile (too small)

PR:		226647
With hat:	apache
Approved by:	brnrd (apache)
MFH:		MFH2018Q1
Security:	f38187e7-2f6e-11e8-8f07-b499baebfeaf
Original commitRevision:465461 
Monday, 23 Oct 2017
18:49 brnrd search for other commits by this committer
www/apache24: Update to 2.4.29

 - Remove patch for CVE-2017-9798 (included upstream)
 - Remove mod_ssl LibreSSL patches (included upstream)
 - Fix SSL stapling patch for LibreSSL
 - mod_http2 no longer experimental

PR:		222814
With hat:	apache
Original commitRevision:452732 
Wednesday, 12 Jul 2017
19:31 brnrd search for other commits by this committer
www/apache24: Update to 2.4.27

 - Bugfix update to 2.4.27
 - Fix build with LibreSSL [1]
 - Add brotli compression option
 - Add pkg-message for 10.3 base-ssl users
 - HTTP/2 is production ready, default enable
   - warn users of 10.3 for mod_http2/OpenSSL 1.0.1

[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=61184

PR:             220160 [1]
Reported by:    Markus Kohlmeyer <rootservice@gmail.com>
Reviewed by:    ohauer (hat)
Approved by:    ohauer (hat)
Differential Revision:  https://reviews.freebsd.org/D11285
Original commitRevision:445603 
Thursday, 22 Jun 2017
11:04 mat search for other commits by this committer
Update to 2.4.26.

MFH:		2017Q2
Security:	CVE-2017-3167
Security:	CVE-2017-3169
Security:	CVE-2017-7659
Security:	CVE-2017-7668
Security:	CVE-2017-7679
With hat:	portmgr
Sponsored by:	Absolight
Original commitRevision:444108 
Wednesday, 21 Dec 2016
10:41 ohauer search for other commits by this committer
- update to 2.4.25

PR:		215457
Reported by:	Apache Software Foundation
MFH:		2016Q4
Security:	vid 862d6ab3-c75e-11e6-9f98-20cf30e32f6d
		CVE-2016-8743
		CVE-2016-2161
		CVE-2016-0736
		CVE-2016-8740
		CVE-2016-5387
Original commitRevision:429063 
Tuesday, 5 Jul 2016
15:35 ohauer search for other commits by this committer
o update to 2.4.23
o disable build time stamp in favor of reproducible build
o remove obsolate scoreboard/status patch
o s/USE_OPENSSL=yes/USES=ssl/
o add OPTION for two new modules:
   mod_proxy_hcheck (default=on)
   mod_http2_proxy (experimental => default=off)

Changelog:
 http://www.apache.org/dist/httpd/CHANGES_2.4.23

MFH:		2016Q3
Original commitRevision:418091 
Monday, 11 Apr 2016
14:46 ohauer search for other commits by this committer
- update to 2.4.20
- use ${OPTION}_IMPLIES and remove some IGNORES
- turn on proxy_html and xml2enc as default [1]

[1] Often requested by users. The modules are not enabled in
    the default configuration.

Full changelog for apache version 2.4.19/2.4.20:
 http://www.apache.org/dist/httpd/CHANGES_2.4.20

Note: Apache httpd 2.4.19 was not released.

MFH:	2016Q2
Original commitRevision:413035 
Monday, 14 Dec 2015
20:53 ohauer search for other commits by this committer
- update to 2.4.18
- backport r1719967
  mod_ssl: fix build with openssl < 0.9.8m (missing semicolon).

This release also contains the patch for FreeBSD PR 204304
 Make the fix for fully qualifying REDIRECT_URL from PR#57785 opt-in.
 http://svn.apache.org/viewvc?view=revision&revision=1712268

Changes with Apache 2.4.18

  *) mod_ssl: for all ssl_engine_vars.c lookups, fall back to master connection
     if conn_rec itself holds no valid SSLConnRec*. Fixes PR58666.
     [Stefan Eissing]

  *) mod_http2: connection level window for flow control is set to protocol
     maximum of 2GB-1, preventing window exhaustion when sending data on many
     streams with higher cumulative window size.
     Reducing write frequency unless push promises need to be flushed.
     [Stefan Eissing]

  *) mod_http2: required minimum version of libnghttp2 is 1.2.1
     [Stefan Eissing]

  *) mod_proxy_fdpass: Fix AH01153 error when using the default configuration.
     In earlier version of httpd, you can explicitelly set the 'flusher'
parameter
     to 'flush' as a workaround. (i.e. flusher=flush)
     Add documentation for the 'flusher' parameter when defining a proxy worker.
     [Christophe Jaillet]

  *) mod_ssl: For the "SSLStaplingReturnResponderErrors off" case, make sure
     to only staple responses with certificate status "good". [Kaspar Brand]

  *) mod_http2: new directive 'H2PushPriority' to allow priority specifications
     on server pushed streams according to their content-type.
     [Stefan Eissing]

  *) mod_http2: fixes crash on connection abort for a busy connection.
     fixes crash on a request that did not produce any response.
     [Stefan Eissing]

  *) mod_http2: trailers are sent after reponse body if set in request_rec
     trailers_out before the end-of-request bucket is sent through the
     output filters. [Stefan Eissing]

  *) mod_http2: incoming trailers (headers after request body) are properly
     forwarded to the processing engine. [Stefan Eissing]

  *) mod_http2: new directive 'H2Push' to en-/disable HTTP/2 server
     pushes a server/virtual host. Pushes are initiated by the presence
     of 'Link:' headers with relation 'preload' on a response. [Stefan Eissing]

  *) mod_http2: write performance of http2 improved for larger resources,
     especially static files. [Stefan Eissing]

  *) core: if the first HTTP/1.1 request on a connection goes to a server that
     prefers different protocols, these protocols are announced in a Upgrade:
     header on the response, mentioning the preferred protocols.
     [Stefan Eissing]

  *) mod_http2: new directives 'H2TLSWarmUpSize' and 'H2TLSCoolDownSecs'
     to control TLS record sizes during connection lifetime.
     [Stefan Eissing]

  *) mod_http2: new directive 'H2ModernTLSOnly' to enforce security
     requirements of RFC 7540 on TLS connections. [Stefan Eissing]

  *) core: add ap_get_protocol_upgrades() to retrieve the list of protocols
     that a client could possibly upgrade to. Use in first request on a
     connection to announce protocol choices. [Stefan Eissing]

  *) mod_http2: reworked deallocation on connection shutdown and worker
     abort. Separate parent pool for all workers. worker threads are joined
     on planned worker shutdown. [Yann Ylavic, Stefan Eissing]

  *) mod_ssl: when receiving requests for other virtual hosts than the handshake
     server, the SSL parameters are checked for equality. With equal
     configuration, requests are passed for processing. Any change will trigger
     the old behaviour of "421 Misdirected Request".
     SSL now remembers the cipher suite that was used for the last handshake.
     This is compared against for any vhost/directory cipher specification.
     Detailed examination of renegotiation is only done when these do not
     match.
     Renegotiation is 403ed when a master connection is present. Exact reason
     is given additionally in a request note. [Stefan Eissing]

  *) core: Fix scoreboard crash (SIGBUS) on hardware requiring strict 64bit
     alignment (SPARC64, PPC64).  [Yann Ylavic]

  *) mod_cache: Accept HT (Horizontal Tab) when parsing cache related header
     fields as described in RFC7230. [Christophe Jaillet]

  *) core/util_script: making REDIRECT_URL a full URL is now opt-in
     via new 'QualifyRedirectURL' directive.

  *) core: Limit to ten the number of tolerated empty lines between request,
     and consume them before the pipelining check to avoid possible response
     delay when reading the next request without flushing.  [Yann Ylavic]

  *) mod_ssl: Extend expression parser registration to support ssl variables
     in any expression using mod_rewrite syntax "%{SSL:VARNAME}" or function
     syntax "ssl(VARNAME)". [Rainer Jung]

PR:		204304

with head apache@
Original commitRevision:403736 
Tuesday, 13 Oct 2015
18:17 ohauer search for other commits by this committer
- update to 2.4.17
- add support for HTTP/2 (RFC 7540)
- remove obsolate libressl patches [1]

In this release are some exciting new features including:

 *) HTTP/2 support via mod_http2 module
 *) Support for SO_REUSEPORT in MPMs for significant scalability

Changes with Apache 2.4.17

 *) mod_http2: added donated HTTP/2 implementation via core module. Similar
    configuration options to mod_ssl. [Stefan Eissing]

 *) mod_proxy: don't recyle backend announced "Connection: close" connections
    to avoid reusing it should the close be effective after some new request
    is ready to be sent.  [Yann Ylavic]

 *) mod_substitute: Allow to configure the patterns merge order with the new
    SubstituteInheritBefore on|off directive.  PR 57641
    [Marc.Stern <Marc.Stern approach.be>, Yann Ylavic, William Rowe]

 *) mod_proxy: Fix ProxySourceAddress binding failure with AH00938.
    PR 56687.  [Arne de Bruijn <apache arbruijn.dds.nl>

 *) mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3,
    and change the compiled-in default for SSL[Proxy]Protocol to "all -SSLv3",
    in accordance with RFC 7568. PR 58349, PR 57120. [Kaspar Brand]

 *) mod_ssl: append :!aNULL:!eNULL:!EXP to the cipher string settings,
    instead of prepending !aNULL:!eNULL:!EXP: (as was the case in 2.4.7
    and later). Enables support for configuring the SUITEB* cipher
    strings introduced in OpenSSL 1.0.2. PR 58213. [Kaspar Brand]

 *) mod_ssl: Add support for extracting the msUPN and dnsSRV forms
    of subjectAltName entries of type "otherName" into
    SSL_{CLIENT,SERVER}_SAN_OTHER_{msUPN,dnsSRV}_n environment
    variables. Addresses PR 58020. [Jan Pazdziora <jpazdziora redhat.com>,
    Kaspar Brand]

 *) mod_logio: Fix logging of %^FB (time to first byte) on the first request on
    an SSL connection.  PR 58454.
    [Konstantin J. Chernov <k.j.chernov gmail.com>]

 *) mod_cache: r->err_headers_out is not merged into
    r->headers when mod_cache is enabled and the response
    is cached for the first time. [Edward Lu]

 *) mod_slotmem_shm: Fix slots/SHM files names on restart for systems that
    can't create new (clear) slots while previous children gracefully stopping
    still use the old ones (e.g. Windows, OS2). mod_proxy_balancer failed to
    restart whenever the number of configured balancers/members changed during
    restart.  PR 58024.  [Yann Ylavic]

 *) core/util_script: make REDIRECT_URL a full URL.  PR 57785. [Nick Kew]

 *) MPMs: Support SO_REUSEPORT to create multiple duplicated listener
    records for scalability. [Yingqi Lu <yingqi.lu@intel.com>,
    Jeff Trawick, Jim Jagielski, Yann Ylavic]

 *) mod_proxy: Fix a race condition that caused a failed worker to be retried
    before the retry period is over. [Ruediger Pluem]

 *) mod_autoindex: Allow autoindexes when neither mod_dir nor mod_mime are
    loaded. [Eric Covener]

 *) mod_rewrite:  Allow cookies set by mod_rewrite to contain ':' by accepting
    ';' as an alternate separator.  PR47241.
    [<bugzilla schermesser com>, Eric Covener]

 *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with
    apxs -q. PR58202. [Daniel Shahaf <danielsh apache.org>]

 *) mod_rewrite: Avoid a crash when lacking correct DB access permissions
    when using RewriteMap with MapType dbd or fastdbd.  [Christophe Jaillet]

 *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.
    PR 57868. [Jose Kahan <jose w3.org>, Yann Ylavic]

 *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how
    long to keep idle connections with the memcache server(s).
    Change default value from 600 usec (!) to 15 sec. PR 58091
    [Christophe Jaillet]

 *) mod_dir: Prevent the internal identifier "httpd/unix-directory" from
    appearing as a Content-Type response header when requests for a directory
    are rewritten by mod_rewrite. [Eric Covener]

[1] tested by brnrd@
Original commitRevision:399207 
Wednesday, 15 Jul 2015
17:16 pgollucci search for other commits by this committer
www/apache24: fix CVEs, update 2.4.12 -> 2.4.16

- Convet to USES=autoreconf
- Sort USES
- Remove now empty patch files

Security:              
https://vuxml.freebsd.org/freebsd/a12494c1-2af4-11e5-86ff-14dae9d210b8.html
Differential Revision:  https://reviews.freebsd.org/D3101

Submitted by:           feld
Reviewed by:            pgollucci (myself)
With Hat:               apache@
MFH:                    2015Q3
Original commitRevision:392170 
Saturday, 31 Jan 2015
15:22 ohauer search for other commits by this committer
- update to 2.4.12

- change MPM backend from static to dynamic,
  but keep mpm_prefork for compatiblity with e.g. php modules
- install dedicated MPM load file in case httpd was build with modular MPM
  (modules.d/000_mpm_prefork_fallback.conf)
- disable SSLv3 and SSLv2 fallback in sample httpd-ssl-conf
- use @sample macro instead EXAMPLESDIR
- add some SSLCipherSuite examples for OpenSSL >= 1.0.x
- add libressl support [1]
- add pkg-install script (to handle new modular MPM build)
- build now most all modules, so users using packages don't have
  to run a custom build for missing modules
- fix suexec mode

PR:		196139 [1]
MFH:		2015Q1
Original commitRevision:378215 
Sunday, 20 Jul 2014
20:49 ohauer search for other commits by this committer
- security update to release 2.4.10

- add OPTION for new mod_authnz_fcgi module

- s/libluajit.so/libluajit-5.1.so/ (there is no libluajit.so)

- backport for mod_lua: Don't quote values in cookies
   Make IE happy again [#56734]
   http://svn.apache.org/viewvc?view=revision&revision=1611744

- disable sanity check on demand [1]

Release Notes:
 http://www.apache.org/dist/httpd/CHANGES_2.4.10

PR:		191398 [1]
Submitted by:	Robert Schulze <rs@bytecamp.net>
MFH:		2014Q3
Security:	4364e1f1-0f44-11e4-b090-20cf30e32f6d
		CVE-2014-0117
		CVE-2014-3523
		CVE-2014-0226
		CVE-2014-0118
		CVE-2014-0231
Original commitRevision:362371 
Saturday, 22 Mar 2014
21:18 ohauer search for other commits by this committer
- update to 2.4.9
- enforcing use libapr-1.so.5 (apr-1.5.0 instead apr-1.4.8)

Changes with Apache 2.4.9

  *) mod_ssl: Work around a bug in some older versions of OpenSSL that
     would cause a crash in SSL_get_certificate for servers where the
     certificate hadn't been sent. [Stephen Henson]

   *) mod_lua: Add a fixups hook that checks if the original request is intended
      for LuaMapHandler. This fixes a bug where FallbackResource invalidates the
      LuaMapHandler directive in certain cases by changing the URI before the
map
      handler code executes [Daniel Gruno, Daniel Ferradal <dferradal gmail
com>].

Changes with Apache 2.4.8

  *) SECURITY: CVE-2014-0098 (cve.mitre.org)
     Clean up cookie logging with fewer redundant string parsing passes.
     Log only cookies with a value assignment. Prevents segfaults when
     logging truncated cookies.
     [William Rowe, Ruediger Pluem, Jim Jagielski]

  *) SECURITY: CVE-2013-6438 (cve.mitre.org)
     mod_dav: Keep track of length of cdata properly when removing
     leading spaces. Eliminates a potential denial of service from
     specifically crafted DAV WRITE requests
     [Amin Tora <Amin.Tora neustar.biz>]

  *) core: Support named groups and backreferences within the LocationMatch,
     DirectoryMatch, FilesMatch and ProxyMatch directives. (Requires
     non-ancient PCRE library) [Graham Leggett]

  *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
     TE/CL conflicts. [Yann Ylavic <ylavic.dev gmail com>, Jim Jagielski]

  *) mod_dir: Add DirectoryCheckHandler to allow a 2.2-like behavior, skipping
     execution when a handler is already set. PR53929. [Eric Covener]

  *) mod_ssl: Do not perform SNI / Host header comparison in case of a
     forward proxy request. [Ruediger Pluem]

  *) mod_ssl: Remove the hardcoded algorithm-type dependency for the
     SSLCertificateFile and SSLCertificateKeyFile directives, to enable
     future algorithm agility, and deprecate the SSLCertificateChainFile
     directive (obsoleted by SSLCertificateFile). [Kaspar Brand]

  *) mod_rewrite: Add RewriteOptions InheritDown, InheritDownBefore,
     and IgnoreInherit to allow RewriteRules to be pushed from parent scopes
     to child scopes without explicitly configuring each child scope.
     PR56153.  [Edward Lu <Chaosed0 gmail com>]

  *) prefork: Fix long delays when doing a graceful restart.
     PR 54852 [Jim Jagielski, Arkadiusz Miskiewicz <arekm maven pl>]

  *) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
     5+ instead of just for FreeBSD 5. PR 53824. [Jeff Trawick]

  *) mod_proxy_wstunnel: Avoid busy loop on client errors, drop message
     IDs 02445, 02446, and 02448 to TRACE1 from DEBUG. PR 56145.
     [Joffroy Christen <joffroy.christen solvaxis com>, Eric Covener]

  *) mod_remoteip: Correct the trusted proxy match test. PR 54651.
     [Yoshinori Ehara <yoshinori ehara gmail com>, Eugene L <eugenel amazon
com>]

  *) mod_proxy_fcgi: Fix error message when an unexpected protocol version
     number is received from the application.  PR 56110.  [Jeff Trawick]

  *) mod_remoteip: Use the correct IP addresses to populate the proxy_ips field.
     PR 55972. [Mike Rumph]

  *) mod_lua: Update r:setcookie() to accept a table of options and add domain,
     path and httponly to the list of options available to set.
     PR 56128 [Edward Lu <Chaosed0 gmail com>, Daniel Gruno]

  *) mod_lua: Fix r:setcookie() to add, rather than replace,
     the Set-Cookie header. PR56105
     [Kevin J Walters <kjw ms com>, Edward Lu <Chaosed0 gmail com>]

  *) mod_lua: Allow for database results to be returned as a hash with
     row-name/value pairs instead of just row-number/value. [Daniel Gruno]

  *) mod_rewrite: Add %{CONN_REMOTE_ADDR} as the non-useragent counterpart to
     %{REMOTE_ADDR}. PR 56094. [Edward Lu <Chaosed0 gmail com>]

  *) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
     save the socket for reuse by the next worker as if it were an
     APR_SO_DISCONNECTED socket. Restores 2.2 behavior. [Eric Covener]

  *) mod_dir: Don't search for a DirectoryIndex or DirectorySlash on a URL
     that was just rewritten by mod_rewrite. PR53929. [Eric Covener]

  *) mod_session: When we have a session we were unable to decode,
     behave as if there was no session at all. [Thomas Eckert
     <thomas.r.w.eckert gmail com>]

  *) mod_session: Fix problems interpreting the SessionInclude and
     SessionExclude configuration. PR 56038. [Erik Pearson
     <erik adaptations.com>]

  *) mod_authn_core: Allow <AuthnProviderAlias>'es to be seen from auth
     stanzas under virtual hosts. PR 55622. [Eric Covener]

  *) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded
     30 seconds timeout. [Jan Kaluza]

  *) mod_proxy: Added support for unix domain sockets as the
     backend server endpoint [Jim Jagielski, Blaise Tarr
     <blaise tarr gmail com>]

  *) build: only search for modules (config*.m4) in known subdirectories, see
     build/config-stubs. [Stefan Fritsch]

  *) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk.
     PR 55833. [Eric Covener]

  *) mod_ssl: Add support for OpenSSL configuration commands by introducing
     the SSLOpenSSLConfCmd directive. [Stephen Henson, Kaspar Brand]

  *) mod_proxy: Remove (never documented) <Proxy ~ wildcard-url> syntax which
     is equivalent to <ProxyMatch wildcard-url>. [Christophe Jaillet]

  *) mod_authz_user, mod_authz_host, mod_authz_groupfile, mod_authz_dbm,
     mod_authz_dbd, mod_authnz_ldap: Support the expression parser within the
     require directives. [Graham Leggett]

  *) mod_proxy_http: Core dumped under high load. PR 50335.
     [Jan Kaluza <jkaluza redhat.com>]

  *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
     previously limited to 64MB. [Jens LAY=AY=s <jelaas gmail.com>]

  *) mod_lua: Use binary copy when dealing with uploads through r:parsebody()
     to prevent truncating files. [Daniel Gruno]

Changes with Apache 2.4.7

  *) APR 1.5.0 or later is now required for the event MPM.

  *) slotmem_shm: Error detection. [Jim Jagielski]

  *) event: Use skiplist data structure. [Jim Jagielski]

  *) event: Fail at startup with message AP02405 if the APR atomic
     implementation is not compatible with the MPM.  [Jim Jagielski]

  *) mpm_unix: Add ap_mpm_podx_* implementation to avoid code duplication
     and align w/ trunk. [Jim Jagielski]

  *) Fix potential rejection of valid MaxMemFree and ThreadStackSize
     directives.  [Mike Rumph <mike.rumph oracle.com>]

  *) mod_proxy_fcgi: Remove 64K limit on encoded length of all envvars.
     An individual envvar with an encoded length of more than 16K will be
     omitted.  [Jeff Trawick]

  *) mod_proxy_fcgi: Handle reading protocol data that is split between
     packets.  [Jeff Trawick]

  *) mod_ssl: Improve handling of ephemeral DH and ECDH keys by
     allowing custom parameters to be configured via SSLCertificateFile,
     and by adding standardized DH parameters for 1024/2048/3072/4096 bits.
     Unless custom parameters are configured, the standardized parameters
     are applied based on the certificate's RSA/DSA key size. [Kaspar Brand]

  *) mod_ssl, configure: Require OpenSSL 0.9.8a or later. [Kaspar Brand]

  *) mod_ssl: drop support for export-grade ciphers with ephemeral RSA
     keys, and unconditionally disable aNULL, eNULL and EXP ciphers
     (not overridable via SSLCipherSuite). [Kaspar Brand]

  *) mod_proxy: Added support for unix domain sockets as the
     backend server endpoint [Jim Jagielski, Blaise Tarr
     <blaise tarr gmail com>]

  *) Add experimental cmake-based build system for Windows.  [Jeff Trawick,
     Tom Donovan]

  *) event MPM: Fix possible crashes (third party modules accessing c->sbh)
     or occasional missed mod_status updates for some keepalive requests
     under load. [Eric Covener]

  *) mod_authn_socache: Support optional initialization arguments for
     socache providers.  [Chris Darroch]

  *) mod_session: Reset the max-age on session save. PR 47476. [Alexey
     Varlamov <alexey.v.varlamov gmail com>]

  *) mod_session: After parsing the value of the header specified by the
     SessionHeader directive, remove the value from the response. PR 55279.
     [Graham Leggett]

  *) mod_headers: Allow for format specifiers in the substitution string
     when using Header edit. [Daniel Ruggeri]

  *) mod_dav: dav_resource->uri is treated as unencoded. This was an
     unnecessary ABI changed introduced in 2.4.6. PR 55397.

  *) mod_dav: Don't require lock tokens for COPY source. PR 55306.

  *) core: Don't truncate output when sending is interrupted by a signal,
     such as from an exiting CGI process. PR 55643. [Jeff Trawick]

  *) WinNT MPM: Exit the child if the parent process crashes or is terminated.
     [Oracle Corporation]

  *) Windows: Correct failure to discard stderr in some error log
     configurations.  (Error message AH00093)  [Jeff Trawick]

  *) mod_session_crypto: Allow using exec: calls to obtain session
     encryption key.  [Daniel Ruggeri]

  *) core: Add missing Reason-Phrase in HTTP response headers.
     PR 54946. [Rainer Jung]

  *) mod_rewrite: Make rewrite websocket-aware to allow proxying.
     PR 55598. [Chris Harris <chris.harris kitware com>]

  *) mod_ldap: When looking up sub-groups, use an implicit objectClass=*
     instead of an explicit cn=* filter. [David Hawes <dhawes vt.edu>]

  *) ab: Add wait time, fix processing time, and output write errors only if
     they occured. [Christophe Jaillet]

  *) worker MPM: Don't forcibly kill worker threads if the child process is
     exiting gracefully.  [Oracle Corporation]

  *) core: apachectl -S prints wildcard name-based virtual hosts twice.
     PR54948 [Eric Covener]

  *) mod_auth_basic: Add AuthBasicUseDigestAlgorithm directive to
     allow migration of passwords from digest to basic authentication.
     [Chris Darroch]

  *) ab: Add a new -l parameter in order not to check the length of the
responses.
     This can be usefull with dynamic pages.
     PR9945, PR27888, PR42040 [<ccikrs1 cranbrook edu>]

  *) Suppress formatting of startup messages written to the console when
     ErrorLogFormat is used.  [Jeff Trawick]

  *) mod_auth_digest: Be more specific when the realm mismatches because the
     realm has not been specified. [Graham Leggett]

  *) mod_proxy: Add a note in the balancer manager stating whether changes
     will or will not be persisted and whether settings are inherited.
     [Daniel Ruggeri, Jim Jagielski]

  *) mod_cache: Avoid a crash with strcmp() when the hostname is not provided.
     [Graham Leggett]

  *) core: Add util_fcgi.h and associated definitions and support
     routines for FastCGI, based largely on mod_proxy_fcgi.
     [Jeff Trawick]

  *) mod_headers: Add 'Header note header-name note-name' for copying a response
     headers value into a note. [Eric Covener]

  *) mod_headers: Add 'setifempty' command to Header and RequestHeader.
     [Eric Covener]

  *) mod_logio: new format-specifier %S (sum) which is the sum of received
     and sent byte counts.
     PR54015 [Christophe Jaillet]

  *) mod_deflate: Improve error detection when decompressing request bodies
     with trailing garbage: handle case where trailing bytes are in
     the same bucket. [Rainer Jung]

  *) mod_authz_groupfile, mod_authz_user: Reduce severity of AH01671 and AH01663
     from ERROR to DEBUG, since these modules do not know what mod_authz_core
     is doing with their AUTHZ_DENIED return value. [Eric Covener]

  *) mod_ldap: add TRACE5 for LDAP retries. [Eric Covener]

  *) mod_ldap: retry on an LDAP timeout during authn. [Eric Covener]

  *) mod_ldap: Change "LDAPReferrals off" to actually set the underlying LDAP
     SDK option to OFF, and introduce "LDAPReferrals default" to take the SDK
     default, sans rebind authentication callback.
     [Jan Kaluza <kaluze AT redhat.com>]

  *) core: Log a message at TRACE1 when the client aborts a connection.
     [Eric Covener]

  *) WinNT MPM: Don't crash during child process initialization if the
     Listen protocol is unrecognized.  [Jeff Trawick]

  *) modules: Fix some compiler warnings. [Guenter Knauf]

  *) Sync 2.4 and trunk
       - Avoid some memory allocation and work when TRACE1 is not activated
       - fix typo in include guard
       - indent
       - No need to lower the string before removing the path, it is just a
waste of time...
       - Save a few cycles
     [Christophe Jaillet <christophe.jaillet wanadoo.fr>]

  *) mod_filter: Add "change=no" as a proto-flag to FilterProtocol
     to remove a providers initial flags set at registration time.
     [Eric Covener]

  *) core, mod_ssl: Enable the ability for a module to reverse the sense of
     a poll event from a read to a write or vice versa. This is a step on
     the way to allow mod_ssl taking full advantage of the event MPM.
     [Graham Leggett]

  *) Makefile.win: Install proper pcre DLL file during debug build install.
     PR 55235.  [Ben Reser <ben reser org>]

  *) mod_ldap: Fix a potential memory leak or corruption.  PR 54936.
     [Zhenbo Xu <zhenbo1987 gmail com>]

  *) ab: Fix potential buffer overflows when processing the T and X
     command-line options.  PR 55360.
     [Mike Rumph <mike.rumph oracle.com>]

  *) fcgistarter: Specify SO_REUSEADDR to allow starting a server
     with old connections in TIME_WAIT.  [Jeff Trawick]

  *) core: Add open_htaccess hook which, in conjunction with dirwalk_stat
     and post_perdir_config (introduced in 2.4.5), allows mpm-itk to be
     used without patches to httpd core. [Stefan Fritsch]

  *) support/htdbm: fix processing of -t command line switch. Regression
     introduced in 2.4.4
     PR 55264 [Jo Rhett <jrhett netconsonance com>]

  *) mod_lua: add websocket support via r:wsupgrade, r:wswrite, r:wsread
     and r:wsping. [Daniel Gruno]

  *) mod_lua: add support for writing/reading cookies via r:getcookie and
     r:setcookie. [Daniel Gruno]

  *) mod_lua: If the first yield() of a LuaOutputFilter returns a string, it
should
     be prefixed to the response as documented. [Eric Covener]
     Note: Not present in 2.4.7 CHANGES

  *) mod_lua: Remove ETAG, Content-Length, and Content-MD5 when a
LuaOutputFilter
     is configured without mod_filter. [Eric Covener]
     Note: Not present in 2.4.7 CHANGES

  *) mod_lua: Register LuaOutputFilter scripts as changing the content and
     content-length by default, when run my mod_filter.  Previously,
     growing or shrinking a response that started with Content-Length set
     would require mod_filter and FilterProtocol change=yes. [Eric Covener]
     Note: Not present in 2.4.7 CHANGES

  *) mod_lua: Return a 500 error if a LuaHook* script doesn't return a
     numeric return code. [Eric Covener]
     Note: Not present in 2.4.7 CHANGES
Original commitRevision:348808 
Saturday, 20 Jul 2013
17:11 ohauer search for other commits by this committer
- update to apache24-2.4.6
 - new modules: mod_cache_socache, mod_macro and mod_proxy_wstunnel

- add enty to vuxml

SECURITY: CVE-2013-1896 (cve.mitre.org)
 mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
 the source href (sent as part of the request body as XML) pointing to a
 URI that is not configured for DAV will trigger a segfault.

SECURITY: CVE-2013-2249 (cve.mitre.org)
 mod_session_dbd: Make sure that dirty flag is respected when saving
 sessions, and ensure the session ID is changed each time the session
 changes. This changes the format of the updatesession SQL statement.
 Existing configurations must be changed.

Changelog:
http://www.apache.org/dist/httpd/CHANGES_2.4.6

with hat apache@

Security:	ca4d63fb-f15c-11e2-b183-20cf30e32f6d
Original commitRevision:323351 
Tuesday, 26 Mar 2013
21:35 ohauer search for other commits by this committer
- new port www/apache24

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/

Note:
 Since apache24 does not enable every module by default in httpd.conf the
 list of modules to build was preselected to match build param
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Original commitRevision:315335 

Number of commits found: 34