notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: www/apache22/files/patch-Makefile.in

Number of commits found: 12

Sunday, 31 May 2015
12:52 ohauer search for other commits by this committer
- use @sample for conf files
- backport ab from 2.4.x
- fix mode for suexec, cgi test files
- adopt http-ssl.conf.in from upstream trunk
- rebuild some patches
Original commitRevision:388056 
Tuesday, 8 Jul 2014
21:31 ohauer search for other commits by this committer
- strip files
- sort pkg-plist
- always install DOCS (remove Makefile hack)
- reflect modules.d in EXAMPLESDIR, next target
  will be a new keyword for pkg-plist to handle
  module installation.
- bump PORTREVISION

- add warning about default version change (2014-07-11)
  (pkg-message, files/HEADS_UP)
Original commitRevision:361294 
Sunday, 27 Oct 2013
17:40 ohauer search for other commits by this committer
- support staging
- partitial adopt new ${opt}_ notation
Original commitRevision:331788 
Friday, 2 Nov 2012
18:45 ohauer search for other commits by this committer
- update apache22 to version 2.22.23
- trim vuxml/Makefile header

with hat apache@

Feature safe: yes

Security:       CVE-2012-2687
Original commitRevision:306878 
Wednesday, 1 Feb 2012
18:56 jgh search for other commits by this committer
- Update to 2.2.22

Addresses:
* SECURITY: CVE-2011-3607 (cve.mitre.org)
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP
Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif
module is enabled, allows local users to gain privileges via a .htaccess file
with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request
header, leading to a heap-based buffer overflow.

* SECURITY: CVE-2012-0021 (cve.mitre.org)
The log_cookie function in mod_log_config.c in the mod_log_config module in the
Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not
properly handle a %{}C format string, which allows remote attackers to cause a
denial of service (daemon crash) via a cookie that lacks both a name and a
value.

* SECURITY: CVE-2012-0031 (cve.mitre.org)
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local
users to cause a denial of service (daemon crash during shutdown) or possibly
have unspecified other impact by modifying a certain type field within a
scoreboard shared memory segment, leading to an invalid call to the free
function.

* SECURITY: CVE-2011-4317 (cve.mitre.org)
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in
place, does not properly interact with use of (1) RewriteRule and (2)
ProxyPassMatch pattern matches for configuration of a reverse proxy, which
allows remote attackers to send requests to intranet servers via a malformed URI
containing an @ (at sign) character and a : (colon) character in invalid
positions. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2011-3368.

* SECURITY: CVE-2012-0053 (cve.mitre.org)
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly
restrict header information during construction of Bad Request (aka 400) error
documents, which allows remote attackers to obtain the values of HTTPOnly
cookies via vectors involving a (1) long or (2) malformed header in conjunction
with crafted web script.

* SECURITY: CVE-2011-3368 (cve.mitre.org)
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of
(1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a
reverse proxy, which allows remote attackers to send requests to intranet
servers via a malformed URI containing an initial @ (at sign) character.

PR: ports/164675
Reviewed by: pgollucci
Approved by: pgollucci, crees, rene (mentors, implicit)
With Hat: apache@
Original commit
Friday, 7 May 2010
03:15 pgollucci search for other commits by this committer
- Fix the owner to be root:wheel on files* when running sudo make ...
  This doesn't affect the package b/c pointyhat/tb run as root

PR:             ports/134456
With Hat:       apache@
Original commit
00:02 pgollucci search for other commits by this committer
- Regenerate patch files with make makepatch for they have
  piled up and additional patches conflict.
  This also will help when we try to syncronize www/apache20&www/apache22
- Unconditionally apply the mod_proxy_connect patch, you just may or may
  not actually compile the file to save some logic in Makefile

With Hat:   apache@
Original commit
Tuesday, 11 Dec 2007
20:22 clement search for other commits by this committer
- Fix slave ports [1]
- Fix plist [2]
- Fix CONFLICTS with devel/apr-svn [3]
- Fix install when index.html is modified
- Bump PORT_REVISION

PR:             ports/118348 [1], ports/118338 [2],ports/117097 [2]
                ports/90088 [3], ports/118349 [3]
Submitted by:   Andrey Beresovsky <and at sfedu dot ru> [1],
                Dimitry Andric <dimitry at andric dot com> [2],
                YAMAMOTO Takao <yamamoto at computec dot co dot jp>
                Melvyn Sopacua <melvyn atmelvyn dot homeunix dot org> [3],
                Dominic Fandrey <lon_kamikaze at gmx dot de> [3]
Original commit
Thursday, 20 Sep 2007
07:57 clement search for other commits by this committer
- Fix PCRE_FROM_PORTS. it wasn't processed by OPTIONS stff [1]
- Preserve index.html
- We no longer install images in default DocumentRoot (there're still in icons/)
- Various plist cleanup
- bump PORTREVISION since we are now safe with index.html

Reminded by:    bland@
Original commit
Wednesday, 19 Sep 2007
21:05 clement search for other commits by this committer
- remove duplicate entry of mod_charset_lite [1]
- add PCRE_FROM_PORTS to OPTIONS
- use @dirrmtry for include/apache22
- workaround plist issues when upgrading, but it's not as safe as I
  would expect, it requires more work.

Spotted by:     bland@ [1]
Original commit
Sunday, 9 Sep 2007
14:55 clement search for other commits by this committer
- Update to 2.2.6
- Fix restart when profiles are used [1]

Submitted by:   Jarrod Sayers <jarrod at netleader dot com dot au>
Original commit
Saturday, 3 Dec 2005
22:02 clement search for other commits by this committer
- Add apache 2.2.0
  It's a temporary layout, I need more time to find the best.
  note that ${PREFIX}/www/(data|errors|cgi)(-dist) disappeared in favor of
  ${PREFIX}/www/apache22
Original commit

Number of commits found: 12