Mon Nov 13 17:05:50 2017 UTC ()
Pullup ticket #5643 - requested by he
www/apache22: security patch

Revisions pulled up:
- www/apache22/Makefile                                         1.114
- www/apache22/distinfo                                         1.68

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Sep 28 04:58:29 UTC 2017

   Modified Files:
   	pkgsrc/www/apache22: Makefile distinfo

   Log Message:
   apache: update to 2.2.34nb1.

   Apply upstream patch to fix CVE 2017-9798.

   To generate a diff of this commit:
   cvs rdiff -u -r1.113 -r1.114 pkgsrc/www/apache22/Makefile
   cvs rdiff -u -r1.67 -r1.68 pkgsrc/www/apache22/distinfo


(spz)
diff -r1.113 -r1.113.4.1 pkgsrc/www/apache22/Makefile
diff -r1.67 -r1.67.4.1 pkgsrc/www/apache22/distinfo
cvs diff -r1.113 -r1.113.4.1 pkgsrc/www/apache22/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/apache22/Attic/Makefile 2017/07/12 07:00:40 1.113
+++ pkgsrc/www/apache22/Attic/Makefile 2017/11/13 17:05:50 1.113.4.1
@@ -1,23 +1,27 @@ @@ -1,23 +1,27 @@
1# $NetBSD: Makefile,v 1.113 2017/07/12 07:00:40 adam Exp $ 1# $NetBSD: Makefile,v 1.113.4.1 2017/11/13 17:05:50 spz Exp $
2 2
3DISTNAME= httpd-2.2.34 3DISTNAME= httpd-2.2.34
4PKGNAME= ${DISTNAME:S/httpd/apache/} 4PKGNAME= ${DISTNAME:S/httpd/apache/}
 5PKGREVISION= 1
5CATEGORIES= www 6CATEGORIES= www
6MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} 7MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/}
7MASTER_SITES+= http://archive.apache.org/dist/httpd/ 8MASTER_SITES+= http://archive.apache.org/dist/httpd/
8MASTER_SITES+= http://archive.eu.apache.org/dist/httpd/ 9MASTER_SITES+= http://archive.eu.apache.org/dist/httpd/
9EXTRACT_SUFX= .tar.bz2 10EXTRACT_SUFX= .tar.bz2
10 11
 12PATCH_SITES= https://www.apache.org/dist/httpd/patches/apply_to_2.2.34/
 13PATCHFILES= CVE-2017-9798-patch-2.2.patch
 14
11MAINTAINER= pkgsrc-users@NetBSD.org 15MAINTAINER= pkgsrc-users@NetBSD.org
12HOMEPAGE= http://httpd.apache.org/ 16HOMEPAGE= http://httpd.apache.org/
13COMMENT= Apache HTTP (Web) server, version 2.2 17COMMENT= Apache HTTP (Web) server, version 2.2
14LICENSE= apache-2.0 18LICENSE= apache-2.0
15 19
16BUILD_DEFS+= IPV6_READY 20BUILD_DEFS+= IPV6_READY
17BUILD_DEFS+= VARBASE 21BUILD_DEFS+= VARBASE
18 22
19USE_TOOLS+= pax perl perl:run pkg-config 23USE_TOOLS+= pax perl perl:run pkg-config
20USE_LIBTOOL= yes 24USE_LIBTOOL= yes
21GNU_CONFIGURE= yes 25GNU_CONFIGURE= yes
22CONFIGURE_ARGS+= --enable-layout=NetBSD 26CONFIGURE_ARGS+= --enable-layout=NetBSD
23CONFIGURE_ARGS+= --with-port=80 27CONFIGURE_ARGS+= --with-port=80
cvs diff -r1.67 -r1.67.4.1 pkgsrc/www/apache22/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/apache22/Attic/distinfo 2017/07/12 07:00:40 1.67
+++ pkgsrc/www/apache22/Attic/distinfo 2017/11/13 17:05:50 1.67.4.1
@@ -1,15 +1,19 @@ @@ -1,15 +1,19 @@
1$NetBSD: distinfo,v 1.67 2017/07/12 07:00:40 adam Exp $ 1$NetBSD: distinfo,v 1.67.4.1 2017/11/13 17:05:50 spz Exp $
2 2
 3SHA1 (CVE-2017-9798-patch-2.2.patch) = 5602d73298b1623c1aff6e2bceeec98ba0c0532e
 4RMD160 (CVE-2017-9798-patch-2.2.patch) = 6dbcf86821fc69a334b537a8de1c8d610743b1b9
 5SHA512 (CVE-2017-9798-patch-2.2.patch) = f4fda08d3c3f66cc6d1288ab986d63e9398de36fe82abff1f40f10a02f0ba570bd6c96795f8c00edaf865278373b467725a9e6031bd3c1eca60b622be17953d4
 6Size (CVE-2017-9798-patch-2.2.patch) = 1145 bytes
3SHA1 (httpd-2.2.34.tar.bz2) = 829206394e238af0b800fc78d19c74ee466ecb23 7SHA1 (httpd-2.2.34.tar.bz2) = 829206394e238af0b800fc78d19c74ee466ecb23
4RMD160 (httpd-2.2.34.tar.bz2) = 7e913d60ac02c815edac6ab0614f5dc40618c073 8RMD160 (httpd-2.2.34.tar.bz2) = 7e913d60ac02c815edac6ab0614f5dc40618c073
5SHA512 (httpd-2.2.34.tar.bz2) = e6dac5865a48533c025fe17523ee74d68c3a23f9512c9441b78a140e33cfb6835573eb049b0ad424eb5c5ca78a1915778c54e8a409da95fbdd3890cb99e08240 9SHA512 (httpd-2.2.34.tar.bz2) = e6dac5865a48533c025fe17523ee74d68c3a23f9512c9441b78a140e33cfb6835573eb049b0ad424eb5c5ca78a1915778c54e8a409da95fbdd3890cb99e08240
6Size (httpd-2.2.34.tar.bz2) = 5779739 bytes 10Size (httpd-2.2.34.tar.bz2) = 5779739 bytes
7SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7 11SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7
8SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 12SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150
9SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad 13SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
10SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 14SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
11SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 15SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
12SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 16SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01
13SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 17SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312
14SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 18SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1
15SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 19SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08