Update apache22 package to 2.2.15. For full changes information please refer: http://www.apache.org/dist/httpd/Announcement2.2.html. Here is security related changes from ChangeLog (http://www.apache.org/dist/httpd/CHANGES_2.2.15). Changes with Apache 2.2.15 *) SECURITY: CVE-2009-3555 (cve.mitre.org) mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. Forcibly disable keepalive for the connection if there is any buffered data readable. Any configuration which requires renegotiation for per-directory/location access control is still vulnerable, unless using OpenSSL >= 0.9.8l. [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>] *) SECURITY: CVE-2010-0408 (cve.mitre.org) mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>] *) SECURITY: CVE-2010-0425 (cve.mitre.org) mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]diff -r1.55 -r1.56 pkgsrc/www/apache22/Makefile
(taca)
@@ -1,19 +1,17 @@ | @@ -1,19 +1,17 @@ | |||
1 | # $NetBSD: Makefile,v 1.55 2010/01/17 12:02:48 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.56 2010/03/09 02:30:15 taca Exp $ | |
2 | 2 | |||
3 | DISTNAME= httpd-2.2.14 | 3 | DISTNAME= httpd-2.2.15 | |
4 | PKGNAME= ${DISTNAME:S/httpd/apache/} | 4 | PKGNAME= ${DISTNAME:S/httpd/apache/} | |
5 | #PKGREVISION= 3 | |||
6 | PKGREVISION= 1 | |||
7 | CATEGORIES= www | 5 | CATEGORIES= www | |
8 | MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ | 6 | MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ | |
9 | http://archive.apache.org/dist/httpd/ \ | 7 | http://archive.apache.org/dist/httpd/ \ | |
10 | http://archive.eu.apache.org/dist/httpd/ | 8 | http://archive.eu.apache.org/dist/httpd/ | |
11 | EXTRACT_SUFX= .tar.bz2 | 9 | EXTRACT_SUFX= .tar.bz2 | |
12 | 10 | |||
13 | MAINTAINER= tron@NetBSD.org | 11 | MAINTAINER= tron@NetBSD.org | |
14 | HOMEPAGE= http://httpd.apache.org/ | 12 | HOMEPAGE= http://httpd.apache.org/ | |
15 | COMMENT= Apache HTTP (Web) server, version 2.2 | 13 | COMMENT= Apache HTTP (Web) server, version 2.2 | |
16 | LICENSE= apache-2.0 | 14 | LICENSE= apache-2.0 | |
17 | 15 | |||
18 | PKG_DESTDIR_SUPPORT= user-destdir | 16 | PKG_DESTDIR_SUPPORT= user-destdir | |
19 | 17 |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.15 2009/10/30 21:10:57 christos Exp $ | 1 | @comment $NetBSD: PLIST,v 1.16 2010/03/09 02:30:15 taca Exp $ | |
2 | ${PLIST.suexec}sbin/suexec | 2 | ${PLIST.suexec}sbin/suexec | |
3 | include/httpd/ap_compat.h | 3 | include/httpd/ap_compat.h | |
4 | include/httpd/ap_config.h | 4 | include/httpd/ap_config.h | |
5 | include/httpd/ap_config_auto.h | 5 | include/httpd/ap_config_auto.h | |
6 | include/httpd/ap_config_layout.h | 6 | include/httpd/ap_config_layout.h | |
7 | include/httpd/ap_listen.h | 7 | include/httpd/ap_listen.h | |
8 | include/httpd/ap_mmn.h | 8 | include/httpd/ap_mmn.h | |
9 | include/httpd/ap_mpm.h | 9 | include/httpd/ap_mpm.h | |
10 | include/httpd/ap_provider.h | 10 | include/httpd/ap_provider.h | |
11 | include/httpd/ap_regex.h | 11 | include/httpd/ap_regex.h | |
12 | include/httpd/ap_regkey.h | 12 | include/httpd/ap_regkey.h | |
13 | include/httpd/ap_release.h | 13 | include/httpd/ap_release.h | |
14 | include/httpd/http_config.h | 14 | include/httpd/http_config.h | |
@@ -859,26 +859,28 @@ share/httpd/manual/mod/mod_proxy_ajp.htm | @@ -859,26 +859,28 @@ share/httpd/manual/mod/mod_proxy_ajp.htm | |||
859 | share/httpd/manual/mod/mod_proxy_ajp.html.ja.utf8 | 859 | share/httpd/manual/mod/mod_proxy_ajp.html.ja.utf8 | |
860 | share/httpd/manual/mod/mod_proxy_balancer.html | 860 | share/httpd/manual/mod/mod_proxy_balancer.html | |
861 | share/httpd/manual/mod/mod_proxy_balancer.html.en | 861 | share/httpd/manual/mod/mod_proxy_balancer.html.en | |
862 | share/httpd/manual/mod/mod_proxy_balancer.html.ja.utf8 | 862 | share/httpd/manual/mod/mod_proxy_balancer.html.ja.utf8 | |
863 | share/httpd/manual/mod/mod_proxy_connect.html | 863 | share/httpd/manual/mod/mod_proxy_connect.html | |
864 | share/httpd/manual/mod/mod_proxy_connect.html.en | 864 | share/httpd/manual/mod/mod_proxy_connect.html.en | |
865 | share/httpd/manual/mod/mod_proxy_connect.html.ja.utf8 | 865 | share/httpd/manual/mod/mod_proxy_connect.html.ja.utf8 | |
866 | share/httpd/manual/mod/mod_proxy_ftp.html | 866 | share/httpd/manual/mod/mod_proxy_ftp.html | |
867 | share/httpd/manual/mod/mod_proxy_ftp.html.en | 867 | share/httpd/manual/mod/mod_proxy_ftp.html.en | |
868 | share/httpd/manual/mod/mod_proxy_http.html | 868 | share/httpd/manual/mod/mod_proxy_http.html | |
869 | share/httpd/manual/mod/mod_proxy_http.html.en | 869 | share/httpd/manual/mod/mod_proxy_http.html.en | |
870 | share/httpd/manual/mod/mod_proxy_scgi.html | 870 | share/httpd/manual/mod/mod_proxy_scgi.html | |
871 | share/httpd/manual/mod/mod_proxy_scgi.html.en | 871 | share/httpd/manual/mod/mod_proxy_scgi.html.en | |
872 | share/httpd/manual/mod/mod_reqtimeout.html | |||
873 | share/httpd/manual/mod/mod_reqtimeout.html.en | |||
872 | share/httpd/manual/mod/mod_rewrite.html | 874 | share/httpd/manual/mod/mod_rewrite.html | |
873 | share/httpd/manual/mod/mod_rewrite.html.en | 875 | share/httpd/manual/mod/mod_rewrite.html.en | |
874 | share/httpd/manual/mod/mod_setenvif.html | 876 | share/httpd/manual/mod/mod_setenvif.html | |
875 | share/httpd/manual/mod/mod_setenvif.html.en | 877 | share/httpd/manual/mod/mod_setenvif.html.en | |
876 | share/httpd/manual/mod/mod_setenvif.html.ja.utf8 | 878 | share/httpd/manual/mod/mod_setenvif.html.ja.utf8 | |
877 | share/httpd/manual/mod/mod_setenvif.html.ko.euc-kr | 879 | share/httpd/manual/mod/mod_setenvif.html.ko.euc-kr | |
878 | share/httpd/manual/mod/mod_setenvif.html.tr.utf8 | 880 | share/httpd/manual/mod/mod_setenvif.html.tr.utf8 | |
879 | share/httpd/manual/mod/mod_so.html | 881 | share/httpd/manual/mod/mod_so.html | |
880 | share/httpd/manual/mod/mod_so.html.en | 882 | share/httpd/manual/mod/mod_so.html.en | |
881 | share/httpd/manual/mod/mod_so.html.ja.utf8 | 883 | share/httpd/manual/mod/mod_so.html.ja.utf8 | |
882 | share/httpd/manual/mod/mod_so.html.ko.euc-kr | 884 | share/httpd/manual/mod/mod_so.html.ko.euc-kr | |
883 | share/httpd/manual/mod/mod_so.html.tr.utf8 | 885 | share/httpd/manual/mod/mod_so.html.tr.utf8 | |
884 | share/httpd/manual/mod/mod_speling.html | 886 | share/httpd/manual/mod/mod_speling.html |
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | $NetBSD: distinfo,v 1.30 2010/03/05 00:22:59 taca Exp $ | 1 | $NetBSD: distinfo,v 1.31 2010/03/09 02:30:15 taca Exp $ | |
2 | 2 | |||
3 | SHA1 (httpd-2.2.14.tar.bz2) = eacd04c87b489231ae708c84a77dc8e9ee176fd2 | 3 | SHA1 (httpd-2.2.15.tar.bz2) = 5f0e973839ed2e38a4d03adba109ef5ce3381bc2 | |
4 | RMD160 (httpd-2.2.14.tar.bz2) = ff5077e444ba995475202bb3b9be733384c809d1 | 4 | RMD160 (httpd-2.2.15.tar.bz2) = e5c5da1fdf86a6b0501f6c8e97ccb1982e81cfdf | |
5 | Size (httpd-2.2.14.tar.bz2) = 5147171 bytes | 5 | Size (httpd-2.2.15.tar.bz2) = 4959582 bytes | |
6 | SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf | 6 | SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf | |
7 | SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 | 7 | SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 | |
8 | SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad | 8 | SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad | |
9 | SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 | 9 | SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 | |
10 | SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 | 10 | SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 | |
11 | SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 | 11 | SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 | |
12 | SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 | 12 | SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 | |
13 | SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 | 13 | SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 | |
14 | SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 | 14 | SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 | |
15 | SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 | 15 | SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 |