notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

Current status

The server has been repaired, with a new power supply, for $23. I am waiting for lower COVID rates before visiting the datacenter to return it.
non port: www/apache22/Makefile
SVNWeb

Number of commits found: 188 (showing only 100 on this page)

1 | 2  »  

Wed, 21 Mar 2018
[ 21:24 brnrd ] Original commit   Revision:465240(Only the first 10 of 34 ports in this commit are shown above. View all ports for this commit)
devel/apr1: Bump portrevision

 - Repair my rookie mistake of earlier today
 - Bump revision of dependent ports (again)

Reported by:	antoine
[ 19:50 brnrd ] Original commit   Revision:465232(Only the first 10 of 35 ports in this commit are shown above. View all ports for this commit)
devel/apr1: Fix runtime issues of dependent port

 - iconv is in base in all supported FreeBSD versions
 - Fix build with MariaDB 10.2 [2]
 - Bump portrevision in dependencies

PR:		226705 [1], 226026 [2]
With hat:	apache
Approved by:	joneum (apache)
Sun, 11 Mar 2018
[ 14:23 brnrd ] Original commit   Revision:464175(Only the first 10 of 18 ports in this commit are shown above. View all ports for this commit)
Mk/Uses/apache.mk: Migrate Mk/bsd.apache.mk to Uses

 - Chase required changes in framework (bsd.sanity.mk, bsd.port.mk)
 - Chase required changes in ports (version checks)
 - Chase required changes in PHP ports (include bsd.apache.mk)
 - exp-run by antoine, brnrd, joneum

PR:             223691 (exp-run)
Reviewed by:    joneum (hat apache), mat (portmgr), antoine (portmgr)
Approved by:    joneum (hat apache)
Approved by:	portmgr
With hat:       apache
Sat, 24 Feb 2018
[ 10:33 brnrd ] Original commit   Revision:462786
www/apache22: Add upstream fix

 - Upstream fixes no longer released as point versions
 - Register BROKEN with various libssl providers
Tue, 19 Sep 2017
[ 12:29 zi ] Original commit   Revision:450118
- Add backport of patch for CVE-2017-9798
- Bump PORTREVISION

Approved by:	ports-secteam (with hat)
Security:	76b085e2-9d33-11e7-9260-000c292ee6b8
Wed, 12 Jul 2017
[ 19:26 brnrd ] Original commit   Revision:445602
www/apache22: Update to 2.2.34

 - Security update to 2.2.34

MFH:		2017Q3
Security:	0c2db2aa-5584-11e7-9a7d-b499baebfeaf
Differential Revision:	https://reviews.freebsd.org/D11285
Fri, 9 Jun 2017
[ 19:39 feld ] Original commit   Revision:443037
www/apache22: Update to 2.2.32

Does not build with OpenSSL 1.1.x or LibreSSL 2.5.x which is a known issue.

Changelog:	http://www.apache.org/dist/httpd/CHANGES_2.2.32

PR:		219720
MFH:		2017Q2
Security:	CVE-2016-8743
Sat, 5 Nov 2016
[ 18:01 sunpoet ] Original commit   Revision:425420
- Add LICENSE

Approved by:	portmgr (blanket)
Fri, 28 Oct 2016
[ 16:00 danfe ] Original commit   Revision:424861(Only the first 10 of 11 ports in this commit are shown above. View all ports for this commit)
- Remove trailing dot in COMMENT and/or reword it accordingly
- Prefer standard option descriptions, and trim one long line
Mon, 18 Jul 2016
[ 20:42 ohauer ] Original commit   Revision:418748
- add lost condition to apply the extra patch
  for reproducible build

MFH:		2016Q3
[ 20:26 ohauer ] Original commit   Revision:418746
- allow reproducible build
- set EXPIRATION_DATE to 2017-07-01 [1]

[1] Upstream propose EoL of apache 2.2.x during the next 12 months
    See discussion on dev@apache list.
[ 20:14 brnrd ] Original commit   Revision:418743
www/apache24: Fix httpoxy vulnerability (+2.2)

  - Add upstream patch to www/apache24
  - Add upstream patch to www/apache22
  - Bump PORTREVISION

Approved by:    feld (ports-secteam)
MFH:            2016Q3
Security:       cf0b5668-4d1b-11e6-b2ec-b499baebfeaf
Security:       CVE-2016-5387
Tue, 5 Jul 2016
[ 16:01 ohauer ] Original commit   Revision:418092
- s/USE_OPENSSL=yes/USES=ssl/
Fri, 1 Apr 2016
[ 14:33 mat ] Original commit   Revision:412351(Only the first 10 of 2136 ports in this commit are shown above. View all ports for this commit)
Remove ${PORTSDIR}/ from dependencies, categories v, w, x, y, and z.

With hat:	portmgr
Sponsored by:	Absolight
Mon, 18 Jan 2016
[ 19:36 ohauer ] Original commit   Revision:406606
- fix ab buid with OpenSSL from ports and SSL3 disabled [1]
  (backport ab.c r1706008 from apache24)
- use new $opt-target
- improve kldstat check
- use new defined postexec, preunexec in pkg-plist

with hat apache@

PR:		206369
Submitted by:	matthew@ [1]
Sun, 27 Sep 2015
[ 10:44 ohauer ] Original commit   Revision:398034
- fix poudriere build on FreeBSD >= 10.x with OpenSSL from ports

I haven't found the exact culprit but it seems build in poudriere behaves
different.

Fix build in poudriere by inspecting MAKE_ENV, else WITH_OPENSSL_PORT is not
honored.

Noted by: Philip Jocks <pj @ netzkommune.de>
Sun, 2 Aug 2015
[ 19:39 ohauer ] Original commit   Revision:393440(Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
- update to 2.2.31
- remove backports
- minor cleanups
- always rebuild configure script
- add patch for acinclude.m4 [1]

Changes with Apache 2.2.31 [2]

  *) Correct win32 build issues for mod_proxy exports, OpenSSL 1.0.x headers.
     [Yann Ylavic, Gregg Smith]

Changes with Apache 2.2.30 (not released)

  *) SECURITY: CVE-2015-3183 (cve.mitre.org)
     core: Fix chunk header parsing defect.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
[ 15:03 tijl ] Original commit   Revision:393429(Only the first 10 of 234 ports in this commit are shown above. View all ports for this commit)
By default libtool replaces -export-symbols <file> with -retain-symbols-file
<file> on ELF systems, but this doesn't really do what -export-symbols is
meant to do.  On GNU ELF systems it converts <file> to a simple version
script first and then uses -version-script instead of -retain-symbols-file.
Let USES=libtool patch libtool scripts to do this on all systems with GNU
ld(1).

Bump PORTREVISION on all ports where the build log contains -export-symbols.

audio/calf: This port builds a module that now exports only one function,
but it also builds a number of executables that link to this module and
expect to see other functions.  Because it's already a bit dodgy to link to
a module (libtool warns about this) let the module continue to export only
one function and instead build an ordinary library from the same source that
the executables can link to.  Fix a number of other issues in the same
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Mon, 20 Jul 2015
[ 16:37 feld ] Original commit   Revision:392591
Backport patch for CVE and bump PORTREVISION

Approved by:	pgollucci
MFH:		2015Q3
Security:	CVE-2015-3183
Security:	29083f8e-2ca8-11e5-86ff-14dae9d210b8
Tue, 2 Jun 2015
[ 19:55 zi ] Original commit   Revision:388386
- Cleanup logjam patch (remove -rand call to openssl to fix build for libressl
users)
- Cleanup logjam patch (ensure perl can find/replace the correct bits when
re-rengerating)
- Bump PORTREVISION

With hat:	ports-secteam
Sun, 31 May 2015
[ 12:52 ohauer ] Original commit   Revision:388056(Only the first 10 of 26 ports in this commit are shown above. View all ports for this commit)
- use @sample for conf files
- backport ab from 2.4.x
- fix mode for suexec, cgi test files
- adopt http-ssl.conf.in from upstream trunk
- rebuild some patches
Thu, 21 May 2015
[ 02:13 zi ] Original commit   Revision:386904
- Generate new DH params during build to mitigate Logjam attack
- Fix deprecated USE_AUTOTOOLS
- Bump PORTREVISION

With hat:	ports-secteam
Obtained from:	Winni Neessen
Thu, 14 May 2015
[ 10:15 mat ] Original commit   Revision:386312(Only the first 10 of 1814 ports in this commit are shown above. View all ports for this commit)
MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
Sat, 18 Apr 2015
[ 09:47 tijl ] Original commit   Revision:384215(Only the first 10 of 41 ports in this commit are shown above. View all ports for this commit)
- Remove libtool hacks and patches that are now handled by USES=libtool
- Remove CONFIG_SHELL from CONFIGURE_ENV because bsd.port.mk handles that
Mon, 1 Dec 2014
[ 22:50 ohauer ] Original commit   Revision:373726
- make QA script happy and RMDIR empty folder below $PORTDOCS
  the script complans on them even PORTDOCS=* is set
- do not slence INSTALL commands
Tue, 14 Oct 2014
[ 13:23 mat ] Original commit   Revision:370851
Remove a #define strtoul that is messing up with c++.

Differential Revision:	https://reviews.freebsd.org/D945
Approved by:	ohauer
Sponsored by:	Absolight
Mon, 22 Sep 2014
[ 18:50 ohauer ] Original commit   Revision:368986
apache24

- remove check if apr is build with threads
- bump PORTREVISION
- adopt new pkg-plist @dir

@with hat apache@
Sat, 13 Sep 2014
[ 19:24 tijl ] Original commit   Revision:368131
Remove unused LIBTOOLFILES
Wed, 3 Sep 2014
[ 20:20 ohauer ] Original commit   Revision:367227
- update to 2.2.29
- use PTHREAD_LIBS/CFLAGS instead -pthread

Changes with Apache 2.2.29
http://www.apache.org/dist/httpd/CHANGES_2.2.29

  *) Corrected docs/manual pages for new MergeTrailers directive and other
     out of date documentation. [William Rowe]

Changes with Apache 2.2.28

  *) SECURITY: CVE-2014-0118 (cve.mitre.org) [1]
     mod_deflate: The DEFLATE input filter (inflates request bodies) now
     limits the length and compression ratio of inflated request bodies to avoid
     denial of service via highly compressed bodies.  See directives
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 24 Jul 2014
[ 20:22 ohauer ] Original commit   Revision:362845
- backport upstream security fixes
- fix build with SSL from ports [1]

SECURITY: CVE-2014-0118 (cve.mitre.org)

mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to
avoid denial of sevice via highly compressed bodies.  See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and
DeflateInflateRatioBurst.

http://svn.apache.org/viewvc?view=revision&revision=1611426

SECURITY: CVE-2014-0226 (cve.mitre.org)
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Sun, 13 Jul 2014
[ 15:58 ohauer ] Original commit   Revision:361691
- reflect new preferred apache version
Tue, 8 Jul 2014
[ 22:46 ohauer ] Original commit   Revision:361317
- fix strip command (use ${PREFIX} instead real path)
[ 21:31 ohauer ] Original commit   Revision:361294
- strip files
- sort pkg-plist
- always install DOCS (remove Makefile hack)
- reflect modules.d in EXAMPLESDIR, next target
  will be a new keyword for pkg-plist to handle
  module installation.
- bump PORTREVISION

- add warning about default version change (2014-07-11)
  (pkg-message, files/HEADS_UP)
Thu, 12 Jun 2014
[ 09:17 tijl ] Original commit   Revision:357574(Only the first 10 of 22 ports in this commit are shown above. View all ports for this commit)
Bump PORTREVISION on everything that depends on devel/apr1 due to the
library version change.

Approved by:	portmgr (implicit)
Wed, 4 Jun 2014
[ 16:54 des ] Original commit   Revision:356512
Add CPE information.

With hat:	ports-secteam
Fri, 30 May 2014
[ 21:55 ohauer ] Original commit   Revision:355919
- /USE_AUTOTOOLS=libtool/USES=libtool/

with hat apache@
Thu, 10 Apr 2014
[ 20:57 ohauer ] Original commit   Revision:350852
- fix build against security/openssl on FreeBSD-10
  in case port is build with tinderbox or poudriere.

  openssl is registered as BUILD/RUN dependency not
  as LIB dependency, therefore the check for openssl
  fails since it will be installed in a later stage
  by tinderbox / poudriere.

Thanks to Katsuya Higuchi who noted this issue on
the apache@ mailing list.
http://lists.freebsd.org/pipermail/freebsd-apache/2014-April/003490.html

MFH: 2014Q2

Submitted by:	Katsuya Higuchi <higuchi@jt-sys.co.jp>
Tue, 8 Apr 2014
[ 23:33 ohauer ] Original commit   Revision:350649
- fix build on FreeBSD-10+ with OpenSSL from ports
- bump PORTVERSION because of CVE-2014-0076 / CVE-2014-0160

Special Thanks to Philip Jocks for reporting and testing!
http://lists.freebsd.org/pipermail/freebsd-apache/2014-April/003483.html

with hat apache@
Thu, 27 Mar 2014
[ 05:28 ohauer ] Original commit   Revision:349319
- update to version 2.2.27
- fix apache-mpm-peruser graceful reload [1]

Changes with Apache 2.2.27

  *) SECURITY: CVE-2014-0098 (cve.mitre.org)
     Clean up cookie logging with fewer redundant string parsing passes.
     Log only cookies with a value assignment. Prevents segfaults when
     logging truncated cookies.
     [William Rowe, Ruediger Pluem, Jim Jagielski]

  *) SECURITY: CVE-2013-6438 (cve.mitre.org)
     mod_dav: Keep track of length of cdata properly when removing
     leading spaces. Eliminates a potential denial of service from
     specifically crafted DAV WRITE requests
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Sun, 16 Mar 2014
[ 16:07 ohauer ] Original commit   Revision:348417(Only the first 10 of 21 ports in this commit are shown above. View all ports for this commit)
ports in cat www where MAINTAINER=ports

- USE_BZIP2 -> USES= tar:bzip2
- LICENSE=BSD -> BSD[n]CLAUSE
Sun, 24 Nov 2013
[ 19:56 ohauer ] Original commit   Revision:334783
- update to 2.2.26

- add new directory for modules (APACHEETCDIR/modules.d)

  New modules can be registered here with a simple
  file that contains the LoadModule directives.
  Additonal Maintaines can write instructions to the
  conf file and keep pkg-message short.
  As bonus the config file can be installed like every
  other config file with a .sample extention so modules
  are not disabled during pkg upgrades.

  Module config files should begin with three digits
  followed by '_' e.g. 100_php5.conf.
  The load order can be controlled via the three digits.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 5 Nov 2013
[ 22:00 ohauer ] Original commit   Revision:332914
- backport upstream commit r1528718 into mod_dav [1].
  This is needed because of a bug [2] due to an incorrect
  implementation of RFC 4918.
  The symptoms are a failure to copy a svn tree via DAV:

- fix package installation with old pkg tools (create empty
  folders in pkg-plist even staging is enabled)

[1] http://svn.apache.org/viewvc?view=revision&revision=1528718
[2] https://issues.apache.org/bugzilla/show_bug.cgi?id=55306

PR:		ports/183685
Submitted by:	Pietro Cerutti <gahr@FreeBSD.org>
Sun, 27 Oct 2013
[ 17:40 ohauer ] Original commit   Revision:331788
- support staging
- partitial adopt new ${opt}_ notation
Fri, 20 Sep 2013
[ 23:36 bapt ] Original commit   Revision:327776(Only the first 10 of 2206 ports in this commit are shown above. View all ports for this commit)
Add NO_STAGE all over the place in preparation for the staging support (cat:
www)
Sat, 14 Sep 2013
[ 13:38 az ] Original commit   Revision:327283(Only the first 10 of 19 ports in this commit are shown above. View all ports for this commit)
- convert to the new perl5 framework
- convert USE_GMAKE to Uses

Approved by:	portmgr (bapt@, blanket)
Sat, 7 Sep 2013
[ 19:49 bsam ] Original commit   Revision:326683(Only the first 10 of 14 ports in this commit are shown above. View all ports for this commit)
Introduce variable ICONV_PREFIX at Mk/Uses/iconv.mk. The default for
pre 100043 is ${LOCALBASE} and /usr otherwise. Convert all ports to
new variable usage.

Approved by:	portmgr (bapt, implicit)
Wed, 14 Aug 2013
[ 22:35 ak ] Original commit   Revision:324744(Only the first 10 of 1725 ports in this commit are shown above. View all ports for this commit)
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
Wed, 10 Jul 2013
[ 19:01 ohauer ] Original commit   Revision:322728
- update to apache-2.2.25
- update vuxml with additional CVE-2013-1896 entry

Changes with Apache 2.2.25
  http://www.apache.org/dist/httpd/CHANGES_2.2.25

  *) SECURITY: CVE-2013-1896 (cve.mitre.org)
     mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with
     the source href (sent as part of the request body as XML) pointing to a
     URI that is not configured for DAV will trigger a segfault. [Ben Reser
     <ben reser.org>]

  *) SECURITY: CVE-2013-1862 (cve.mitre.org)
     mod_rewrite: Ensure that client data written to the RewriteLog is
     escaped to prevent terminal escape sequences from entering the
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Sat, 6 Jul 2013
[ 08:46 ohauer ] Original commit   Revision:322368
- add fix for CVE-2013-1862
- adjust vuxml
Sat, 27 Apr 2013
[ 18:25 mva ] Original commit   Revision:316683(Only the first 10 of 181 ports in this commit are shown above. View all ports for this commit)
- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig and
  USE_GETTEXT=yes to USES=gettext while here
Tue, 26 Mar 2013
[ 21:31 ohauer ] Original commit   Revision:315333
- prepare for apache24
Sat, 2 Mar 2013
[ 19:31 ohauer ] Original commit   Revision:313287(Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
- update to version 2.2.24
- move mpm itk patches to itk-mpm/files dir
- add sshd to REQUIRE line in the rc script to prevent boot
  issues in case a SSL cert is password protected [1]

Changes with Apache 2.2.24
 SECURITY: CVE-2012-3499 (cve.mitre.org) Various XSS flaws due to
 unescaped hostnames and URIs HTML output in mod_info, mod_status,
 mod_imagemap, mod_ldap, and mod_proxy_ftp.  [Jim Jagielski, Stefan
 Fritsch, Niels Heinen <heinenn google com>]

 SECURITY: CVE-2012-4558 (cve.mitre.org)
 XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
 Niels Heinen <heinenn google com>]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Wed, 2 Jan 2013
[ 02:12 ache ] Original commit   Revision:309798
Use
LockFile "/var/run/accept.lock"
instead of previous
LockFile "/var/log/accept.lock"

If system is crashed and rebooted, Apache refuses to start in case
/var/log/accept.lock.<pid> is found. That <pid> is almost always the same
due to minimum pid variance right after boot.
So use /var/run instead, which is cleaned on each boot.
Mon, 10 Dec 2012
[ 19:11 mm ] Original commit   Revision:308630(Only the first 10 of 233 ports in this commit are shown above. View all ports for this commit)
Update PCRE to 8.32
Introduces the UTF-32 library pcre32
Bump PORTREVISION in dependent ports
Sun, 18 Nov 2012
[ 18:48 hrs ] Original commit   Revision:307544
Fix a typo.

Spotted by:	ume
Pointy hat to:	hrs
Feature safe:	yes
[ 16:33 hrs ] Original commit   Revision:307542(Only the first 10 of 16 ports in this commit are shown above. View all ports for this commit)
Fix rc.d script to support systems before and after ${name}_fib is introduced
into rc.subr.  Bump PORTREVISION.

Feature safe:	yes
Fri, 2 Nov 2012
[ 18:45 ohauer ] Original commit   Revision:306878
- update apache22 to version 2.22.23
- trim vuxml/Makefile header

with hat apache@

Feature safe: yes

Security:       CVE-2012-2687
Sun, 9 Sep 2012
[ 17:01 ohauer ] Original commit   Revision:303982
- notice the users that old WITH/WITHOUT parameters are obsolete.
  Point them to the wiki

Thanks to crees@ for this suggestion to
implement this direct in the port

PR:		171509
Tue, 4 Sep 2012
[ 21:17 ohauer ] Original commit   Revision:303674
- Simplify options with the removal of the last APR only related parameter [1]

- disallow IPv6 sockets to handle IPv4 requests per default. [2]

- move extra-patch-server__config.c
    -> patch-server__config.c
    https://issues.apache.org/bugzilla/show_bug.cgi?id=53823

- bump PORTREVISION

[1] Credits to Hajimu UMEMOTO (ume@) for finding the last APR related parameter
[2] http://httpd.apache.org/docs/2.2/bind.html

with hat apache@
Sun, 2 Sep 2012
[ 14:31 ohauer ] Original commit   Revision:303550(Only the first 10 of 18 ports in this commit are shown above. View all ports for this commit)
devel/apr1 [1]
- update APR to 1.4.6
- update APR-util to 1.4.1
- remove PKGNAMESUFFIX'es

www/apache-(event|itk|peruser|worker)-mpm
- adopt new Makefile header, adjust
  PKGNAMESUFFIX in apache22 masterport
  PKGNAME match now LATEST_LINK

www/apache22 [2]-[6]
- rewrite for options NG
- PORTNAME s|apache|apache22|
- remove APR APR-util specific otions,
  will be checked now with help of apr/u-1-config
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 23 Aug 2012
[ 04:49 ohauer ] Original commit 
- rewite apache port
 - remove all apr/apu related parts (leftovers from bundled apr)
 - remove invalid parts from Makefile.doc
 - move MODULES to Makefile.options

- remove apache20 parts
- remove category handling

with hat apache@
Mon, 13 Aug 2012
[ 19:51 ohauer ] Original commit 
- rewrite bsd.apache.mk  (prepare for options NG support)
   keep full backward support until apache20 is removed from the tree
   comment code to remove with MFC TODO:

- adjust apache20 and apache22 ports
   changes are transparent for users (no PORTREVISION bump)

 Users who are using special build instructions in make.conf, such as
  - WITH_STATIC_MODULES= alias dir log_config mime rewrite setenvif vhost_alias

 should convert the values to UPPERCASE
  - WITH_STATIC_MODULES= ALIAS DIR LOG_CONFIG MIME REWRITE SETENVIF VHOST_ALIAS

 At the moment code to support old lowercase style is in place, but
 target to remove in favor for options NG.

with hat apache@
Thu, 2 Aug 2012
[ 03:17 wxs ] Original commit 
Document Apache 2.2.x insecure handling of LD_LIBRARY_PATH.
Add patch[1] to address problem to apache port.

[1]:
http://svn.apache.org/viewvc/httpd/httpd/trunk/support/envvars-std.in?view=log&pathrev=1296428

Approved by:	apache@ (pgollucci@)
Obtained from:	Apache SVN
Sun, 22 Jul 2012
[ 21:13 ohauer ] Original commit 
apache22
- centralise OPTIONS in Makefile.options
- s/Enable// in OPTIONS
- rewrite Makefile.modules (last defined SLAVE_PORT_MPM port use now WITH_MPM
var)
- no REVISION bump, nothing changed in the logic / functionality

apache22-peruser-mpm
- use WITH_MPM instead SLAVE_PORT_MPM
Sun, 8 Jul 2012
[ 21:32 ohauer ] Original commit 
- cleanup conflicts (remove no longer existent ports)
- remove explicit ABI version number from LIB_DEPENDS
Tue, 14 Feb 2012
[ 12:44 mm ] Original commit (Only the first 10 of 15 ports in this commit are shown above. View all ports for this commit)
Bump pcre library dependency due to 8.30 update
Add (vendor) patch for deprecated pcre_info()
Thu, 9 Feb 2012
[ 02:49 pgollucci ] Original commit 
- use $SYSCTL
- use full path setfib

PR:             ports/153264
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>
With Hat:       apache@
Sponsored by:   Apache Software Foundation (ASF)
Wed, 8 Feb 2012
[ 22:49 pgollucci ] Original commit 
- Remove 0 length file breaking pkg

Reported by:    glarkin
[ 04:35 pgollucci ] Original commit 
- Convert to USERS/GROUPS [1]
- Resync proxy connect patch [2]
- Bump PORTREVISION since the proxy patch is unconditionally applied
  which means we can remove that OPTION too

PR:             ports/164698 [1], ports/164711 [2]
Submitted by:   jgh@ [1], freebsd@nagilum.org [2]
With Hat:       apache@
Sponsored by:   RideCharge Inc. / TaxiMagic
Wed, 1 Feb 2012
[ 18:56 jgh ] Original commit 
- Update to 2.2.22

Addresses:
* SECURITY: CVE-2011-3607 (cve.mitre.org)
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP
Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif
module is enabled, allows local users to gain privileges via a .htaccess file
with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request
header, leading to a heap-based buffer overflow.

* SECURITY: CVE-2012-0021 (cve.mitre.org)
The log_cookie function in mod_log_config.c in the mod_log_config module in the
Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not
properly handle a %{}C format string, which allows remote attackers to cause a
denial of service (daemon crash) via a cookie that lacks both a name and a
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Fri, 23 Sep 2011
[ 22:26 amdmi3 ] Original commit (Only the first 10 of 2369 ports in this commit are shown above. View all ports for this commit)
- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav
Thu, 15 Sep 2011
[ 05:00 ohauer ] Original commit 
- update to version 2.2.21

Addresses:
* SECURITY: CVE-2011-3348 (cve.mitre.org)
 mod_proxy_ajp when combined with mod_proxy_balancer: Prevents
 unrecognized HTTP methods from marking ajp: balancer members
 in an error state, avoiding denial of service.

* SECURITY: CVE-2011-3192 (cve.mitre.org)
 core: Further fixes to the handling of byte-range requests to use
 less memory, to avoid denial of service. This patch includes fixes
 to the patch introduced in release 2.2.20 for protocol compliance,
 as well as the MaxRanges directive.

PR:             ports/160743
Submitted by:   Jason Helfman <jhelfman@experts-exchange.com>
Mon, 12 Sep 2011
[ 23:17 gabor ] Original commit (Only the first 10 of 16 ports in this commit are shown above. View all ports for this commit)
- Track dependencies after databases/gdbm update
Fri, 2 Sep 2011
[ 06:18 ade ] Original commit 
Emergency upgrade to 2.2.20 - CVE-2011-3192.  Any complaints, talk to me.

PR:             160381
Wed, 29 Jun 2011
[ 17:28 ohauer ] Original commit 
- Close a race condition that sometimes resulted in configure.in
  patches being ignored
Sun, 22 May 2011
[ 21:33 ohauer ] Original commit 
- update to httpd-2.2.19

Changes with Apache 2.2.19

  *) Revert ABI breakage in 2.2.18 caused by the function signature change
     of ap_unescape_url_keep2f().  This release restores the signature from
     2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
     [Eric Covener]

commit with hat apache@
Fri, 13 May 2011
[ 23:02 ohauer ] Original commit 
- update to version 2.2.18

Changes:
http://www.apache.org/dist/httpd/CHANGES_2.2.18

Changes with Apache 2.2.18

  *) Log an error for failures to read a chunk-size, and return 408 instead
     413 when this is due to a read timeout.  This change also fixes some cases
     of two error documents being sent in the response for the same scenario.
     [Eric Covener] PR49167

  *) core: Only log a 408 if it is no keepalive timeout. PR 39785
     [Ruediger Pluem,  Mark Montague <markmont umich.edu>]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Mon, 18 Apr 2011
[ 20:32 ohauer ] Original commit 
 - fix Ports with version numbers going backwards for www/apache22-peruser-mpm
 - by changing PORTREVISION= to ?=

   Issue reported by erwin@
Thu, 31 Mar 2011
[ 17:00 ohauer ] Original commit 
 - update Apache 2 ITK MPM patch to version 20110321-01 [1]
 - add additional patch for mpm-itk [2]
 - add mod_substitute to apache22 [3]
 - add some documentation into the mpm-itk* patches
 - bump portrevision

 Changes:
 [1] apache2.2-mpm-itk 2.2.17-01, released 2011-03-21:
  * Fixed CVE-2011-1176: If NiceValue was set, the default with no
    AssignUserID was to run as root:root instead of the default Apache user
    and group, due to the configuration merger having an incorrect default
    configuration.
  * Rebase against Apache 2.2.17.
  * Fix an issue where users can sometimes get spurious 403s on persistent
    connections, if the .htaccess files are not world readable.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Tue, 7 Dec 2010
[ 20:38 pgollucci ] Original commit 
- update conflicts
Sat, 4 Dec 2010
[ 07:34 ade ] Original commit (Only the first 10 of 1730 ports in this commit are shown above. View all ports for this commit)
Sync to new bsd.autotools.mk
Thu, 21 Oct 2010
[ 18:00 pgollucci ] Original commit 
- The previous update to the rc.d script didn't quite maintain the old behavior
  correctly.  This fixes the pid file name

PR:                             ports/151623
Submitted by:   Vivek Khera <vivek@khera.org>
With Hat:               apache@
Point hat to:   myself (pgollucci)
Wed, 20 Oct 2010
[ 21:04 pgollucci ] Original commit 
- Update to 2.2.17

**
* Note, no CVE affects the FREEBSD port.  devel/apr1 was updated to
* apr-util 1.3.10 on 2010/10/06 05:32:24.
**

Changes:        http://www.apache.org/dist/httpd/CHANGES_2.2
PR:             ports/151594
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
With Hat:       apache@

<ChangeLog>
  *) prefork MPM: Run cleanups for final request when process exits gracefully
     to work around a flaw in apr-util.  PR 43857.  [Tom Donovan]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Sat, 16 Oct 2010
[ 11:52 ade ] Original commit (Only the first 10 of 445 ports in this commit are shown above. View all ports for this commit)
Punt autoconf267->autoconf268
Thu, 14 Oct 2010
[ 19:53 pgollucci ] Original commit 
- Allow overriding of the following on a profile basis.
    pidfile
    command
    envvars

Without profiles, the old defaults remain unchanged.  With profiles the old
defaults
remain unchanged.

Sponsored by:           RideCharge Inc. / TaxiMagic
Tested by:                      RideCharge Inc. / TaxiMagic (> 1 yr in
production)
With Hat:                       apache@
Wed, 15 Sep 2010
[ 18:35 ade ] Original commit (Only the first 10 of 652 ports in this commit are shown above. View all ports for this commit)
Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs
Mon, 26 Jul 2010
[ 01:28 kuriyama ] Original commit 
- Upgrade to 2.2.16.

Security:       CVE-2010-1452 (mod_{cache,dev} remote DoS),
                CVE-2010-2068 (mod_{proxy_{ajp,http},reqtimeout} related on some
platforms)
Fri, 21 May 2010
[ 16:28 pgollucci ] Original commit 
Bump PORTREVISION forgotten in last commit, by /home/ncvs lied to me.

- Fix misnamed patch that was unconditionally applied.

PR:             ports/146789
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
With Hat:       apache@
Thu, 20 May 2010
[ 21:43 pgollucci ] Original commit 
- Enable,build, and install mod_reqtimeout.so which mitigates solaris attacks.
- Default on, so bump PORTREVISION

Reuested by:        Jonas Eckerman <jonas@fsdb.org> (via apache@)
With Hat:           apache@
Tue, 18 May 2010
[ 04:58 pgollucci ] Original commit 
- Bump PORTREVISION

With Hat:   apache@
[ 04:57 pgollucci ] Original commit 
- Whitespace only

With Hat:   apache@
[ 04:55 pgollucci ] Original commit 
- file is only in devel/apr[01] now.

With Hat:   apache@
[ 04:55 pgollucci ] Original commit 
- remove apr/apr-util vestiges
- fullbuild not needed anymore
- buildconf not needed anymore
- scripts_env not needed anymore

With Hat:   apache@
[ 04:53 pgollucci ] Original commit 
- Remove WITH_APR_FROM_PORTS option. Always use devel/apr1 port now.
  Bundled srclib/apr is never used now.

With Hat:   apache@
[ 04:08 pgollucci ] Original commit (Only the first 10 of 151 ports in this commit are shown above. View all ports for this commit)
- Chase devel/apr -> devel/apr1 shuffling

PR:             ports/146553
Submitted by:   myself (pgollucci@)
With Hat:       apache@
[ 04:05 pgollucci ] Original commit (Only the first 10 of 18 ports in this commit are shown above. View all ports for this commit)
- Convert ports/ to devel/apr1

PR:             ports/146553
Submitted by:   myself (pgollucci@)
With Hat:       apache@
Fri, 14 May 2010
[ 05:03 pgollucci ] Original commit 
By default suexec doesn't enforces different resource limitations configured in
login.conf(5). This is probably because resource limitations are handled
differently on various different platforms.

This modifies suexec behaviour to set resource limits for CGI's
from /etc/login.conf before execing the customers CGI script.

Doesn't affect default package, so no PORTREVISION bumps.

I will follow up at dev@httpd.apache.org to see about adding this
with #ifdefs.

PR:             ports/136091
Submitted by:   Alexey V.Degtyarev <alexey@renatasystems.org>
With Hat:       apache@
Thu, 13 May 2010
[ 00:59 pgollucci ] Original commit 
- Remove use of $] which is deprecated in perl and gone in perl 5.12
  This is already being discussed at dev@httpd and will be committed upstream

Reported by:    brad clawsie <clawsie@fastmail.fm> (on apache@ list)
With Hat:       apache@
Fri, 7 May 2010
[ 21:46 pgollucci ] Original commit 
- Continuation of ports/133704
  apxs -A comments out the LoadModule line
  This adds custom FreeBSD mod to 'DELETE' the line so that it works with
  our pkg-plists in packages.
- Remove -s form the cmp httpd.conf in pkg-plist to be blatant about why
  it didn't get removed
- Tested with lang/php5
- Bump PORTREVISION

PR:             ports/133704
With Hat:       apache@
[ 20:53 pgollucci ] Original commit 
- Fix -A and -a options for apxs to correctly ignore whitespace.
  This will fix about 100 pkg-plist left overs for httpd.conf
- Bump PORTREVISION
-  This will be in 2.2.16.

PR:             ports/133704
Obtained from:  http://svn.apache.org/viewvc?rev=942210&view=rev
Reported by:    olli hauer <ohauer@gmx.de> (and very good pr!)
With Hat:       apache@

Number of commits found: 188 (showing only 100 on this page)

1 | 2  »