head 1.8; access; symbols pkgsrc-2014Q1:1.7.0.80 pkgsrc-2014Q1-base:1.7 pkgsrc-2013Q4:1.7.0.78 pkgsrc-2013Q4-base:1.7 pkgsrc-2013Q3:1.7.0.76 pkgsrc-2013Q3-base:1.7 pkgsrc-2013Q2:1.7.0.74 pkgsrc-2013Q2-base:1.7 pkgsrc-2013Q1:1.7.0.72 pkgsrc-2013Q1-base:1.7 pkgsrc-2012Q4:1.7.0.70 pkgsrc-2012Q4-base:1.7 pkgsrc-2012Q3:1.7.0.68 pkgsrc-2012Q3-base:1.7 pkgsrc-2012Q2:1.7.0.66 pkgsrc-2012Q2-base:1.7 pkgsrc-2012Q1:1.7.0.64 pkgsrc-2012Q1-base:1.7 pkgsrc-2011Q4:1.7.0.62 pkgsrc-2011Q4-base:1.7 pkgsrc-2011Q3:1.7.0.60 pkgsrc-2011Q3-base:1.7 pkgsrc-2011Q2:1.7.0.58 pkgsrc-2011Q2-base:1.7 pkgsrc-2011Q1:1.7.0.56 pkgsrc-2011Q1-base:1.7 pkgsrc-2010Q4:1.7.0.54 pkgsrc-2010Q4-base:1.7 pkgsrc-2010Q3:1.7.0.52 pkgsrc-2010Q3-base:1.7 pkgsrc-2010Q2:1.7.0.50 pkgsrc-2010Q2-base:1.7 pkgsrc-2010Q1:1.7.0.48 pkgsrc-2010Q1-base:1.7 pkgsrc-2009Q4:1.7.0.46 pkgsrc-2009Q4-base:1.7 pkgsrc-2009Q3:1.7.0.44 pkgsrc-2009Q3-base:1.7 pkgsrc-2009Q2:1.7.0.42 pkgsrc-2009Q2-base:1.7 pkgsrc-2009Q1:1.7.0.40 pkgsrc-2009Q1-base:1.7 pkgsrc-2008Q4:1.7.0.38 pkgsrc-2008Q4-base:1.7 pkgsrc-2008Q3:1.7.0.36 pkgsrc-2008Q3-base:1.7 cube-native-xorg:1.7.0.34 cube-native-xorg-base:1.7 pkgsrc-2008Q2:1.7.0.32 pkgsrc-2008Q2-base:1.7 cwrapper:1.7.0.30 pkgsrc-2008Q1:1.7.0.28 pkgsrc-2008Q1-base:1.7 pkgsrc-2007Q4:1.7.0.26 pkgsrc-2007Q4-base:1.7 pkgsrc-2007Q3:1.7.0.24 pkgsrc-2007Q3-base:1.7 pkgsrc-2007Q2:1.7.0.22 pkgsrc-2007Q2-base:1.7 pkgsrc-2007Q1:1.7.0.20 pkgsrc-2007Q1-base:1.7 pkgsrc-2006Q4:1.7.0.18 pkgsrc-2006Q4-base:1.7 pkgsrc-2006Q3:1.7.0.16 pkgsrc-2006Q3-base:1.7 pkgsrc-2006Q2:1.7.0.14 pkgsrc-2006Q2-base:1.7 pkgsrc-2006Q1:1.7.0.12 pkgsrc-2006Q1-base:1.7 pkgsrc-2005Q4:1.7.0.10 pkgsrc-2005Q4-base:1.7 pkgsrc-2005Q3:1.7.0.8 pkgsrc-2005Q3-base:1.7 pkgsrc-2005Q2:1.7.0.6 pkgsrc-2005Q2-base:1.7 pkgsrc-2005Q1:1.7.0.4 pkgsrc-2005Q1-base:1.7 pkgsrc-2004Q4:1.7.0.2 pkgsrc-2004Q4-base:1.7 pkgsrc-2004Q3:1.5.0.16 pkgsrc-2004Q3-base:1.5 pkgsrc-2004Q2:1.5.0.14 pkgsrc-2004Q2-base:1.5 pkgsrc-2004Q1:1.5.0.12 pkgsrc-2004Q1-base:1.5 pkgsrc-2003Q4:1.5.0.10 pkgsrc-2003Q4-base:1.5 netbsd-1-6-1:1.5.0.6 netbsd-1-6-1-base:1.5 netbsd-1-6:1.5.0.8 netbsd-1-6-RELEASE-base:1.5 pkgviews:1.5.0.4 pkgviews-base:1.5 buildlink2:1.5.0.2 buildlink2-base:1.5 netbsd-1-5-PATCH003:1.5 netbsd-1-4-PATCH002:1.3 comdex-fall-1999:1.1 netbsd-1-4-PATCH001:1.1 netbsd-1-4-RELEASE:1.1; locks; strict; comment @# @; 1.8 date 2014.06.10.15.22.18; author joerg; state dead; branches; next 1.7; commitid djgMkPoOrhNxnZDx; 1.7 date 2004.11.26.18.52.47; author jlam; state Exp; branches; next 1.6; 1.6 date 2004.10.29.13.48.31; author abs; state Exp; branches; next 1.5; 1.5 date 2001.10.16.04.11.06; author jlam; state Exp; branches 1.5.16.1; next 1.4; 1.4 date 2000.09.12.14.17.33; author jlam; state dead; branches; next 1.3; 1.3 date 2000.01.31.16.35.37; author christos; state Exp; branches; next 1.2; 1.2 date 99.11.21.22.09.28; author tron; state Exp; branches; next 1.1; 1.1 date 98.12.04.17.24.33; author tv; state Exp; branches; next ; 1.5.16.1 date 2004.12.01.00.25.56; author salo; state Exp; branches; next ; desc @@ 1.8 log @Retire Apache 1.3 and 2.0. @ text @$NetBSD: patch-ak,v 1.7 2004/11/26 18:52:47 jlam Exp $ --- src/Makefile.tmpl.orig 2004-11-26 04:47:20.000000000 -0500 +++ src/Makefile.tmpl @@@@ -1,8 +1,8 @@@@ -CFLAGS=$(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS) -LIBS=$(EXTRA_LIBS) $(LIBS1) +CFLAGS=$(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS) $(DL_CFLAGS) +LIBS=$(EXTRA_LIBS) $(LIBS1) $(DL_LIBS) INCLUDES=$(INCLUDES1) $(INCLUDES0) $(EXTRA_INCLUDES) -LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS) +LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS) $(LINK_LIBGCC_LDFLAGS) $(DL_LDFLAGS) OBJS= \ modules.o \ @ 1.7 log @Pass the DL_* flags to the compiler when building httpd so that dlopen will work correctly on NetBSD-2.x. This should fix PR pkg/29398. @ text @d1 1 a1 1 $NetBSD$ @ 1.6 log @Update apache to 1.3.33 The main security vulnerabilities addressed in 1.3.33 are: * CAN-2004-0940 (cve.mitre.org) Fix potential buffer overflow with escaped characters in SSI tag string. * CAN-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. New features * Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. * Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. The following bugs were found in Apache 1.3.31 (or earlier) and have been fixed in Apache 1.3.33: * mod_rewrite: Fix query string handling for proxied URLs. PR 14518. * mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. * mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. * Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. * No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.5 2001/10/16 04:11:06 jlam Exp $ d3 1 a3 1 --- src/Makefile.tmpl.orig 2004-10-29 14:44:35.000000000 +0100 d5 6 a10 3 @@@@ -2,7 +2,7 @@@@ CFLAGS=$(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS) LIBS=$(EXTRA_LIBS) $(LIBS1) d13 1 a13 1 +LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS) $(LINK_LIBGCC_LDFLAGS) @ 1.5 log @Update apache{,6} to 1.3.20nb1. Changes from version 1.3.20 are: On NetBSD, we need to link libgcc.a whole-archive so that certain symbols from the C++ implementation (__get_eh_context, etc.) referenced by DSOs written in C++ will resolve correctly. This makes php4-sablot work with mod_php4.so (from ap-php4) on ELF platforms when loaded by Apache's httpd. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- src/Makefile.tmpl.orig Sun Oct 14 22:14:29 2001 @ 1.5.16.1 log @Pullup ticket 141 - requested by David Brownlee security fix for apache Module Name: pkgsrc Committed By: tron Date: Mon Oct 25 08:44:16 UTC 2004 Modified Files: pkgsrc/www/apache: Makefile PLIST distinfo Removed Files: pkgsrc/www/apache/patches: patch-ap Log Message: Update "apache" package to version 1.3.32. Changes since version 1.3.31: - mod_rewrite: Fix query string handling for proxied URLs. PR 14518. [michael teitler , Jan Kratochvil ] - mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. [André Malo] - mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. [Joe Orton] - Trigger an error when a LoadModule directive attempts to load a module which is built-in. This is a common error when switching from a DSO build to a static build. [Jeff Trawick, Geoffrey Young] - Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. [Will Slater ] - Fix memory leak in the cache handling of mod_rewrite. PR 27862. [chunyan sheng , André Malo] - mod_rewrite no longer confuses the RewriteMap caches if different maps defined in different virtual hosts use the same map name. PR 26462. [André Malo] - mod_setenvif: Remove "support" for Remote_User variable which never worked at all. PR 25725. [André Malo] - mod_usertrack: Escape the cookie name before pasting into the regexp. [André Malo] - Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. [Jeff Trawick] - SECURITY: CAN-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. [Mark Cox] - Fix a bunch of cases where the return code of the regex compiler was not checked properly. This affects mod_usertrack and core. PR 28218. [André Malo] - No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. [Jim Jagielski, Rasmus Lerdorf] - COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. [Jim Jagielski] --- Module Name: pkgsrc Committed By: abs Date: Fri Oct 29 13:48:31 UTC 2004 Modified Files: pkgsrc/www/apache: Makefile distinfo pkgsrc/www/apache/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-ak patch-am patch-ao Removed Files: pkgsrc/www/apache/patches: patch-al Log Message: Update apache to 1.3.33 The main security vulnerabilities addressed in 1.3.33 are: * CAN-2004-0940 (cve.mitre.org) Fix potential buffer overflow with escaped characters in SSI tag string. * CAN-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. New features * Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. * Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. The following bugs were found in Apache 1.3.31 (or earlier) and have been fixed in Apache 1.3.33: * mod_rewrite: Fix query string handling for proxied URLs. PR 14518. * mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. * mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. * Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. * No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. --- Module Name: pkgsrc Committed By: salo Date: Mon Nov 15 19:13:41 UTC 2004 Modified Files: pkgsrc/www/apache/patches: patch-ai Log Message: Revert rev 1.9, do not expand @@INSTALL@@, it's done in post-patch. (hi abs!) --- Module Name: pkgsrc Committed By: tron Date: Tue Nov 16 08:23:45 UTC 2004 Modified Files: pkgsrc/www/apache: distinfo Log Message: Regen after "patch-ai" was changed. (hi salo!) @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.6 2004/10/29 13:48:31 abs Exp $ d3 1 a3 1 --- src/Makefile.tmpl.orig 2004-10-29 14:44:35.000000000 +0100 @ 1.4 log @Update build to work with mod_ssl-2.6.6-1.3.12 to keep in sync with ap-ssl. EAPI didn't change so no need to change Apache's version number. Also standardize package builds to have Apache listen on ports 80/443 regardless of UID of user that builds the package, and make MAINTAINER point to me. @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.3 2000/01/31 16:35:37 christos Exp $ d3 8 a10 10 --- src/support/apxs.pl.orig Sun Jan 30 17:04:24 2000 +++ src/support/apxs.pl Sun Jan 30 17:05:33 2000 @@@@ -424,8 +424,7 @@@@ my $t = $f; $t =~ s|^.+/([^/]+)$|$1|; if ($opt_i) { - push(@@cmds, "cp $f $CFG_LIBEXECDIR/$t"); - push(@@cmds, "chmod 755 $CFG_LIBEXECDIR/$t"); + push(@@cmds, "install -c -m 555 -o root -g wheel $f $CFG_LIBEXECDIR/$t"); } d12 2 a13 1 # determine module symbolname and filename @ 1.3 log @update for 1.3.11 @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.2 1999/11/21 22:09:28 tron Exp $ @ 1.2 log @Update Apache package to version 1.3.9 (SSL Module 2.4.8) using patches suppled by SUNAGAWA Keiki in PR pkg/8819. This version mostly fixes bugs discovered since version 1.3.6. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 --- src/support/apxs.pl.orig Mon Sep 27 18:28:55 1999 +++ src/support/apxs.pl Mon Sep 27 18:31:42 1999 @@@@ -426,8 +426,7 @@@@ d9 3 a11 3 - push(@@cmds, "cp $f $CFG_LIBEXECDIR/$t"); - push(@@cmds, "chmod 755 $CFG_LIBEXECDIR/$t"); + push(@@cmds, "install -c -m 555 -o root -g wheel $f $CFG_LIBEXECDIR/$t"); @ 1.1 log @Bump version to `1.3.3.2' - add `timefmt' argument to ap_include_extern_func's (needed for a couple upcoming XSSI-extending modules). Also fix apxs to use `install' and fix the cgi-bin `preservation' while we're here. @ text @d3 3 a5 4 --- src/support/apxs.pl.orig Fri Dec 4 11:34:17 1998 +++ src/support/apxs.pl Fri Dec 4 11:36:26 1998 @@@@ -383,8 +383,7 @@@@ } d8 5 a12 3 - push(@@cmds, "cp $f $CFG_LIBEXECDIR/$t"); - push(@@cmds, "chmod 755 $CFG_LIBEXECDIR/$t"); + push(@@cmds, "install -c -m 555 -o root -g wheel $f $CFG_LIBEXECDIR/$t"); a14 1 my $filename = ''; @