Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_151059275013720"
MIME-Version: 1.0
Date: Mon, 13 Nov 2017 17:05:50 +0000
From: "S.P.Zeidler" <spz@netbsd.org>
Subject: CVS commit: [pkgsrc-2017Q3] pkgsrc/www/apache22
To: pkgsrc-changes@NetBSD.org
Reply-To: spz@netbsd.org
Message-Id: <20171113170550.A5136FBDE@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_151059275013720
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	spz
Date:		Mon Nov 13 17:05:50 UTC 2017

Modified Files:
	pkgsrc/www/apache22 [pkgsrc-2017Q3]: Makefile distinfo

Log Message:
Pullup ticket #5643 - requested by he
www/apache22: security patch

Revisions pulled up:
- www/apache22/Makefile                                         1.114
- www/apache22/distinfo                                         1.68

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Sep 28 04:58:29 UTC 2017

   Modified Files:
   	pkgsrc/www/apache22: Makefile distinfo

   Log Message:
   apache: update to 2.2.34nb1.

   Apply upstream patch to fix CVE 2017-9798.

   To generate a diff of this commit:
   cvs rdiff -u -r1.113 -r1.114 pkgsrc/www/apache22/Makefile
   cvs rdiff -u -r1.67 -r1.68 pkgsrc/www/apache22/distinfo


To generate a diff of this commit:
cvs rdiff -u -r1.113 -r1.113.4.1 pkgsrc/www/apache22/Makefile
cvs rdiff -u -r1.67 -r1.67.4.1 pkgsrc/www/apache22/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_151059275013720
Content-Disposition: inline
Content-Length: 1984
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/www/apache22/Makefile
diff -u pkgsrc/www/apache22/Makefile:1.113 pkgsrc/www/apache22/Makefile:1.113.4.1
--- pkgsrc/www/apache22/Makefile:1.113	Wed Jul 12 07:00:40 2017
+++ pkgsrc/www/apache22/Makefile	Mon Nov 13 17:05:50 2017
@@ -1,13 +1,17 @@
-# $NetBSD: Makefile,v 1.113 2017/07/12 07:00:40 adam Exp $
+# $NetBSD: Makefile,v 1.113.4.1 2017/11/13 17:05:50 spz Exp $
 
 DISTNAME=	httpd-2.2.34
 PKGNAME=	${DISTNAME:S/httpd/apache/}
+PKGREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_APACHE:=httpd/}
 MASTER_SITES+=	http://archive.apache.org/dist/httpd/
 MASTER_SITES+=	http://archive.eu.apache.org/dist/httpd/
 EXTRACT_SUFX=	.tar.bz2
 
+PATCH_SITES=	https://www.apache.org/dist/httpd/patches/apply_to_2.2.34/
+PATCHFILES=	CVE-2017-9798-patch-2.2.patch
+
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://httpd.apache.org/
 COMMENT=	Apache HTTP (Web) server, version 2.2

Index: pkgsrc/www/apache22/distinfo
diff -u pkgsrc/www/apache22/distinfo:1.67 pkgsrc/www/apache22/distinfo:1.67.4.1
--- pkgsrc/www/apache22/distinfo:1.67	Wed Jul 12 07:00:40 2017
+++ pkgsrc/www/apache22/distinfo	Mon Nov 13 17:05:50 2017
@@ -1,5 +1,9 @@
-$NetBSD: distinfo,v 1.67 2017/07/12 07:00:40 adam Exp $
+$NetBSD: distinfo,v 1.67.4.1 2017/11/13 17:05:50 spz Exp $
 
+SHA1 (CVE-2017-9798-patch-2.2.patch) = 5602d73298b1623c1aff6e2bceeec98ba0c0532e
+RMD160 (CVE-2017-9798-patch-2.2.patch) = 6dbcf86821fc69a334b537a8de1c8d610743b1b9
+SHA512 (CVE-2017-9798-patch-2.2.patch) = f4fda08d3c3f66cc6d1288ab986d63e9398de36fe82abff1f40f10a02f0ba570bd6c96795f8c00edaf865278373b467725a9e6031bd3c1eca60b622be17953d4
+Size (CVE-2017-9798-patch-2.2.patch) = 1145 bytes
 SHA1 (httpd-2.2.34.tar.bz2) = 829206394e238af0b800fc78d19c74ee466ecb23
 RMD160 (httpd-2.2.34.tar.bz2) = 7e913d60ac02c815edac6ab0614f5dc40618c073
 SHA512 (httpd-2.2.34.tar.bz2) = e6dac5865a48533c025fe17523ee74d68c3a23f9512c9441b78a140e33cfb6835573eb049b0ad424eb5c5ca78a1915778c54e8a409da95fbdd3890cb99e08240


--_----------=_151059275013720--