Tue Mar 9 02:30:15 2010 UTC ()
Update apache22 package to 2.2.15.
For full changes information please refer:
http://www.apache.org/dist/httpd/Announcement2.2.html.
Here is security related changes from ChangeLog
(http://www.apache.org/dist/httpd/CHANGES_2.2.15).
Changes with Apache 2.2.15
*) SECURITY: CVE-2009-3555 (cve.mitre.org)
mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
by rejecting any client-initiated renegotiations. Forcibly disable
keepalive for the connection if there is any buffered data readable. Any
configuration which requires renegotiation for per-directory/location
access control is still vulnerable, unless using OpenSSL >= 0.9.8l.
[Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]
*) SECURITY: CVE-2010-0408 (cve.mitre.org)
mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
when request headers indicate a request body is incoming; not a case of
HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>]
*) SECURITY: CVE-2010-0425 (cve.mitre.org)
mod_isapi: Do not unload an isapi .dll module until the request
processing is completed, avoiding orphaned callback pointers.
[Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
(taca)
diff -r1.55 -r1.56 pkgsrc/www/apache22/Makefile
diff -r1.15 -r1.16 pkgsrc/www/apache22/PLIST
diff -r1.30 -r1.31 pkgsrc/www/apache22/distinfo
--- pkgsrc/www/apache22/Attic/Makefile 2010/01/17 12:02:48 1.55
+++ pkgsrc/www/apache22/Attic/Makefile 2010/03/09 02:30:15 1.56
@@ -1,9 +1,7 @@
-# $NetBSD: Makefile,v 1.55 2010/01/17 12:02:48 wiz Exp $
+# $NetBSD: Makefile,v 1.56 2010/03/09 02:30:15 taca Exp $
-DISTNAME= httpd-2.2.14
+DISTNAME= httpd-2.2.15
PKGNAME= ${DISTNAME:S/httpd/apache/}
-#PKGREVISION= 3
-PKGREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
http://archive.apache.org/dist/httpd/ \
--- pkgsrc/www/apache22/Attic/PLIST 2009/10/30 21:10:57 1.15
+++ pkgsrc/www/apache22/Attic/PLIST 2010/03/09 02:30:15 1.16
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.15 2009/10/30 21:10:57 christos Exp $
+@comment $NetBSD: PLIST,v 1.16 2010/03/09 02:30:15 taca Exp $
${PLIST.suexec}sbin/suexec
include/httpd/ap_compat.h
include/httpd/ap_config.h
@@ -869,6 +869,8 @@
share/httpd/manual/mod/mod_proxy_http.html.en
share/httpd/manual/mod/mod_proxy_scgi.html
share/httpd/manual/mod/mod_proxy_scgi.html.en
+share/httpd/manual/mod/mod_reqtimeout.html
+share/httpd/manual/mod/mod_reqtimeout.html.en
share/httpd/manual/mod/mod_rewrite.html
share/httpd/manual/mod/mod_rewrite.html.en
share/httpd/manual/mod/mod_setenvif.html
--- pkgsrc/www/apache22/Attic/distinfo 2010/03/05 00:22:59 1.30
+++ pkgsrc/www/apache22/Attic/distinfo 2010/03/09 02:30:15 1.31
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.30 2010/03/05 00:22:59 taca Exp $
+$NetBSD: distinfo,v 1.31 2010/03/09 02:30:15 taca Exp $
-SHA1 (httpd-2.2.14.tar.bz2) = eacd04c87b489231ae708c84a77dc8e9ee176fd2
-RMD160 (httpd-2.2.14.tar.bz2) = ff5077e444ba995475202bb3b9be733384c809d1
-Size (httpd-2.2.14.tar.bz2) = 5147171 bytes
+SHA1 (httpd-2.2.15.tar.bz2) = 5f0e973839ed2e38a4d03adba109ef5ce3381bc2
+RMD160 (httpd-2.2.15.tar.bz2) = e5c5da1fdf86a6b0501f6c8e97ccb1982e81cfdf
+Size (httpd-2.2.15.tar.bz2) = 4959582 bytes
SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf
SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150
SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad