Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id 3267263B95F
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Tue, 23 Nov 2010 11:55:22 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 1321E19D5BC; Tue, 23 Nov 2010 11:55:22 +0000 (UTC)
Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd])
	by mail.netbsd.org (Postfix) with ESMTP id 415E219D478
	for <pkgsrc-changes@NetBSD.org>; Tue, 23 Nov 2010 11:55:16 +0000 (UTC)
Received: by cvs.netbsd.org (Postfix, from userid 500)
	id 33BED175DD; Tue, 23 Nov 2010 11:55:16 +0000 (UTC)
MIME-Version: 1.0
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"
Date: Tue, 23 Nov 2010 11:55:16 +0000
From: "OBATA Akio" <obache@netbsd.org>
Subject: CVS commit: pkgsrc/www/ap2-fcgid
To: pkgsrc-changes@NetBSD.org
Reply-To: obache@netbsd.org
X-Mailer: log_accum
Message-Id: <20101123115516.33BED175DD@cvs.netbsd.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk

Module Name:	pkgsrc
Committed By:	obache
Date:		Tue Nov 23 11:55:16 UTC 2010

Modified Files:
	pkgsrc/www/ap2-fcgid: Makefile distinfo

Log Message:
Update ap2-fcgid to 2.3.6.

Changes with mod_fcgid 2.3.6

  *) SECURITY: CVE-2010-3872 (cve.mitre.org)
     Fix possible stack buffer overwrite.  Diagnosed by the reporter.
     P R 49406.  [Edgar Frank <ef-lists email.de>]

  *) Change the default for FcgidMaxRequestLen from 1GB to 128K.
     Administrators should change this to an appropriate value based on
     site requirements.  [Jeff Trawick]

  *) Allow FastCGI apps more time to exit at shutdown before being
     forcefully killed.  [Jeff Trawick]

  *) Correct a problem that resulted in FcgidMaxProcesses being ignored
     in some situations.  P R 48981.  [<rkosolapov gmail.com>]

  *) Fix the search for processes with the proper vhost config when
     ServerName isn't set in every vhost or a module updates
     r->server->server_hostname dynamically (e.g., mod_vhost_cdb)
     or a module updates r->server dynamically (e.g., mod_vhost_ldap).
     [Jeff Trawick]

  *) FcgidPassHeader now maps header names to environment variable names
     in the usual manner: The header name is converted to upper case and
     is prefixed with HTTP_.  An additional environment variable is
     created with the legacy name.  P R 48964.  [Jeff Trawick]

  *) Allow processes to be reused within multiple phases of a request
     by releasing them into the free list as soon as possible.
     [Chris Darroch]

  *) Fix lookup of process command lines when using FcgidWrapper or
     access control directives, including within .htaccess files.
     [Chris Darroch]

  *) Resolve a regression in 2.3.5 with httpd 2.0.x on some Unix platforms;
     ownership of mutex files was incorrect, resulting in a startup failure.
     P R 48651.  [Jeff Trawick, <pservit gmail.com>]

  *) Return 500 instead of segfaulting when the application returns no output.
     [Tatsuki Sugiura <sugi nemui.org>, Jeff Trawick]

  *) In FCGI_AUTHORIZER role, avoid spawning a new process for every
     different HTTP request.  [Chris Darroch]


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/www/ap2-fcgid/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/ap2-fcgid/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.