[pkgsrc/trunk]: pkgsrc/www/apache Update to 1.3.36:

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/apache Update to 1.3.36:
From: wiz <wiz%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 03:46:37 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/9d4d7e0198b6
branches:  trunk
changeset: 516370:9d4d7e0198b6
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Wed Jul 19 22:45:14 2006 +0000

description:
Update to 1.3.36:

Changes with Apache 1.3.36

  *) Reverted SVN rev #396294 due to unwanted regression.
     The new feature introduced in 1.3.35 (Allow usage of the
     "Include" configuration directive within previously "Include"d
     files) has been removed in the meantime.
     (http://svn.apache.org/viewcvs?rev=396294&view=rev)

Changes with Apache 1.3.35

  *) SECURITY: CVE-2005-3352 (cve.mitre.org)
     mod_imap: Escape untrusted referer header before outputting in HTML
     to avoid potential cross-site scripting.  Change also made to
     ap_escape_html so we escape quotes.  Reported by JPCERT.
     [Mark Cox]

  *) core: Allow usage of the "Include" configuration directive within
     previously "Include"d files. [Colm MacCarthaigh]

  *) HTML-escape the Expect error message.  Not classed as security as
     an attacker has no way to influence the Expect header a victim will
     send to a target site.  Reported by Thiago Zaninotti [Mark Cox]

  *) mod_cgi: Remove block on OPTIONS method so that scripts can
     respond to OPTIONS directly rather than via server default.
     [Roy Fielding] PR 15242

diffstat:

 www/apache/Makefile         |   9 ++++-----
 www/apache/distinfo         |  15 +++++++--------
 www/apache/patches/patch-ap |  13 -------------
 3 files changed, 11 insertions(+), 26 deletions(-)

diffs (76 lines):

diff -r ecbc1dd5e23a -r 9d4d7e0198b6 www/apache/Makefile
--- a/www/apache/Makefile       Wed Jul 19 22:44:36 2006 +0000
+++ b/www/apache/Makefile       Wed Jul 19 22:45:14 2006 +0000
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.186 2006/07/02 10:43:18 rillig Exp $
+# $NetBSD: Makefile,v 1.187 2006/07/19 22:45:14 wiz Exp $
 #
 # This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of
 # code hooks that allow mod_ssl to be compiled separately later, if desired).
 
-DISTNAME=              apache_1.3.34
+DISTNAME=              apache_1.3.36
 PKGNAME=               ${DISTNAME:S/_/-/}
-PKGREVISION=           6
 CATEGORIES=            www
 MASTER_SITES=          ${MASTER_SITE_APACHE:=httpd/} \
                        ${MASTER_SITE_APACHE:=httpd/old/}
@@ -18,8 +17,8 @@
 NETBSD_LOGO=           sitedrivenby.gif
 SITES.${NETBSD_LOGO}=  http://www.NetBSD.org/images/logos/
 
-MODSSL_VERSION=                2.8.25
-MODSSL_DISTNAME=       mod_ssl-${MODSSL_VERSION}-1.3.34
+MODSSL_VERSION=                2.8.27
+MODSSL_DISTNAME=       mod_ssl-${MODSSL_VERSION}-1.3.36
 MODSSL_DIST=           ${MODSSL_DISTNAME}.tar.gz
 MODSSL_SRC=            ${WRKDIR}/${MODSSL_DISTNAME}
 SITES.${MODSSL_DIST}=  http://www.modssl.org/source/ \
diff -r ecbc1dd5e23a -r 9d4d7e0198b6 www/apache/distinfo
--- a/www/apache/distinfo       Wed Jul 19 22:44:36 2006 +0000
+++ b/www/apache/distinfo       Wed Jul 19 22:45:14 2006 +0000
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.51 2006/02/21 22:44:17 wiz Exp $
+$NetBSD: distinfo,v 1.52 2006/07/19 22:45:14 wiz Exp $
 
-SHA1 (apache_1.3.34.tar.gz) = df082b73f1220555dc416c0c5afa746e30a9e0de
-RMD160 (apache_1.3.34.tar.gz) = e39dfc57b7f9164aa76641de3fa74f0314c9ec9e
-Size (apache_1.3.34.tar.gz) = 2468056 bytes
+SHA1 (apache_1.3.36.tar.gz) = ca91b3e347d92a65df6a3629cdec45665135fa7c
+RMD160 (apache_1.3.36.tar.gz) = b032cb2f9c0ac84116a4dd3b91752f063e146f6b
+Size (apache_1.3.36.tar.gz) = 2477854 bytes
+SHA1 (mod_ssl-2.8.27-1.3.36.tar.gz) = c6d2d7729dd98f5324cacc3711080f16053748dc
+RMD160 (mod_ssl-2.8.27-1.3.36.tar.gz) = 7acbcad5440f57f7250a68deb424360a15ad558a
+Size (mod_ssl-2.8.27-1.3.36.tar.gz) = 820432 bytes
 SHA1 (sitedrivenby.gif) = 7671e9a8ec2cad3961b268befd33c0920e07c658
 RMD160 (sitedrivenby.gif) = 2e350e6531a800da8796207509c12fb590d0affa
 Size (sitedrivenby.gif) = 8519 bytes
-SHA1 (mod_ssl-2.8.25-1.3.34.tar.gz) = 150f726539d74c0d2af02e482be78bbcdb811395
-RMD160 (mod_ssl-2.8.25-1.3.34.tar.gz) = 90a3913d30c7f4d194907463125c90101005837a
-Size (mod_ssl-2.8.25-1.3.34.tar.gz) = 820352 bytes
 SHA1 (patch-aa) = 28302d0f95ff345fb9c4cc3306e910bfaca82cef
 SHA1 (patch-ab) = 084d52bb2afbacf18b9d0793293d8ae333c67802
 SHA1 (patch-ac) = b961c90a58a94f48daff417af146df98d5ec428c
@@ -23,5 +23,4 @@
 SHA1 (patch-al) = cdb6d8ecbf418024e8a198ebc9c8f15f259397c1
 SHA1 (patch-am) = b8551fca1ec8a62b3b420435479a896a7de1dfe0
 SHA1 (patch-ao) = 9ec5f32b2e9cf4c423b5d819fc76f652b27c6c29
-SHA1 (patch-ap) = 90ac139c91dcc45abb04e9496273f2ef4742d260
 SHA1 (patch-aq) = aee36110e604f990a1b017268810a28358c90178
diff -r ecbc1dd5e23a -r 9d4d7e0198b6 www/apache/patches/patch-ap
--- a/www/apache/patches/patch-ap       Wed Jul 19 22:44:36 2006 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-$NetBSD: patch-ap,v 1.7 2005/12/15 12:57:30 tron Exp $
-
---- src/modules/standard/mod_imap.c.orig       2004-11-24 20:10:19.000000000 +0100
-+++ src/modules/standard/mod_imap.c    2005-12-15 13:02:18.000000000 +0100
-@@ -328,7 +328,7 @@
-     if (!strcasecmp(value, "referer")) {
-         referer = ap_table_get(r->headers_in, "Referer");
-         if (referer && *referer) {
--          return ap_pstrdup(r->pool, referer);
-+          return ap_escape_html(r->pool, referer);
-         }
-         else {
-           /* XXX:  This used to do *value = '\0'; ... which is totally bogus

Prev by Date: [pkgsrc/trunk]: pkgsrc/misc/p5-Locale-Maketext-Lexicon Update to 0.61:
Next by Date: [pkgsrc/trunk]: pkgsrc/textproc/p5-Text-Balanced Update to 1.95:
Previous by Thread: [pkgsrc/trunk]: pkgsrc/misc/p5-Locale-Maketext-Lexicon Update to 0.61:
Next by Thread: [pkgsrc/trunk]: pkgsrc/textproc/p5-Text-Balanced Update to 1.95:
Indexes:

Home | Main Index | Thread Index | Old Index