---
- branch: MAIN
  date: Sun Aug 26 12:37:34 UTC 2012
  files:
  - new: '1.1'
    old: '0'
    path: pkgsrc/www/apache24/MESSAGE
    pathrev: pkgsrc/www/apache24/MESSAGE@1.1
    type: added
  - new: '1.10'
    old: '1.9'
    path: pkgsrc/www/apache24/Makefile
    pathrev: pkgsrc/www/apache24/Makefile@1.10
    type: modified
  - new: '1.8'
    old: '1.7'
    path: pkgsrc/www/apache24/PLIST
    pathrev: pkgsrc/www/apache24/PLIST@1.8
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/www/apache24/distinfo
    pathrev: pkgsrc/www/apache24/distinfo@1.6
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/www/apache24/options.mk
    pathrev: pkgsrc/www/apache24/options.mk@1.6
    type: modified
  id: 20120826T123734Z.307637878eaa2c242528f564650bbe0389d96b18
  log: "Update to 2.4.3\n\n* Fix security problems.\n* Build three Multi-Processing
    Model shared libraries,\n  and select default model with option\n* Retire mod_cgi.so
    module, use mod_cgid.so; Add MESSAGE\n\nChangelog:\n\nChanges with Apache 2.4.3\n\n
    \ *) SECURITY: CVE-2012-3502  (cve.mitre.org)\n     mod_proxy_ajp, mod_proxy_http:
    Fix an issue in back end\n     connection closing which could lead to privacy
    issues due\n     to a response mixup. PR 53727. [Rainer Jung]\n\n  *) SECURITY:
    CVE-2012-2687 (cve.mitre.org)\n     mod_negotiation: Escape filenames in variant
    list to prevent an\n     possible XSS for a site where untrusted users can upload
    files to\n     a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]\n\n
    \ *) mod_authnz_ldap: Don't try a potentially expensive nested groups\n     search
    before exhausting all AuthLDAPGroupAttribute checks on the\n     current group.
    PR 52464 [Eric Covener]\n\n  *) mod_lua: Add new directive LuaAuthzProvider to
    allow implementing an\n     authorization provider in lua. [Stefan Fritsch]\n\n
    \ *) core: Be less strict when checking whether Content-Type is set to\n     \"application/x-www-form-urlencoded\"
    when parsing POST data,\n     or we risk losing data with an appended charset.
    PR 53698\n     [Petter Berntsen <petterb gmail.com>]\n\n  *) httpd.conf: Added
    configuration directives to set a bad_DNT environment\n     variable based on
    User-Agent and to remove the DNT header field from\n     incoming requests when
    a match occurs. This currently has the effect of\n     removing DNT from requests
    by MSIE 10.0 because it deliberately violates\n     the current specification
    of DNT semantics for HTTP. [Roy T. Fielding]\n\n  *) mod_socache_shmcb: Fix bus
    error due to a misalignment\n     in some 32 bit builds, especially on Solaris
    Sparc.\n     PR 53040.  [Rainer Jung]\n\n  *) mod_cache: Set content type in case
    we return stale content.\n     [Ruediger Pluem]\n\n  *) Windows: Fix SSL failures
    on windows with AcceptFilter https none.\n     PR 52476.  [Jeff Trawick]\n\n  *)
    ab: Fix read failure when targeting SSL server.  [Jeff Trawick]\n\n  *) The following
    now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:\n     - mod_auth_digest:
    shared memory file\n     [Jeff Trawick]\n\n  *) htpasswd: Use correct file mode
    for checking if file is writable.\n     PR 45923. [Stefan Fritsch]\n\n  *) mod_rewrite:
    Fix crash with dbd RewriteMaps. PR 53663. [Mikhail T.\n     <mi apache aldan algebra
    com>]\n\n  *) mod_ssl: Add new directive SSLCompression to disable TLS-level\n
    \    compression. PR 53219. [Bjæ\x97¦rn Jacke <bjoern j3e de>, Stefan Fritsch]\n\n
    \ *) mod_lua: Add a few missing request_rec fields. Rename remote_ip to\n     client_ip
    to match conn_rec. [Stefan Fritsch]\n\n  *) mod_lua: Change prototype of vm_construct,
    to work around gcc bug which\n     causes a segfault. PR 52779. [Dick Snippe <Dick
    Snippe tech omroep nl>]\n\n  *) mpm_event: Don't count connections in lingering
    close state when\n     calculating how many additional connections may be accepted.\n
    \    [Stefan Fritsch]\n\n  *) mod_ssl: If exiting during initialization because
    of a fatal error,\n     log a message to the main error log pointing to the appropriate\n
    \    virtual host error log. [Stefan Fritsch]\n\n  *) mod_proxy_ajp: Reduce memory
    usage in case of many keep-alive requests on\n     one connection. PR 52275. [Naohiro
    Ooiwa <naohiro ooiwa miraclelinux com>]\n\n  *) mod_proxy_balancer: Restore balancing
    after a failed worker has\n     recovered when using lbmethod_bybusyness.  PR
    48735.  [Jeff Trawick]\n\n  *) mod_setenvif: Compile some global regex only once
    during startup.\n     This should save some memory, especially with .htaccess.\n
    \    [Stefan Fritsch]\n\n  *) core: Add the port number to the vhost's name in
    the scoreboard.\n     [Stefan Fritsch]\n\n  *) mod_proxy: Fix ProxyPassReverse
    for balancer configurations.\n     PR 45434.  [Joe Orton]\n\n  *) mod_lua: Add
    the parsebody function for parsing POST data. PR 53064.\n     [Daniel Gruno]\n\n
    \ *) apxs: Use LDFLAGS from config_vars.mk in addition to CFLAGS and CPPFLAGS.\n
    \    [Stefan Fritsch]\n\n  *) mod_proxy: Fix memory leak or possible corruption
    in ProxyBlock\n     implementation.  [Ruediger Pluem, Joe Orton]\n\n  *) mod_proxy:
    Check hostname from request URI against ProxyBlock list,\n     not forward proxy,
    if ProxyRemote* is configured.  [Joe Orton]\n\n  *) mod_proxy_connect: Avoid DNS
    lookup on hostname from request URI\n     if ProxyRemote* is configured.  PR 43697.
    \ [Joe Orton]\n\n  *) mpm_event, mpm_worker: Remain active amidst prevalent child
    process\n     resource shortages.  [Jeff Trawick]\n\n  *) Add \"strict\" and \"warnings\"
    pragmas to Perl scripts.  [Rich Bowen]\n\n  *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:\n
    \    - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and\n       mutexes
    (Mutex)\n     [Jim Jagielski]\n\n  *) ab: Fix bind() errors.  [Joe Orton]\n\n
    \ *) mpm_event: Don't do a blocking write when starting a lingering close\n     from
    the listener thread. PR 52229. [Stefan Fritsch]\n\n  *) mod_so: If a filename
    without slashes is specified for LoadFile or\n     LoadModule and the file cannot
    be found in the server root directory,\n     try to use the standard dlopen()
    search path. [Stefan Fritsch]\n\n  *) mpm_event, mpm_worker: Fix cases where the
    spawn rate wasn't reduced\n     after child process resource shortages.  [Jeff
    Trawick]\n\n  *) mpm_prefork: Reduce spawn rate after a child process exits due
    to\n     unexpected poll or accept failure.  [Jeff Trawick]\n\n  *) core: Log
    value of Status header line in script responses rather\n     than the fixed header
    name.  [Chris Darroch]\n\n  *) mpm_ssl: Fix handling of empty response from OCSP
    server.\n     [Jim Meyering <meyering redhat.com>, Joe Orton]\n\n  *) mpm_event:
    Fix handling of MaxConnectionsPerChild. [Stefan Fritsch]\n\n  *) mod_authz_core:
    If an expression in \"Require expr\" returns denied and\n     references %{REMOTE_USER},
    trigger authentication and retry. PR 52892.\n     [Stefan Fritsch]\n\n  *) core:
    Always log if LimitRequestFieldSize triggers.  [Stefan Fritsch]\n\n  *) mod_deflate:
    Skip compression if compression is enabled at SSL level.\n     [Stefan Fritsch]\n\n
    \ *) core: Add missing HTTP status codes registered with IANA.\n     [Julian Reschke
    <julian.reschke gmx.de>, Rainer Jung]\n\n  *) mod_ldap: Treat the \"server unavailable\"
    condition as a transient\n     error with all LDAP SDKs.  [Filip Valder <filip.valder
    vsb.cz>]\n\n  *) core: Fix spurious \"not allowed here\" error returned when the
    Options\n     directive is used in .htaccess and \"AllowOverride Options\" (with
    no\n     specific options restricted) is configured.  PR 53444. [Eric Covener]\n\n
    \ *) mod_authz_core: Fix parsing of Require arguments in <AuthzProviderAlias>.\n
    \    PR 53048. [Stefan Fritsch]\n\n  *) mod_log_config: Fix %{abc}C truncating
    cookie values at first \"=\".\n     PR 53104. [Greg Ames]\n\n  *) mod_ext_filter:
    Fix error_log spam when input filters are configured.\n     [Joe Orton]\n\n  *)
    mod_rewrite: Add \"AllowAnyURI\" option. PR 52774. [Joe Orton]\n\n  *) htdbm,
    htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled).\n     [Paul Wouters
    <pwouters redhat.com>, Joe Orton]\n\n  *) core: Use a TLS 1.0 close_notify alert
    for internal dummy connection if\n     the chosen listener is configured for https.
    [Joe Orton]\n\n  *) mod_proxy: Use the the same hostname for SNI as for the HTTP
    request when\n     forwarding to SSL backends. PR 53134.\n     [Michael Weiser
    <michael weiser.dinsnail.net>, Ruediger Pluem]\n\n  *) mod_info: Display all registered
    providers. [Stefan Fritsch]\n\n  *) mod_ssl: Send the error message for speaking
    http to an https port using\n     HTTP/1.0 instead of HTTP/0.9, and omit the link
    that may be wrong when\n     using SNI. PR 50823. [Stefan Fritsch]\n\n  *) core:
    Fix segfault in logging if r->useragent_addr or c->client_addr is\n     unset.
    PR 53265. [Stefan Fritsch]\n\n  *) log_server_status: Bring Perl style forward
    to the present, use\n     standard modules, update for new format of server-status
    output.\n     PR 45424. [Richard Bowen, Dave Brondsema, and others]\n\n  *) mod_sed,
    mod_log_debug, mod_rewrite: Symbol namespace cleanups.\n     [Joe Orton, Andr辿
    Malo]\n\n  *) core: Prevent \"httpd -k restart\" from killing server in presence
    of\n     config error. [Joe Orton]\n\n  *) mod_proxy_fcgi: If there is an error
    reading the headers from the\n     backend, send an error to the client. PR 52879.
    [Stefan Fritsch]\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/apache24'
  unixtime: '1345984654'
  user: ryoon