1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-25 04:43:33 +00:00
Commit Graph

78 Commits

Author SHA1 Message Date
Clement Laforet
b5c6eb5f0e - Fix security issue in mod_rewrite.
All people using mod_rewrite are strongly encouraged to update.

An off-by-one flaw exists in the Rewrite module, mod_rewrite.
Depending on the manner in which Apache httpd was compiled, this
software defect may result in a vulnerability which, in combination
with certain types of Rewrite rules in the web server configuration
files, could be triggered remotely.  For vulnerable builds, the nature
of the vulnerability can be denial of service (crashing of web server
processes) or potentially allow arbitrary code execution.
This issue has been rated as having important security impact
by the Apache HTTP Server Security Team

Updates to latest versions will follow soon.

Notified by:	so@ (simon)
Obtained from:	Apache Security Team
Security: 	CVE-2006-3747
2006-07-27 20:26:29 +00:00
Clement Laforet
1e3b5eb942 - Fix typos in bdb-4.1 m4 macro
Spotted by:	Frank Steinborn <steinex@ircnow.org>
2006-04-30 15:52:08 +00:00
Doug Barton
c49d1a3273 Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
2006-02-20 20:47:50 +00:00
Clement Laforet
c5d4c969c8 Cleanups and fixes
- remove useless options (and fix thread stuff) [1]
- move print-closest-mirror to bsd.apache.mk
- move threads configure options out of Makefile.modules
- Fix stupid logic to disable v4mapped address [2]
- and more...

Submitted/spotted by:   many, Hirohisa Yamaguchi <umq@ueo.co.jp> [1]
                        ume[2]
PR:                     ports/91813 [1]
2006-01-15 18:58:38 +00:00
Clement Laforet
153589a262 - Fix typo (it's actually in apache SVN repo)
Reported by:	 Matt Smith <matt@xtaz.co.uk>
2005-12-13 10:51:41 +00:00
Clement Laforet
db0466bc1e SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
     to avoid potential cross-site scripting.  Change also made to
     ap_escape_html so we escape quotes.  Reported by JPCERT.
     [Mark Cox]

Reported by:    simon
2005-12-12 20:55:14 +00:00
Clement Laforet
a172725741 - Fix plist (forgot when I add mod_filter) [1]
- workaround apr detection. Now apache22 build his own apr, even if apr
  is installed, unless you define WITH_APR_FROM_PORTS.

Reported by:    pointyhat via kris [1]
2005-12-10 12:03:11 +00:00
Clement Laforet
0b1f4f30b9 - Update to 2.1.8
Not all new cool stuff is supported but it will be when  2.2.0
  comes out.
2005-10-30 20:39:05 +00:00
Clement Laforet
c571d84e6a - Fix event MPM build [1]
- Add a small UPDATING entry. You have to rebuild all your apache modules.

Reported by:	clement's apache tinderbox [1]
2005-02-24 08:48:57 +00:00
Clement Laforet
4b58bbf26b - Update to 2.1.3
If you can't fetch the distfile, fetch http://httpd.apache.org/dev/dist/httpd-2.1.3-alpha.tar.bz2
into ${PORTSDIR}/distfiles/apache21
2005-02-23 10:59:45 +00:00
Clement Laforet
38893d64f6 - Fix envvar.d stuff 2005-02-05 18:26:21 +00:00
Clement Laforet
ae9562845c - Add support for databases/db43 in apache2[1] and apache21.
- rename files/patch-srclib:apr-utils:build:dbm.m4 to
  files/patch-srclib:apr-util:build:dbm.m4

Based on PR:		ports/76152 [1]
Submitted by:		Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1]
2005-01-17 20:30:08 +00:00
Clement Laforet
4e80ec5376 o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]
2005-01-11 13:45:05 +00:00
Clement Laforet
9e10a6de6c - Add forgotten patch in previous commit. This fix installation of
stalled ${PREFIX}/sbin/envvar-std

Noticed by:		our wonderful ports janitor pseudo-bot
Huge Pointy Hat to:	me
2004-12-21 08:35:51 +00:00
Clement Laforet
f923f178ec - Sync with www/apache2:
- mod_ssl fix
  - make envvars modular
- Try to make pointyhat happy [1]

Obtained from:  devel/apr [1]
2004-12-18 11:09:00 +00:00
Clement Laforet
97d30de795 - Move standard configuration files to ${EXAMPLESDIR} to not get
dist config files installed in ${PREFIX}/etc/apache21
- Add support for Event MPM and add backport from apr to support
  APR_POLLSET_THREADSAFE (needed by Event MPM and forgotten @ release
  time) [1]
- misc cleanups
- Bump PORTREVISION to reflect all cool changes which occured today ;)

Obtained from:  apr svn repository
2004-12-13 18:48:03 +00:00
Clement Laforet
53975fd702 - Sync apache-apr layout with devel/apr one (to avoid another hack for
subversion)
- Add support for APR_FROM_PORTS
2004-12-13 10:26:52 +00:00
Clement Laforet
a3468fefcb - Add apache 2.1.2
This is a development version, awaiting for 2.2
2004-12-11 18:06:04 +00:00
Clement Laforet
305f53d791 Oops I forgot one file... 2004-03-17 08:44:03 +00:00
Clement Laforet
203ad8c8b9 - Move apache21 to Attic.
Will be back soon ;-)

Suggested by:		kris
2004-03-17 08:41:58 +00:00
Trevor Johnson
15bb1ce95f Update to 2.0.48, which has corrections for two security bugs:
- CAN-2003-0789:  information leak in mod_cgid
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0789>
- CAN-2003-0542:  buffer overflow in mod_alias and mod_rewrite
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542>

Use a DIST_SUBDIR.  Use the DOCSDIR macro.

Add options: HTTP_PORT, IPV6_V6ONLY, NO_CGI, NO_ERROR, NO_ICONS,
NO_WWW, NO_WWWDATA, WITHOUT_AUTH, WITHOUT_DAV, WITHOUT_MODULES,
WITHOUT_MODULES, WITHOUT_PROXY, WITH_ALL_STATIC_APACHE, WITH_BERKELEYDB,
WITH_CUSTOM_AUTH, WITH_CUSTOM_PROXY, WITH_DBM, WITH_EXTRA_MODULES,
WITH_MODULES, WITH_MPM, WITH_STATIC_APACHE, WITH_STATIC_MODULES and
WITH_STATIC_SUPPORT

PR:		58654
Submitted by:	Clement Laforet (maintainer)
2003-10-29 22:46:45 +00:00
Hye-Shik Chang
6d59a529a8 [SECURITY FIX]
Update to 2.0.46

See vulnerability details at:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0189

PR:		52768 [1]
Submitted by:	Xin Li <delphij@freebsdchina.org> [1],
		Miguel Mendez <flynn@energyhq.es.eu.org>,
		Trevor Johnson <trevor@FreeBSD.org>,
		Mark Gooderum <mark@verniernetworks.com>,
		John Walsh <zed@maths.tcd.ie>
2003-06-01 00:09:42 +00:00
Hye-Shik Chang
bf43aeb821 Add missed files on the previous commit. 2003-04-04 02:38:27 +00:00
Hye-Shik Chang
408824d8e0 Update to 2.0.45. This update fixes a DDOS vulnerability.
PR:		50564 [1]
Submitted by:	Cy Schubert <cy@FreeBSD.org>, delphij@hotmail.com [1]
Requested by:	many
2003-04-04 02:36:57 +00:00
Hye-Shik Chang
21de316435 Move bin/ap[ru]-config to lib/apache2/ to coexist with devel/apr-devel
Bumped PORTREVISION accordingly.

PR:		ports/39091
Submitted by:	Marc Recht <marc@informatik.uni-bremen.de>
2003-01-08 11:29:55 +00:00
Hye-Shik Chang
433e3d97bd o Change installbuilddir to $PREFIX/share/apache2/build to make porting
3rd party modules easy. [1]
o Include <limits.h> before <sys/syslimits.h> to reduce warnings on -CURRENT

PR:		44104 [1]
Submitted by:	Clement Laforet <sheepkiller@cultdeadsheep.org> [1]
2002-11-15 13:35:56 +00:00
Kris Kennaway
5c8de5fcae Update to apache 1.3.27 and 2.0.43. This fixes a security vulnerability.
Mark apache13-ssl FORBIDDEN because the new version does not yet exist.

Partially based on patches submitted by below authors.

Submitted by:	"Sergey A. Osokin" <osa@freebsd.org.ru>,
		Udo Schweigert <udo.schweigert@siemens.com>,
		Lev A. Serebryakov <lev@serebryakov.spb.ru>
PR:		ports/43682, ports/43688, ports/43666, ports/43681
2002-10-05 09:18:45 +00:00
Hye-Shik Chang
447d43bde3 Update to 2.0.40 2002-08-10 00:56:52 +00:00
Hye-Shik Chang
1e1df07282 - Add a small hack for worker MPM [1]
(worker MPM with this hack seems to work without visible problems.
   and still requires -DFORCE_THREADING_MPM to build for worker MPM.)
- Fix plist for worker MPM
- Comment out fancy modules from default httpd.conf

Tested on:      ref5.freebsd.org, several 4-stable machines [1]
2002-07-21 02:23:33 +00:00
Hye-Shik Chang
2a0ac18cea Correct envvars path on apachectl(1)
Submitted by:	Franco Venturi <fventuri@attbi.com>
2002-07-11 12:24:53 +00:00
Hye-Shik Chang
f3cc6576b2 - Add a patch for a bug on infinite loop in HTTP_IN
filter that allows DoS attack.
- Bump PORTREVISION
- Change maintainer address

Obtained from: Apache Group CVS (rev 1.150-1.151)
2002-07-09 11:22:19 +00:00
Hye-Shik Chang
0360be38d5 Fix more fatal bugs on htpasswd(1)
Requested by:	"Jon Noack" <noackjr@compgeek.com>
Obtained from:	Apache Group CVS (rev 1.49-1.51)
2002-07-08 07:42:04 +00:00
Hye-Shik Chang
d1eb2ba3f9 o Fix the htpasswd logic bug around -c and -n options
o Take away WITH_BUNDLED_EXPAT option (use textproc/expat2)
o Bump PORTREVISION

Prompted by:	Jon Noack <noackjr@rice.edu> (htpasswd)
Obtained from:	Apache Project's CVS (htpasswd)
2002-06-27 00:22:40 +00:00
Patrick Li
159c4b8012 - Sync www/apache13's change (.default -> -dist)
- Change default to WITH_BULDLED_EXPAT
- Reorder .if .endif blocks (.if WITH_MPM must appear earlier than .if
WITHOUT_CACHE)
- Some minor style fixes
- Bump PORTREVISION

PR:		ports/39635
Submitted by:	maintainer
2002-06-21 23:47:25 +00:00
Patrick Li
ea103f8b13 - Update to 2.0.39, the emergency security update.
- Unmark FORBIDDEN

PR:		ports/39477
Submitted by:	maintainer
2002-06-18 23:02:05 +00:00
Ying-Chieh Liao
e55081b766 - Better WITH_SUEXEC support
- Build with textproc/expat2 unless defined(WITH_BUNDLED_EXPAT)

PR:		38552
Submitted by:	maintainer
2002-05-26 13:25:04 +00:00
Cy Schubert
90cd8b73d7 1. Upgrade 2.0.35 --> 2.0.36
2.  Port printed message to "pw userdel www" if port removed permanently.
    However master.passwd 1.25.2.5 has user www by default, so this is no
    longer correct advice.  Removed pkg-deinstall to correct this.

PR:		37849 and 36907
Approved by:	MAINTAINER:  Hye-Shik Chang <perky@fallin.lv>
2002-05-09 03:55:18 +00:00
Ying-Chieh Liao
a7fe341967 Respect $DESTDIR for all paths
PR:		37211
Submitted by:	maintainer
2002-04-18 20:29:41 +00:00
Patrick Li
ff132cd6d8 Remove this patch since perl patch in port Makefile is used to
accomplish this.

PR:		37046
Submitted by:	Helge Oldach <send-pr@oldach.net>
Approved by:	maintainer
2002-04-14 20:37:28 +00:00
David E. O'Brien
890f276009 Fix 'expr' usage and allow to compile with GCC 3.1.
Submitted by:	Hye-Shik Chang <perky@fallin.lv> (maintainer)
2002-04-11 03:41:12 +00:00
Patrick Li
c856fac3ab Update to 2.0.35 (first GA release!)
PR:		36834
Submitted by:	maintainer
2002-04-08 06:45:33 +00:00
Patrick Li
499e0c4b79 Update to 2.0.32
PR:		36040
Submitted by:	maintainer
2002-03-23 08:31:55 +00:00
David W. Chapman Jr.
cb24f98430 Fix problem where installation would overwrite existing config files
Bump PORTREVISION

Submitted by:	maintainer
2002-01-22 16:01:35 +00:00
Ying-Chieh Liao
3662cec740 Fix invalid path problem on building extension module with apxs.
PR:		32638
Submitted by:	maintainer
2001-12-13 10:12:38 +00:00
David W. Chapman Jr.
6d2b11cde9 Update to 2.0.28
PR:		32043
Submitted by:	maintainer
2001-11-19 22:47:47 +00:00
Andrey A. Chernov
14850c029a Sync with main Apache
Submitted by:	MAINTAINER
2001-10-24 16:03:38 +00:00
Will Andrews
d0166f0dd3 Fix problems with configure bug that doesn't evaluate variables for
support/*.in.

PR:		26570
Submitted by:	maintainer
Found by:	mharo
2001-04-17 17:26:55 +00:00
Will Andrews
cfa00f01bb Bring in Apache 2.0.16-beta. Just in time for the release...
PR:		26410
Submitted by:	Chang, Hye-Shik <perky@python.or.kr>
Repocopied by:	asami
2001-04-13 04:43:48 +00:00
Andrey A. Chernov
eb11ba8c12 Add official patch to not coredump on missing ServerName
PR:		26237
Submitted by:	Scot W. Hetzel <hetzels@westbend.net>
2001-03-31 20:01:09 +00:00
Andrey A. Chernov
c8a277dd4a Fix path to apachectl in stop 2000-07-18 10:17:39 +00:00