pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/apache Update apache package to 1.3.31.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/23e545356f93
branches:  trunk
changeset: 475275:23e545356f93
user:      taca <taca%pkgsrc.org@localhost>
date:      Thu May 13 11:39:09 2004 +0000

description:
Update apache package to 1.3.31.


                     Apache 1.3.31 Major changes

  Security vulnerabilities

     * CAN-2003-0987 (cve.mitre.org)
       In mod_digest, verify whether the nonce returned in the client
       response is one we issued ourselves.  This problem does not affect
       mod_auth_digest.

     * CAN-2003-0020 (cve.mitre.org)
       Escape arbitrary data before writing into the errorlog.

     * CAN-2004-0174 (cve.mitre.org)
       Fix starvation issue on listening sockets where a short-lived
       connection on a rarely-accessed listening socket will cause a
       child to hold the accept mutex and block out new connections until
       another connection arrives on that rarely-accessed listening socket.

     * CAN-2003-0993 (cve.mitre.org)
       Fix parsing of Allow/Deny rules using IP addresses without a
       netmask; issue is only known to affect big-endian 64-bit
       platforms

  New features

   New features that relate to specific platforms:

     * Linux 2.4+: If Apache is started as root and you code
       CoreDumpDirectory, core dumps are enabled via the prctl() syscall.

   New features that relate to all platforms:

     * Add mod_whatkilledus and mod_backtrace (experimental) for
       reporting diagnostic information after a child process crash.

     * Add fatal exception hook for running diagnostic code after a
       crash.

     * Forensic logging module added (mod_log_forensic)

     * '%X' is now accepted as an alias for '%c' in the
       LogFormat directive. This allows you to configure logging
       to still log the connection status even with mod_ssl

  Bugs fixed

   The following noteworthy bugs were found in Apache 1.3.29 (or earlier)
   and have been fixed in Apache 1.3.31:

     * Fix memory corruption problem with ap_custom_response() function.
       The core per-dir config would later point to request pool data
       that would be reused for different purposes on different requests.

     * mod_usertrack no longer inspects the Cookie2 header for
       the cookie name. It also no longer overwrites other cookies.

     * Fix bug causing core dump when using CookieTracking without
       specifying a CookieName directly.

     * UseCanonicalName off was ignoring the client provided
       port information.

diffstat:

 www/apache/Makefile         |   9 ++---
 www/apache/PLIST            |  17 ++++++---
 www/apache/distinfo         |  14 +++-----
 www/apache/patches/patch-ap |  30 ------------------
 www/apache/patches/patch-aq |  14 --------
 www/apache/patches/patch-ar |  75 ---------------------------------------------
 www/apache/patches/patch-as |  16 ---------
 7 files changed, 20 insertions(+), 155 deletions(-)

diffs (288 lines):

diff -r feac6474a675 -r 23e545356f93 www/apache/Makefile
--- a/www/apache/Makefile       Thu May 13 11:37:50 2004 +0000
+++ b/www/apache/Makefile       Thu May 13 11:39:09 2004 +0000
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.144 2004/04/26 20:06:58 jlam Exp $
+# $NetBSD: Makefile,v 1.145 2004/05/13 11:39:09 taca Exp $
 #
 # This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of
 # code hooks that allow mod_ssl to be compiled separately later, if desired).
 
 DISTNAME=              apache_${APACHE_VERSION}
 PKGNAME=               apache-${APACHE_VERSION}
-PKGREVISION=           2
-APACHE_VERSION=                1.3.29
+APACHE_VERSION=                1.3.31
 CATEGORIES=            www
 MASTER_SITES=          ${MASTER_SITE_APACHE:=httpd/} \
                        ${MASTER_SITE_APACHE:=httpd/old/}
@@ -19,8 +18,8 @@
 NETBSD_LOGO=           sitedrivenby.gif
 SITES_${NETBSD_LOGO}=  http://www.NetBSD.org/images/logos/
 
-MODSSL_VERSION=                2.8.16
-MODSSL_DISTNAME=       mod_ssl-${MODSSL_VERSION}-1.3.29
+MODSSL_VERSION=                2.8.17
+MODSSL_DISTNAME=       mod_ssl-${MODSSL_VERSION}-1.3.31
 MODSSL_DIST=           ${MODSSL_DISTNAME}.tar.gz
 MODSSL_SRC=            ${WRKDIR}/${MODSSL_DISTNAME}
 SITES_${MODSSL_DIST}=  http://www.modssl.org/source/ \
diff -r feac6474a675 -r 23e545356f93 www/apache/PLIST
--- a/www/apache/PLIST  Thu May 13 11:37:50 2004 +0000
+++ b/www/apache/PLIST  Thu May 13 11:39:09 2004 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.10 2004/04/23 22:07:59 reed Exp $
+@comment $NetBSD: PLIST,v 1.11 2004/05/13 11:39:09 taca Exp $
 bin/checkgid
 bin/dbmmanage
 bin/htdigest
@@ -83,6 +83,7 @@
 share/httpd/htdocs/index.html.es
 share/httpd/htdocs/index.html.fr
 share/httpd/htdocs/index.html.he.iso8859-8
+share/httpd/htdocs/index.html.hu
 share/httpd/htdocs/index.html.it
 share/httpd/htdocs/index.html.ja.jis
 share/httpd/htdocs/index.html.kr.iso-kr
@@ -102,7 +103,6 @@
 share/httpd/htdocs/index.html.ru.utf8
 share/httpd/htdocs/index.html.se
 share/httpd/htdocs/index.html.zh-tw.big5
-share/httpd/htdocs/manual/FAQ.html
 share/httpd/htdocs/manual/LICENSE
 share/httpd/htdocs/manual/bind.html.en
 share/httpd/htdocs/manual/bind.html.fr
@@ -173,7 +173,9 @@
 share/httpd/htdocs/manual/keepalive.html.en
 share/httpd/htdocs/manual/keepalive.html.html
 share/httpd/htdocs/manual/keepalive.html.ja.jis
-share/httpd/htdocs/manual/location.html
+share/httpd/htdocs/manual/location.html.en
+share/httpd/htdocs/manual/location.html.html
+share/httpd/htdocs/manual/location.html.ja.jis
 share/httpd/htdocs/manual/logs.html
 share/httpd/htdocs/manual/man-template.html
 share/httpd/htdocs/manual/misc/API.html
@@ -242,7 +244,9 @@
 share/httpd/htdocs/manual/mod/mod_auth_db.html
 share/httpd/htdocs/manual/mod/mod_auth_dbm.html
 share/httpd/htdocs/manual/mod/mod_auth_digest.html
-share/httpd/htdocs/manual/mod/mod_autoindex.html
+share/httpd/htdocs/manual/mod/mod_autoindex.html.en
+share/httpd/htdocs/manual/mod/mod_autoindex.html.html
+share/httpd/htdocs/manual/mod/mod_autoindex.html.ja.jis
 share/httpd/htdocs/manual/mod/mod_browser.html
 share/httpd/htdocs/manual/mod/mod_cern_meta.html
 share/httpd/htdocs/manual/mod/mod_cgi.html.en
@@ -272,6 +276,8 @@
 share/httpd/htdocs/manual/mod/mod_log_config.html.en
 share/httpd/htdocs/manual/mod/mod_log_config.html.html
 share/httpd/htdocs/manual/mod/mod_log_config.html.ja.jis
+share/httpd/htdocs/manual/mod/mod_log_forensic.html.en
+share/httpd/htdocs/manual/mod/mod_log_forensic.html.html
 share/httpd/htdocs/manual/mod/mod_log_referer.html
 share/httpd/htdocs/manual/mod/mod_mime.html.en
 share/httpd/htdocs/manual/mod/mod_mime.html.html
@@ -344,7 +350,6 @@
 share/httpd/htdocs/manual/programs/suexec.html.html
 share/httpd/htdocs/manual/programs/suexec.html.ja.jis
 share/httpd/htdocs/manual/readme-tpf.html
-share/httpd/htdocs/manual/search/manual-index.cgi
 share/httpd/htdocs/manual/sections.html.en
 share/httpd/htdocs/manual/sections.html.html
 share/httpd/htdocs/manual/sections.html.ja.jis
@@ -390,6 +395,7 @@
 share/httpd/htdocs/manual/win_service.html.html
 share/httpd/htdocs/manual/win_service.html.ja.jis
 share/httpd/htdocs/manual/windows.html.en
+share/httpd/htdocs/manual/windows.html.html
 share/httpd/htdocs/manual/windows.html.ja.jis
 share/httpd/htdocs/sitedrivenby.gif
 share/httpd/icons/README
@@ -613,7 +619,6 @@
 @dirrm share/httpd/icons/small
 @dirrm share/httpd/icons
 @dirrm share/httpd/htdocs/manual/vhosts
-@dirrm share/httpd/htdocs/manual/search
 @dirrm share/httpd/htdocs/manual/programs
 @dirrm share/httpd/htdocs/manual/mod
 @dirrm share/httpd/htdocs/manual/misc
diff -r feac6474a675 -r 23e545356f93 www/apache/distinfo
--- a/www/apache/distinfo       Thu May 13 11:37:50 2004 +0000
+++ b/www/apache/distinfo       Thu May 13 11:39:09 2004 +0000
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.32 2004/04/26 20:06:58 jlam Exp $
+$NetBSD: distinfo,v 1.33 2004/05/13 11:39:09 taca Exp $
 
-SHA1 (apache_1.3.29.tar.gz) = 0fb055dfd8c86457996edb36f19fb66f09dccd6a
-Size (apache_1.3.29.tar.gz) = 2435809 bytes
+SHA1 (apache_1.3.31.tar.gz) = a5d4298e8f99cae220ba65b5ef128d5742c7298d
+Size (apache_1.3.31.tar.gz) = 2467371 bytes
 SHA1 (sitedrivenby.gif) = 7671e9a8ec2cad3961b268befd33c0920e07c658
 Size (sitedrivenby.gif) = 8519 bytes
-SHA1 (mod_ssl-2.8.16-1.3.29.tar.gz) = c098dfffd81a6e5959f414c5c3eec291f58d3e44
-Size (mod_ssl-2.8.16-1.3.29.tar.gz) = 754325 bytes
+SHA1 (mod_ssl-2.8.17-1.3.31.tar.gz) = 942ca41a95f1e671ecabf90a8704b85de42d5d42
+Size (mod_ssl-2.8.17-1.3.31.tar.gz) = 754472 bytes
 SHA1 (patch-aa) = fa3f41ea33fc0088166b067bf68fb807ac53af96
 SHA1 (patch-ab) = 71ea1f3a59e0f7bc37175b0eefd462a1f7ca4fb6
 SHA1 (patch-ac) = 12347c7a306d3e898b032c2b4b3b01670b62d4fd
@@ -20,7 +20,3 @@
 SHA1 (patch-al) = a27b9676998621229dc3a1d920ea44b8e622feb2
 SHA1 (patch-am) = d05f7c30b73c0e90daf17d9d1c4838be7fd73b02
 SHA1 (patch-ao) = 5930f9ea0f5080b260a6e0c66a37c6d1ad0df4d4
-SHA1 (patch-ap) = 3dfa2396d481aca2b746d02cb2b161bd956825f8
-SHA1 (patch-aq) = 80032eadbbb546df8eac7fe08800a784c06a06f0
-SHA1 (patch-ar) = b422847735a9a4821cfa8ba8e2e7639ce1605b39
-SHA1 (patch-as) = b81faf1a0addede23a63c1334e47633d3dba38fa
diff -r feac6474a675 -r 23e545356f93 www/apache/patches/patch-ap
--- a/www/apache/patches/patch-ap       Thu May 13 11:37:50 2004 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,30 +0,0 @@
-$NetBSD: patch-ap,v 1.3 2004/04/07 19:53:27 reed Exp $
-SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
-
---- src/main/http_log.c.orig   2003-02-03 09:13:21.000000000 -0800
-+++ src/main/http_log.c
-@@ -314,6 +314,9 @@ static void log_error_core(const char *f
-                          const char *fmt, va_list args)
- {
-     char errstr[MAX_STRING_LEN];
-+#ifndef AP_UNSAFE_ERROR_LOG_UNESCAPED
-+    char scratch[MAX_STRING_LEN];
-+#endif
-     size_t len;
-     int save_errno = errno;
-     FILE *logf;
-@@ -445,7 +448,14 @@ static void log_error_core(const char *f
-     }
- #endif
- 
-+#ifndef AP_UNSAFE_ERROR_LOG_UNESCAPED
-+   if (ap_vsnprintf(scratch, sizeof(scratch) - len, fmt, args)) {
-+       len += ap_escape_errorlog_item(errstr + len, scratch,
-+                                      sizeof(errstr) - len);
-+   }
-+#else
-     len += ap_vsnprintf(errstr + len, sizeof(errstr) - len, fmt, args);
-+#endif
- 
-     /* NULL if we are logging to syslog */
-     if (logf) {
diff -r feac6474a675 -r 23e545356f93 www/apache/patches/patch-aq
--- a/www/apache/patches/patch-aq       Thu May 13 11:37:50 2004 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-$NetBSD: patch-aq,v 1.3 2004/04/07 19:53:27 reed Exp $
-SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
-
---- src/include/httpd.h.orig   2004-04-07 12:24:10.967724616 -0700
-+++ src/include/httpd.h
-@@ -1072,6 +1072,8 @@ API_EXPORT(char *) ap_escape_html(pool *
- API_EXPORT(char *) ap_construct_server(pool *p, const char *hostname,
-                                   unsigned port, const request_rec *r);
- API_EXPORT(char *) ap_escape_logitem(pool *p, const char *str);
-+API_EXPORT(size_t) ap_escape_errorlog_item(char *dest, const char *source,
-+                                           size_t buflen);
- API_EXPORT(char *) ap_escape_shell_cmd(pool *p, const char *s);
- 
- API_EXPORT(int) ap_count_dirs(const char *path);
diff -r feac6474a675 -r 23e545356f93 www/apache/patches/patch-ar
--- a/www/apache/patches/patch-ar       Thu May 13 11:37:50 2004 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,75 +0,0 @@
-$NetBSD: patch-ar,v 1.3 2004/04/07 19:53:27 reed Exp $
-SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
-
---- src/main/util.c.orig       2003-02-03 09:13:23.000000000 -0800
-+++ src/main/util.c
-@@ -1520,6 +1520,69 @@ API_EXPORT(char *) ap_escape_logitem(poo
-     return ret;
- }
- 
-+API_EXPORT(size_t) ap_escape_errorlog_item(char *dest, const char *source,
-+                                           size_t buflen)
-+{
-+    unsigned char *d, *ep;
-+    const unsigned char *s;
-+
-+    if (!source || !buflen) { /* be safe */
-+        return 0;
-+    }
-+
-+    d = (unsigned char *)dest;
-+    s = (const unsigned char *)source;
-+    ep = d + buflen - 1;
-+
-+    for (; d < ep && *s; ++s) {
-+
-+        if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
-+            *d++ = '\\';
-+            if (d >= ep) {
-+                --d;
-+                break;
-+            }
-+
-+            switch(*s) {
-+            case '\b':
-+                *d++ = 'b';
-+                break;
-+            case '\n':
-+                *d++ = 'n';
-+                break;
-+            case '\r':
-+                *d++ = 'r';
-+                break;
-+            case '\t':
-+                *d++ = 't';
-+                break;
-+            case '\v':
-+                *d++ = 'v';
-+                break;
-+            case '\\':
-+                *d++ = *s;
-+                break;
-+            case '"': /* no need for this in error log */
-+                d[-1] = *s;
-+                break;
-+            default:
-+                if (d >= ep - 2) {
-+                    ep = --d; /* break the for loop as well */
-+                    break;
-+                }
-+                c2x(*s, d);
-+                *d = 'x';
-+                d += 3;
-+            }
-+        }
-+        else {
-+            *d++ = *s;
-+        }
-+    }
-+    *d = '\0';
-+
-+    return (d - (unsigned char *)dest);
-+}
- 
- API_EXPORT(char *) ap_escape_shell_cmd(pool *p, const char *str)
- {
diff -r feac6474a675 -r 23e545356f93 www/apache/patches/patch-as
--- a/www/apache/patches/patch-as       Thu May 13 11:37:50 2004 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-as,v 1.3 2004/04/26 20:06:58 jlam Exp $
-
---- src/modules/standard/mod_auth_db.c.orig    Mon Feb  3 12:13:27 2003
-+++ src/modules/standard/mod_auth_db.c
-@@ -170,7 +170,10 @@ static char *get_db_pw(request_rec *r, c
-     q.data = user;
-     q.size = strlen(q.data);
- 
--#if defined(DB3) || defined(DB4)
-+#if defined(DB4)
-+    if (   db_create(&f, NULL, 0) != 0 
-+        || f->open(f, NULL, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664) != 0) {
-+#elif defined(DB3)
-     if (   db_create(&f, NULL, 0) != 0 
-         || f->open(f, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664) != 0) {
- #elif defined(DB2)



Home | Main Index | Thread Index | Old Index