Fri Mar 8 18:36:42 2013 UTC ()
Pullup ticket #4088 - requested by tron
www/apache22: security update

Revisions pulled up:
- www/apache22/Makefile                                         1.87
- www/apache22/PLIST                                            1.22
- www/apache22/distinfo                                         1.54

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sun Mar  3 20:05:04 UTC 2013

   Modified Files:
   	pkgsrc/www/apache22: Makefile PLIST distinfo

   Log Message:
   Update "apache" package to version 2.2.24. Changes since 2.2.23:
   - SECURITY: CVE-2012-3499 (cve.mitre.org)
     Various XSS flaws due to unescaped hostnames and URIs HTML output in
     mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
     [Jim Jagielski, Stefan Fritsch, Niels Heinen <heinenn google com>]
   - SECURITY: CVE-2012-4558 (cve.mitre.org)
     XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
     Niels Heinen <heinenn google com>]
   - mod_rewrite: Stop merging RewriteBase down to subdirectories
     unless new option 'RewriteOptions MergeBase' is configured.
     Merging RewriteBase was unconditionally turned on in 2.2.23.
     Bug Report 53963. [Eric Covener]
   - mod_ssl: Send the error message for speaking http to an https port using
     HTTP/1.0 instead of HTTP/0.9, and omit the link that may be wrong when
     using SNI. Bug Report 50823. [Stefan Fritsch]
   - mod_ssl: log revoked certificates at level INFO
     instead of DEBUG. Bug Report 52162. [Stefan Fritsch]
   - mod_proxy_ajp: Support unknown HTTP methods. Bug Report 54416.
     [Rainer Jung]
   - mod_dir: Add support for the value 'disabled' in FallbackResource.
     [Vincent Deffontaines]
   - mod_ldap: Fix regression in handling "server unavailable" errors on
     Windows.  Bug Report 54140.  [Eric Covener]
   - mod_ssl: fix a regression with the string rendering of the "UID" RDN
     introduced in 2.2.15. Bug Report 54510. [Kaspar Brand]
   - ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output
     to more accurately report the negotiated protocol. Bug Report 53916.
     [Nicol=E1s Pernas Maradei <nico emutex com>, Kaspar Brand]
   - mod_cache: Explicitly allow cache implementations to cache a 206 Partial
     Response if they so choose to do so. Previously an attempt to cache a 206
     was arbitrarily allowed if the response contained an Expires or
     Cache-Control header, and arbitrarily denied if both headers were missing.
     Currently the disk and memory cache providers do not cache 206 Partial
     Responses. [Graham Leggett]
   - core: Remove unintentional APR dependency introduced with
     Apache 2.2.22. [Eric Covener]
   - core: Use a TLS 1.0 close_notify alert for internal dummy connection if
     the chosen listener is configured for https. [Joe Orton]
   - mod_ssl: Add new directive SSLCompression to disable TLS-level
     compression. Bug Report 53219. [Bj=F6rn Jacke <bjoern j3e de>, Stefan Fri=
   tsch]

   To generate a diff of this commit:
   cvs rdiff -u -r1.86 -r1.87 pkgsrc/www/apache22/Makefile
   cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/apache22/PLIST
   cvs rdiff -u -r1.53 -r1.54 pkgsrc/www/apache22/distinfo


(spz)
diff -r1.85 -r1.85.2.1 pkgsrc/www/apache22/Makefile
diff -r1.21 -r1.21.4.1 pkgsrc/www/apache22/PLIST
diff -r1.53 -r1.53.2.1 pkgsrc/www/apache22/distinfo
cvs diff -r1.85 -r1.85.2.1 pkgsrc/www/apache22/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/apache22/Attic/Makefile 2012/12/23 21:32:41 1.85
+++ pkgsrc/www/apache22/Attic/Makefile 2013/03/08 18:36:41 1.85.2.1
@@ -1,19 +1,18 @@ @@ -1,19 +1,18 @@
1# $NetBSD: Makefile,v 1.85 2012/12/23 21:32:41 spz Exp $ 1# $NetBSD: Makefile,v 1.85.2.1 2013/03/08 18:36:41 spz Exp $
2 2
3DISTNAME= httpd-2.2.23 3DISTNAME= httpd-2.2.24
4 4
5PKGNAME= ${DISTNAME:S/httpd/apache/} 5PKGNAME= ${DISTNAME:S/httpd/apache/}
6PKGREVISION= 3 
7CATEGORIES= www 6CATEGORIES= www
8MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ 7MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
9 http://archive.apache.org/dist/httpd/ \ 8 http://archive.apache.org/dist/httpd/ \
10 http://archive.eu.apache.org/dist/httpd/ 9 http://archive.eu.apache.org/dist/httpd/
11EXTRACT_SUFX= .tar.bz2 10EXTRACT_SUFX= .tar.bz2
12 11
13MAINTAINER= tron@NetBSD.org 12MAINTAINER= tron@NetBSD.org
14HOMEPAGE= http://httpd.apache.org/ 13HOMEPAGE= http://httpd.apache.org/
15COMMENT= Apache HTTP (Web) server, version 2.2 14COMMENT= Apache HTTP (Web) server, version 2.2
16LICENSE= apache-2.0 15LICENSE= apache-2.0
17 16
18BUILD_DEFS+= IPV6_READY 17BUILD_DEFS+= IPV6_READY
19BUILD_DEFS+= VARBASE 18BUILD_DEFS+= VARBASE
cvs diff -r1.21 -r1.21.4.1 pkgsrc/www/apache22/Attic/PLIST (expand / switch to unified diff)

--- pkgsrc/www/apache22/Attic/PLIST 2012/09/16 03:33:10 1.21
+++ pkgsrc/www/apache22/Attic/PLIST 2013/03/08 18:36:42 1.21.4.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.21 2012/09/16 03:33:10 taca Exp $ 1@comment $NetBSD: PLIST,v 1.21.4.1 2013/03/08 18:36:42 spz Exp $
2include/httpd/ap_compat.h 2include/httpd/ap_compat.h
3include/httpd/ap_config.h 3include/httpd/ap_config.h
4include/httpd/ap_config_auto.h 4include/httpd/ap_config_auto.h
5include/httpd/ap_config_layout.h 5include/httpd/ap_config_layout.h
6include/httpd/ap_listen.h 6include/httpd/ap_listen.h
7include/httpd/ap_mmn.h 7include/httpd/ap_mmn.h
8include/httpd/ap_mpm.h 8include/httpd/ap_mpm.h
9include/httpd/ap_provider.h 9include/httpd/ap_provider.h
10include/httpd/ap_regex.h 10include/httpd/ap_regex.h
11include/httpd/ap_regkey.h 11include/httpd/ap_regkey.h
12include/httpd/ap_release.h 12include/httpd/ap_release.h
13include/httpd/http_config.h 13include/httpd/http_config.h
14${PLIST.worker}include/httpd/fdqueue.h 14${PLIST.worker}include/httpd/fdqueue.h
@@ -731,26 +731,27 @@ share/httpd/manual/mod/mod_authnz_ldap.h @@ -731,26 +731,27 @@ share/httpd/manual/mod/mod_authnz_ldap.h
731share/httpd/manual/mod/mod_authz_dbm.html 731share/httpd/manual/mod/mod_authz_dbm.html
732share/httpd/manual/mod/mod_authz_dbm.html.en 732share/httpd/manual/mod/mod_authz_dbm.html.en
733share/httpd/manual/mod/mod_authz_dbm.html.ko.euc-kr 733share/httpd/manual/mod/mod_authz_dbm.html.ko.euc-kr
734share/httpd/manual/mod/mod_authz_default.html 734share/httpd/manual/mod/mod_authz_default.html
735share/httpd/manual/mod/mod_authz_default.html.en 735share/httpd/manual/mod/mod_authz_default.html.en
736share/httpd/manual/mod/mod_authz_default.html.ja.utf8 736share/httpd/manual/mod/mod_authz_default.html.ja.utf8
737share/httpd/manual/mod/mod_authz_default.html.ko.euc-kr 737share/httpd/manual/mod/mod_authz_default.html.ko.euc-kr
738share/httpd/manual/mod/mod_authz_groupfile.html 738share/httpd/manual/mod/mod_authz_groupfile.html
739share/httpd/manual/mod/mod_authz_groupfile.html.en 739share/httpd/manual/mod/mod_authz_groupfile.html.en
740share/httpd/manual/mod/mod_authz_groupfile.html.ja.utf8 740share/httpd/manual/mod/mod_authz_groupfile.html.ja.utf8
741share/httpd/manual/mod/mod_authz_groupfile.html.ko.euc-kr 741share/httpd/manual/mod/mod_authz_groupfile.html.ko.euc-kr
742share/httpd/manual/mod/mod_authz_host.html 742share/httpd/manual/mod/mod_authz_host.html
743share/httpd/manual/mod/mod_authz_host.html.en 743share/httpd/manual/mod/mod_authz_host.html.en
 744share/httpd/manual/mod/mod_authz_host.html.fr
744share/httpd/manual/mod/mod_authz_host.html.ja.utf8 745share/httpd/manual/mod/mod_authz_host.html.ja.utf8
745share/httpd/manual/mod/mod_authz_host.html.ko.euc-kr 746share/httpd/manual/mod/mod_authz_host.html.ko.euc-kr
746share/httpd/manual/mod/mod_authz_owner.html 747share/httpd/manual/mod/mod_authz_owner.html
747share/httpd/manual/mod/mod_authz_owner.html.en 748share/httpd/manual/mod/mod_authz_owner.html.en
748share/httpd/manual/mod/mod_authz_owner.html.ja.utf8 749share/httpd/manual/mod/mod_authz_owner.html.ja.utf8
749share/httpd/manual/mod/mod_authz_owner.html.ko.euc-kr 750share/httpd/manual/mod/mod_authz_owner.html.ko.euc-kr
750share/httpd/manual/mod/mod_authz_user.html 751share/httpd/manual/mod/mod_authz_user.html
751share/httpd/manual/mod/mod_authz_user.html.en 752share/httpd/manual/mod/mod_authz_user.html.en
752share/httpd/manual/mod/mod_authz_user.html.ja.utf8 753share/httpd/manual/mod/mod_authz_user.html.ja.utf8
753share/httpd/manual/mod/mod_authz_user.html.ko.euc-kr 754share/httpd/manual/mod/mod_authz_user.html.ko.euc-kr
754share/httpd/manual/mod/mod_autoindex.html 755share/httpd/manual/mod/mod_autoindex.html
755share/httpd/manual/mod/mod_autoindex.html.en 756share/httpd/manual/mod/mod_autoindex.html.en
756share/httpd/manual/mod/mod_autoindex.html.fr 757share/httpd/manual/mod/mod_autoindex.html.fr
cvs diff -r1.53 -r1.53.2.1 pkgsrc/www/apache22/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/apache22/Attic/distinfo 2012/12/23 21:32:42 1.53
+++ pkgsrc/www/apache22/Attic/distinfo 2013/03/08 18:36:42 1.53.2.1
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1$NetBSD: distinfo,v 1.53 2012/12/23 21:32:42 spz Exp $ 1$NetBSD: distinfo,v 1.53.2.1 2013/03/08 18:36:42 spz Exp $
2 2
3SHA1 (httpd-2.2.23.tar.bz2) = 2776145201068045d4ed83157a0e2e1c28c4c453 3SHA1 (httpd-2.2.24.tar.bz2) = f73bce14832ec40c1aae68f4f8c367cab2266241
4RMD160 (httpd-2.2.23.tar.bz2) = 16b15876d8296a2733d4d28a8a78362d0677792d 4RMD160 (httpd-2.2.24.tar.bz2) = 4c31b23615236c407779a23cbfcc8e05ba011224
5Size (httpd-2.2.23.tar.bz2) = 5485205 bytes 5Size (httpd-2.2.24.tar.bz2) = 5490439 bytes
6SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7 6SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7
7SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 7SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150
8SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad 8SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
9SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 9SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
10SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 10SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
11SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 11SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01
12SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 12SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312
13SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 13SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1
14SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 14SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08
15SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 15SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4
16SHA1 (patch-docs_man_apxs.8) = 70797ea73ae6379492971bec1106a8427ae7fdaa 16SHA1 (patch-docs_man_apxs.8) = 70797ea73ae6379492971bec1106a8427ae7fdaa
17SHA1 (patch-lock.c) = 770ca03f1cb4421879bd5baa5a7c30cc91acb6e1 17SHA1 (patch-lock.c) = 770ca03f1cb4421879bd5baa5a7c30cc91acb6e1
18SHA1 (patch-modules_ssl_ssl__engine__kernel.c) = fd6f425d18231f0daca9fc2553638891a7241a4a 18SHA1 (patch-modules_ssl_ssl__engine__kernel.c) = fd6f425d18231f0daca9fc2553638891a7241a4a