Re: Update www/apache-httpd to 2.2.20

Antoine Jacoutot Thu, 01 Sep 2011 01:02:13 -0700

On Thu, 1 Sep 2011, Felix Kronlage wrote:

> Hi,
> 
> the following diff updates www/apache-httpd to version 2.2.20
> released couple days ago.
> Foremost this version includes a security fix for CVE-2011-3192.
> <url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192>
> 
> comments and tests more than welcome.


Didn't giovanni@ send a similar update yesterday?



> Index: Makefile
> ===================================================================
> RCS file: /data/cvsmirror/src/openbsd/ports/www/apache-httpd/Makefile,v
> retrieving revision 1.27
> diff -u -r1.27 Makefile
> --- Makefile  12 Feb 2011 21:05:38 -0000      1.27
> +++ Makefile  1 Sep 2011 07:35:08 -0000
> @@ -2,10 +2,9 @@
>  
>  COMMENT=     apache HTTP server
>  
> -V=           2.2.15
> +V=           2.2.20
>  PKGNAME=     apache-httpd-${V}
>  DISTNAME=    httpd-${V}
> -REVISION=    0
>  
>  CATEGORIES=  www net
>  
> Index: distinfo
> ===================================================================
> RCS file: /data/cvsmirror/src/openbsd/ports/www/apache-httpd/distinfo,v
> retrieving revision 1.10
> diff -u -r1.10 distinfo
> --- distinfo  27 Jun 2010 17:27:03 -0000      1.10
> +++ distinfo  1 Sep 2011 07:35:08 -0000
> @@ -1,5 +1,5 @@
> -MD5 (httpd-2.2.15.tar.gz) = MfoCLcPAkIxuqv5zyBxl3w==
> -RMD160 (httpd-2.2.15.tar.gz) = OUj1YdwjI2iVZ6k3Z7lY2ecX+ZM=
> -SHA1 (httpd-2.2.15.tar.gz) = GnUaq0Q8527eIzttM1EiPpyVFvI=
> -SHA256 (httpd-2.2.15.tar.gz) = T4eSUek46B+v7avJRoMaUBtx3cM8uKmtSplPziM/KBs=
> -SIZE (httpd-2.2.15.tar.gz) = 6593633
> +MD5 (httpd-2.2.20.tar.gz) = RQSTRGTF7lEBjbr6bZmBDQ==
> +RMD160 (httpd-2.2.20.tar.gz) = +65r9C4KENDX8YpOlxtH1Ie8li8=
> +SHA1 (httpd-2.2.20.tar.gz) = XmcGNuFyhreuWt5bf14h5oZVnlo=
> +SHA256 (httpd-2.2.20.tar.gz) = CrtZaJZkrk210e4atBQHFbh/iJ6B3itNlYHCNVlOKGg=
> +SIZE (httpd-2.2.20.tar.gz) = 6834233
> Index: patches/patch-configure
> ===================================================================
> RCS file: 
> /data/cvsmirror/src/openbsd/ports/www/apache-httpd/patches/patch-configure,v
> retrieving revision 1.7
> diff -u -r1.7 patch-configure
> --- patches/patch-configure   1 Dec 2009 13:38:23 -0000       1.7
> +++ patches/patch-configure   1 Sep 2011 07:35:08 -0000
> @@ -1,7 +1,7 @@
>  $OpenBSD: patch-configure,v 1.7 2009/12/01 13:38:23 bernd Exp $
> ---- configure.orig   Thu Sep 24 01:29:56 2009
> -+++ configure        Fri Oct  9 11:52:03 2009
> -@@ -3097,7 +3097,7 @@ do
> +--- configure.orig   Tue Aug 30 02:13:20 2011
> ++++ configure        Thu Sep  1 08:44:44 2011
> +@@ -3121,7 +3121,7 @@ do
>     ap_last="${ap_cur}"
>     ap_cur=`eval "echo ${ap_cur}"`
>   done
> @@ -10,7 +10,7 @@
>   
>   
>     APACHE_VAR_SUBST="$APACHE_VAR_SUBST exp_sysconfdir"
> -@@ -4077,7 +4077,7 @@ SHLIBPATH_VAR=`$apr_config --shlib-path-var`
> +@@ -4112,7 +4112,7 @@ SHLIBPATH_VAR=`$apr_config --shlib-path-var`
>   APR_BINDIR=`$apr_config --bindir`
>   APR_INCLUDEDIR=`$apr_config --includedir`
>   APR_VERSION=`$apr_config --version`
> @@ -19,7 +19,7 @@
>   
>   echo $ac_n "${nl}Configuring Apache Portable Runtime Utility 
> library...${nl}"
>   
> -@@ -4384,7 +4384,7 @@ fi
> +@@ -4430,7 +4430,7 @@ fi
>   APU_BINDIR=`$apu_config --bindir`
>   APU_INCLUDEDIR=`$apu_config --includedir`
>   APU_VERSION=`$apu_config --version`
> Index: patches/patch-docs_man_htpasswd_1
> ===================================================================
> RCS file: 
> /data/cvsmirror/src/openbsd/ports/www/apache-httpd/patches/patch-docs_man_htpasswd_1,v
> retrieving revision 1.3
> diff -u -r1.3 patch-docs_man_htpasswd_1
> --- patches/patch-docs_man_htpasswd_1 19 Sep 2007 05:47:36 -0000      1.3
> +++ patches/patch-docs_man_htpasswd_1 1 Sep 2011 07:35:08 -0000
> @@ -1,12 +1,12 @@
>  $OpenBSD: patch-docs_man_htpasswd_1,v 1.3 2007/09/19 05:47:36 steven Exp $
> ---- docs/man/htpasswd.1.orig Tue Apr 24 18:18:39 2007
> -+++ docs/man/htpasswd.1      Tue Sep 18 17:07:46 2007
> -@@ -19,39 +19,39 @@
> +--- docs/man/htpasswd.1.orig Sun Jun 19 13:45:57 2011
> ++++ docs/man/htpasswd.1      Thu Sep  1 08:48:14 2011
> +@@ -19,36 +19,36 @@
>   .el .ne 3
>   .IP "\\$1" \\$2
>   ..
> --.TH "HTPASSWD" 1 "2007-04-24" "Apache HTTP Server" "htpasswd"
> -+.TH "HTPASSWD2" 1 "2007-04-24" "Apache HTTP Server" "htpasswd2"
> +-.TH "HTPASSWD" 1 "2011-06-19" "Apache HTTP Server" "htpasswd"
> ++.TH "HTPASSWD2" 1 "2011-06-19" "Apache HTTP Server" "htpasswd2"
>   
>   .SH NAME
>  -htpasswd \- Manage user files for basic authentication
> @@ -39,31 +39,20 @@
>    
>   .PP
>  -Resources available from the Apache HTTP server can be restricted to just 
> the users listed in the files created by htpasswd\&. This program can only 
> manage usernames and passwords stored in a flat-file\&. It can encrypt and 
> display password information for use in other types of data stores, though\&. 
> To use a DBM database see dbmmanage\&.
> -+Resources available from the Apache HTTP server can be restricted to just 
> the users listed in the files created by htpasswd2\&. This program can only 
> manage usernames and passwords stored in a flat-file\&. It can encrypt and 
> display password information for use in other types of data stores, though\&. 
> To use a DBM database see dbmmanage2\&.
> ++Resources available from the Apache HTTP server can be restricted to just 
> the users listed in the files created by htpasswd2\&. This program can only 
> manage usernames and passwords stored in a flat-file\&. It can encrypt and 
> display password information for use in other types of data stores, though\&. 
> To use a DBM database see dbmmanage\&.
>    
>   .PP
>  -htpasswd encrypts passwords using either a version of MD5 modified for 
> Apache, or the system's crypt() routine\&. Files managed by htpasswd may 
> contain both types of passwords; some user records may have MD5-encrypted 
> passwords while others in the same file may have passwords encrypted with 
> crypt()\&.
>  +htpasswd2 encrypts passwords using either a version of MD5 modified for 
> Apache, or the system's crypt() routine\&. Files managed by htpasswd2 may 
> contain both types of passwords; some user records may have MD5-encrypted 
> passwords while others in the same file may have passwords encrypted with 
> crypt()\&.
>    
>   .PP
> --This manual page only lists the command line arguments\&. For details of 
> the directives necessary to configure user authentication in httpd see the 
> Apache manual, which is part of the Apache distribution or can be found at 
> http://httpd\&.apache\&.org/\&;.
> -+This manual page only lists the command line arguments\&. For details of 
> the directives necessary to configure user authentication in httpd2 see the 
> Apache manual, which is part of the Apache distribution or can be found at 
> http://httpd\&.apache\&.org/\&;.
> -  
> - 
> - .SH "OPTIONS"
> -@@ -71,16 +71,16 @@ Display the results on standard output rather than upd
> - Use MD5 encryption for passwords\&. On Windows, Netware and TPF, this is 
> the default\&.  
> - .TP
> - -d
> --Use crypt() encryption for passwords\&. The default on all platforms but 
> Windows, Netware and TPF\&. Though possibly supported by htpasswd on all 
> platforms, it is not supported by the httpd server on Windows, Netware and 
> TPF\&.  
> -+Use crypt() encryption for passwords\&. The default on all platforms but 
> Windows, Netware and TPF\&. Though possibly supported by htpasswd2 on all 
> platforms, it is not supported by the httpd2 server on Windows, Netware and 
> TPF\&.  
> - .TP
> - -s
> + This manual page only lists the command line arguments\&. For details of 
> the directives necessary to configure user authentication in httpd see the 
> Apache manual, which is part of the Apache distribution or can be found at 
> http://httpd\&.apache\&.org/\&;.
> +@@ -77,10 +77,10 @@ Use crypt() encryption for passwords\&. This is not su
>   Use SHA encryption for passwords\&. Facilitates migration from/to Netscape 
> servers using the LDAP Directory Interchange Format (ldif)\&.  
>   .TP
>   -p
>  -Use plaintext passwords\&. Though htpasswd will support creation on all 
> platforms, the httpd daemon will only accept plain text passwords on Windows, 
> Netware and TPF\&.  
> -+Use plaintext passwords\&. Though htpasswd2 will support creation on all 
> platforms, the httpd2 daemon will only accept plain text passwords on 
> Windows, Netware and TPF\&.  
> ++Use plaintext passwords\&. Though htpasswd2 will support creation on all 
> platforms, the httpd daemon will only accept plain text passwords on Windows, 
> Netware and TPF\&.  
>   .TP
>   -D
>  -Delete user\&. If the username exists in the specified htpasswd file, it 
> will be deleted\&.  
> @@ -83,13 +72,13 @@
>   .nf
>   
>  -      htpasswd /usr/local/etc/apache/\&.htpasswd-users jsmith
> -+      htpasswd2 /usr/local/etc/apache/\&.htpasswd2-users jsmith
> ++      htpasswd2 /usr/local/etc/apache/\&.htpasswd-users jsmith
>       
>   .fi
>    
>   .PP
> --Adds or modifies the password for user jsmith\&. The user is prompted for 
> the password\&. If executed on a Windows system, the password will be 
> encrypted using the modified Apache MD5 algorithm; otherwise, the system's 
> crypt() routine will be used\&. If the file does not exist, htpasswd will do 
> nothing except return an error\&.
> -+Adds or modifies the password for user jsmith\&. The user is prompted for 
> the password\&. If executed on a Windows system, the password will be 
> encrypted using the modified Apache MD5 algorithm; otherwise, the system's 
> crypt() routine will be used\&. If the file does not exist, htpasswd2 will do 
> nothing except return an error\&.
> +-Adds or modifies the password for user jsmith\&. The user is prompted for 
> the password\&. The password will be encrypted using the modified Apache MD5 
> algorithm\&. If the file does not exist, htpasswd will do nothing except 
> return an error\&.
> ++Adds or modifies the password for user jsmith\&. The user is prompted for 
> the password\&. The password will be encrypted using the modified Apache MD5 
> algorithm\&. If the file does not exist, htpasswd2 will do nothing except 
> return an error\&.
>    
>   .nf
>   
> @@ -104,8 +93,8 @@
>    
>   .nf
>   
> --      htpasswd -mb /usr/web/\&.htpasswd-all jones Pwd4Steve
> -+      htpasswd2 -mb /usr/web/\&.htpasswd2-all jones Pwd4Steve
> +-      htpasswd -db /usr/web/\&.htpasswd-all jones Pwd4Steve
> ++      htpasswd2 -db /usr/web/\&.htpasswd2-all jones Pwd4Steve
>       
>   .fi
>    
> Index: patches/patch-docs_man_httpd_8
> ===================================================================
> RCS file: 
> /data/cvsmirror/src/openbsd/ports/www/apache-httpd/patches/patch-docs_man_httpd_8,v
> retrieving revision 1.3
> diff -u -r1.3 patch-docs_man_httpd_8
> --- patches/patch-docs_man_httpd_8    19 Sep 2007 05:47:36 -0000      1.3
> +++ patches/patch-docs_man_httpd_8    1 Sep 2011 07:35:08 -0000
> @@ -1,12 +1,12 @@
>  $OpenBSD: patch-docs_man_httpd_8,v 1.3 2007/09/19 05:47:36 steven Exp $
> ---- docs/man/httpd.8.orig    Wed Aug  1 16:05:01 2007
> -+++ docs/man/httpd.8 Tue Sep 18 17:03:33 2007
> +--- docs/man/httpd.8.orig    Fri Feb  4 16:20:03 2011
> ++++ docs/man/httpd.8 Thu Sep  1 08:50:09 2011
>  @@ -19,30 +19,30 @@
>   .el .ne 3
>   .IP "\\$1" \\$2
>   ..
> --.TH "HTTPD" 8 "2007-08-01" "Apache HTTP Server" "httpd"
> -+.TH "HTTPD2" 8 "2007-08-01" "Apache HTTP Server" "httpd2"
> +-.TH "HTTPD" 8 "2010-09-28" "Apache HTTP Server" "httpd"
> ++.TH "HTTPD" 8 "2010-09-28" "Apache HTTP Server" "httpd2"
>   
>   .SH NAME
>  -httpd \- Apache Hypertext Transfer Protocol Server
> @@ -15,8 +15,8 @@
>   .SH "SYNOPSIS"
>    
>   .PP
> --\fBhttpd\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ 
> -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR 
> \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR 
> start|restart|graceful|stop|graceful-stop ] [ -\fBR\fR \fIdirectory\fR ] [ 
> -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ 
> -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ]
> -+\fBhttpd2\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ 
> -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR 
> \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR 
> start|restart|graceful|stop|graceful-stop ] [ -\fBR\fR \fIdirectory\fR ] [ 
> -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ 
> -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ]
> +-\fBhttpd\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ 
> -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR 
> \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR 
> start|restart|graceful|stop|graceful-stop ] [ -\fBR\fR \fIdirectory\fR ] [ 
> -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ 
> -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ] [ -\fBT\fR ]
> ++\fBhttpd2\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ 
> -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR 
> \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR 
> start|restart|graceful|stop|graceful-stop ] [ -\fBR\fR \fIdirectory\fR ] [ 
> -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ 
> -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ] [ -\fBT\fR ]
>    
>   .PP
>   On Windows systems, the following additional arguments are available:
> @@ -34,7 +34,7 @@
>    
>   .PP
>  -In general, httpd should not be invoked directly, but rather should be 
> invoked via apachectl on Unix-based systems or as a service on Windows NT, 
> 2000 and XP and as a console application on Windows 9x and ME\&.
> -+In general, httpd2 should not be invoked directly, but rather should be 
> invoked via apachectl2 on Unix-based systems or as a service on Windows NT, 
> 2000 and XP and as a console application on Windows 9x and ME\&.
> ++In general, httpd2 should not be invoked directly, but rather should be 
> invoked via apachectl on Unix-based systems or as a service on Windows NT, 
> 2000 and XP and as a console application on Windows 9x and ME\&.
>    
>   
>   .SH "OPTIONS"
> @@ -51,7 +51,7 @@
>   .TP
>   -C \fIdirective\fR
>   Process the configuration \fIdirective\fR before reading config files\&.  
> -@@ -95,13 +95,13 @@ Show the settings as parsed from the config file (curr
> +@@ -98,13 +98,13 @@ Skip document root check at startup/restart\&.  
>   Run syntax tests for configuration files only\&. The program immediately 
> exits after these syntax parsing tests with either a return code of 0 (Syntax 
> OK) or return code not equal to 0 (Syntax Error)\&. If -D 
> \fIDUMP\fR_\fIVHOSTS \fRis also set, details of the virtual host 
> configuration will be printed\&. If -D \fIDUMP\fR_\fIMODULES \fR is set, all 
> loaded modules will be printed\&.  
>   .TP
>   -v
> Index: patches/patch-docs_man_rotatelogs_8
> ===================================================================
> RCS file: 
> /data/cvsmirror/src/openbsd/ports/www/apache-httpd/patches/patch-docs_man_rotatelogs_8,v
> retrieving revision 1.4
> diff -u -r1.4 patch-docs_man_rotatelogs_8
> --- patches/patch-docs_man_rotatelogs_8       2 Sep 2008 22:05:23 -0000       
> 1.4
> +++ patches/patch-docs_man_rotatelogs_8       1 Sep 2011 07:35:08 -0000
> @@ -1,12 +1,12 @@
>  $OpenBSD: patch-docs_man_rotatelogs_8,v 1.4 2008/09/02 22:05:23 bernd Exp $
> ---- docs/man/rotatelogs.8.orig       Thu Jul 24 12:24:38 2008
> -+++ docs/man/rotatelogs.8    Thu Jul 24 12:25:28 2008
> +--- docs/man/rotatelogs.8.orig       Fri Feb  4 16:20:03 2011
> ++++ docs/man/rotatelogs.8    Thu Sep  1 08:53:33 2011
>  @@ -19,21 +19,21 @@
>   .el .ne 3
>   .IP "\\$1" \\$2
>   ..
> --.TH "ROTATELOGS" 8 "2008-05-10" "Apache HTTP Server" "rotatelogs"
> -+.TH "ROTATELOGS2" 8 "2008-05-10" "Apache HTTP Server" "rotatelogs"
> +-.TH "ROTATELOGS" 8 "2010-11-06" "Apache HTTP Server" "rotatelogs"
> ++.TH "ROTATELOGS2" 8 "2010-11-06" "Apache HTTP Server" "rotatelogs"
>   
>   .SH NAME
>  -rotatelogs \- Piped logging program to rotate Apache logs
> @@ -35,7 +35,7 @@
>  +Causes the logfile to be opened immediately, as soon as rotatelogs2 starts, 
> instead of waiting for the first logfile entry to be read (for non-busy 
> sites, there may be a substantial delay between when the server is started 
> and when the first request is handled, meaning that the associated logfile 
> does not "exist" until then, which causes problems from some automated 
> logging tools)\&. \fIAvailable in version 2\&.2\&.9 and later\&.\fR  
>   .TP
>   \fIlogfile\fR
> - The path plus basename of the logfile\&. If \fIlogfile\fR includes any '%' 
> characters, it is treated as a format string for strftime(3)\&. Otherwise, 
> the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the time in 
> seconds\&. Both formats compute the start time from the beginning of the 
> current period\&. For example, if a rotation time of 86400 is specified, the 
> hour, minute, and second fields created from the strftime(3) format will all 
> be zero, referring to the beginning of the current 24-hour period 
> (midnight)\&.  
> + .PP The path plus basename of the logfile\&. If \fIlogfile\fR includes any 
> '%' characters, it is treated as a format string for strftime(3)\&. 
> Otherwise, the suffix \fI\&.nnnnnnnnnn\fR is automatically added and is the 
> time in seconds\&. Both formats compute the start time from the beginning of 
> the current period\&. For example, if a rotation time of 86400 is specified, 
> the hour, minute, and second fields created from the strftime(3) format will 
> all be zero, referring to the beginning of the current 24-hour period 
> (midnight)\&. .PP When using strftime(3) filename formatting, be sure the log 
> file format has enough granularity to produce a different file name each time 
> the logs are rotated\&. Otherwise rotation will overwrite the same file 
> instead of starting a new one\&. For example, if \fIlogfile\fR was 
> /var/logs/errorlog\&.%Y-%m-%d with log rotation at 5 megabytes, but 5 
> megabytes was reached twice in the same day, the same log file name would be 
> produced and log rotati!
 on would keep writing to the same file\&.  
>  @@ -62,7 +62,7 @@ The number of minutes offset from UTC\&. If omitted, z
>    
>   .nf
> Index: patches/patch-modules_cache_cache_storage_c
> ===================================================================
> RCS file: patches/patch-modules_cache_cache_storage_c
> diff -N patches/patch-modules_cache_cache_storage_c
> --- patches/patch-modules_cache_cache_storage_c       12 Feb 2011 21:05:38 
> -0000      1.1
> +++ /dev/null 1 Jan 1970 00:00:00 -0000
> @@ -1,24 +0,0 @@
> -$OpenBSD: patch-modules_cache_cache_storage_c,v 1.1 2011/02/12 21:05:38 pea 
> Exp $
> -
> -Fix CVE-2010-1452
> -
> ---- modules/cache/cache_storage.c.orig       Sat Feb 27 19:54:40 2010
> -+++ modules/cache/cache_storage.c    Tue Feb  8 11:56:28 2011
> -@@ -479,7 +479,7 @@ apr_status_t cache_generate_key_default(request_rec *r
> -      * Check if we need to ignore session identifiers in the URL and do so
> -      * if needed.
> -      */
> --    path = r->parsed_uri.path;
> -+    path = r->uri;
> -     querystring = r->parsed_uri.query;
> -     if (conf->ignore_session_id->nelts) {
> -         int i;
> -@@ -546,7 +546,7 @@ apr_status_t cache_generate_key_default(request_rec *r
> -      */
> -     cache->key = apr_pstrdup(r->pool, *key);
> -     ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL,
> --                 "cache: Key for entity %s?%s is %s", r->parsed_uri.path,
> -+                 "cache: Key for entity %s?%s is %s", r->uri,
> -                  r->parsed_uri.query, *key);
> - 
> -     return APR_SUCCESS;
> Index: patches/patch-modules_dav_main_util_c
> ===================================================================
> RCS file: patches/patch-modules_dav_main_util_c
> diff -N patches/patch-modules_dav_main_util_c
> --- patches/patch-modules_dav_main_util_c     12 Feb 2011 21:05:38 -0000      
> 1.1
> +++ /dev/null 1 Jan 1970 00:00:00 -0000
> @@ -1,16 +0,0 @@
> -$OpenBSD: patch-modules_dav_main_util_c,v 1.1 2011/02/12 21:05:38 pea Exp $
> -
> -Fix CVE-2010-1452
> -
> ---- modules/dav/main/util.c.orig     Sat Jan  5 10:45:07 2008
> -+++ modules/dav/main/util.c  Tue Feb  8 11:56:28 2011
> -@@ -624,7 +624,8 @@ static dav_error * dav_process_if_header(request_rec *
> - 
> -             /* 2518 specifies this must be an absolute URI; just take the
> -              * relative part for later comparison against r->uri */
> --            if (apr_uri_parse(r->pool, uri, &parsed_uri) != APR_SUCCESS) {
> -+            if (apr_uri_parse(r->pool, uri, &parsed_uri) != APR_SUCCESS
> -+                || !parsed_uri.path) {
> -                 return dav_new_error(r->pool, HTTP_BAD_REQUEST,
> -                                      DAV_ERR_IF_TAGGED,
> -                                      "Invalid URI in tagged If-header.");
> Index: patches/patch-server_mpm_common_c
> ===================================================================
> RCS file: 
> /data/cvsmirror/src/openbsd/ports/www/apache-httpd/patches/patch-server_mpm_common_c,v
> retrieving revision 1.3
> diff -u -r1.3 patch-server_mpm_common_c
> --- patches/patch-server_mpm_common_c 19 Sep 2007 05:47:36 -0000      1.3
> +++ patches/patch-server_mpm_common_c 1 Sep 2011 07:35:08 -0000
> @@ -1,7 +1,7 @@
>  $OpenBSD: patch-server_mpm_common_c,v 1.3 2007/09/19 05:47:36 steven Exp $
> ---- server/mpm_common.c.orig Tue Jul 17 16:48:25 2007
> -+++ server/mpm_common.c      Tue Sep 18 17:00:40 2007
> -@@ -980,19 +980,19 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
> +--- server/mpm_common.c.orig Thu Apr 14 15:43:04 2011
> ++++ server/mpm_common.c      Thu Sep  1 08:52:36 2011
> +@@ -979,18 +979,18 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
>               *exit_status = 1;
>               return 1;
>           }
> @@ -9,7 +9,6 @@
>  +        status = "httpd2 (no pid file) not running";
>       }
>       else {
> -         have_pid_file = 1;
>           if (kill(otherpid, 0) == 0) {
>               running = 1;
>               status = apr_psprintf(pconf,
> @@ -24,7 +23,7 @@
>                                     otherpid);
>           }
>       }
> -@@ -1016,7 +1016,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
> +@@ -1014,7 +1014,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
>   
>       if (!strcmp(dash_k_arg, "restart")) {
>           if (!running) {
> @@ -33,7 +32,7 @@
>           }
>           else {
>               *exit_status = send_signal(otherpid, SIGHUP);
> -@@ -1026,7 +1026,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
> +@@ -1024,7 +1024,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
>   
>       if (!strcmp(dash_k_arg, "graceful")) {
>           if (!running) {
> @@ -42,7 +41,7 @@
>           }
>           else {
>               *exit_status = send_signal(otherpid, AP_SIG_GRACEFUL);
> -@@ -1043,7 +1043,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
> +@@ -1041,7 +1041,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco
>               *exit_status = send_signal(otherpid, AP_SIG_GRACEFUL_STOP);
>           }
>   #else
> Index: patches/patch-support_apxs_in
> ===================================================================
> RCS file: 
> /data/cvsmirror/src/openbsd/ports/www/apache-httpd/patches/patch-support_apxs_in,v
> retrieving revision 1.1
> diff -u -r1.1 patch-support_apxs_in
> --- patches/patch-support_apxs_in     16 Jan 2007 01:12:26 -0000      1.1
> +++ patches/patch-support_apxs_in     1 Sep 2011 07:35:08 -0000
> @@ -1,7 +1,7 @@
>  $OpenBSD: patch-support_apxs_in,v 1.1 2007/01/16 01:12:26 deanna Exp $
> ---- support/apxs.in.orig     Tue Jul 11 23:38:44 2006
> -+++ support/apxs.in  Sun Jan 14 20:22:59 2007
> -@@ -645,13 +645,13 @@ __DATA__
> +--- support/apxs.in.orig     Mon May 10 22:02:56 2010
> ++++ support/apxs.in  Thu Sep  1 08:44:44 2011
> +@@ -647,13 +647,13 @@ __DATA__
>   ##
>   
>   builddir=.
> Index: pkg/PLIST
> ===================================================================
> RCS file: /data/cvsmirror/src/openbsd/ports/www/apache-httpd/pkg/PLIST,v
> retrieving revision 1.18
> diff -u -r1.18 PLIST
> --- pkg/PLIST 27 Jun 2010 17:27:03 -0000      1.18
> +++ pkg/PLIST 1 Sep 2011 07:35:08 -0000
> @@ -191,12 +191,14 @@
>  share/doc/apache2/developer/debugging.html.en
>  share/doc/apache2/developer/documenting.html
>  share/doc/apache2/developer/documenting.html.en
> +share/doc/apache2/developer/documenting.html.zh-cn
>  share/doc/apache2/developer/filters.html
>  share/doc/apache2/developer/filters.html.en
>  share/doc/apache2/developer/hooks.html
>  share/doc/apache2/developer/hooks.html.en
>  share/doc/apache2/developer/index.html
>  share/doc/apache2/developer/index.html.en
> +share/doc/apache2/developer/index.html.zh-cn
>  share/doc/apache2/developer/modules.html
>  share/doc/apache2/developer/modules.html.en
>  share/doc/apache2/developer/modules.html.ja.utf8
> @@ -223,6 +225,7 @@
>  share/doc/apache2/faq/index.html
>  share/doc/apache2/faq/index.html.en
>  share/doc/apache2/faq/index.html.tr.utf8
> +share/doc/apache2/faq/index.html.zh-cn
>  share/doc/apache2/filter.html
>  share/doc/apache2/filter.html.en
>  share/doc/apache2/filter.html.es
> @@ -246,11 +249,13 @@
>  share/doc/apache2/handler.html.ko.euc-kr
>  share/doc/apache2/handler.html.ru.koi8-r
>  share/doc/apache2/handler.html.tr.utf8
> +share/doc/apache2/handler.html.zh-cn
>  share/doc/apache2/howto/
>  share/doc/apache2/howto/access.html
>  share/doc/apache2/howto/access.html.en
>  share/doc/apache2/howto/auth.html
>  share/doc/apache2/howto/auth.html.en
> +share/doc/apache2/howto/auth.html.fr
>  share/doc/apache2/howto/auth.html.ja.utf8
>  share/doc/apache2/howto/auth.html.ko.euc-kr
>  share/doc/apache2/howto/auth.html.tr.utf8
> @@ -260,6 +265,7 @@
>  share/doc/apache2/howto/cgi.html.ko.euc-kr
>  share/doc/apache2/howto/htaccess.html
>  share/doc/apache2/howto/htaccess.html.en
> +share/doc/apache2/howto/htaccess.html.fr
>  share/doc/apache2/howto/htaccess.html.ja.utf8
>  share/doc/apache2/howto/htaccess.html.ko.euc-kr
>  share/doc/apache2/howto/htaccess.html.pt-br
> @@ -267,6 +273,7 @@
>  share/doc/apache2/howto/index.html.en
>  share/doc/apache2/howto/index.html.ja.utf8
>  share/doc/apache2/howto/index.html.ko.euc-kr
> +share/doc/apache2/howto/index.html.zh-cn
>  share/doc/apache2/howto/public_html.html
>  share/doc/apache2/howto/public_html.html.en
>  share/doc/apache2/howto/public_html.html.ja.utf8
> @@ -300,6 +307,7 @@
>  share/doc/apache2/images/mod_rewrite_fig2.gif
>  share/doc/apache2/images/mod_rewrite_fig2.png
>  share/doc/apache2/images/pixel.gif
> +share/doc/apache2/images/rewrite_rule_flow.png
>  share/doc/apache2/images/right.gif
>  share/doc/apache2/images/ssl_intro_fig1.gif
>  share/doc/apache2/images/ssl_intro_fig1.png
> @@ -308,6 +316,8 @@
>  share/doc/apache2/images/ssl_intro_fig3.gif
>  share/doc/apache2/images/ssl_intro_fig3.png
>  share/doc/apache2/images/sub.gif
> +share/doc/apache2/images/syntax_rewritecond.png
> +share/doc/apache2/images/syntax_rewriterule.png
>  share/doc/apache2/images/up.gif
>  share/doc/apache2/index.html
>  share/doc/apache2/index.html.de
> @@ -318,6 +328,7 @@
>  share/doc/apache2/index.html.ko.euc-kr
>  share/doc/apache2/index.html.pt-br
>  share/doc/apache2/index.html.tr.utf8
> +share/doc/apache2/index.html.zh-cn
>  share/doc/apache2/install.html
>  share/doc/apache2/install.html.de
>  share/doc/apache2/install.html.en
> @@ -347,6 +358,7 @@
>  share/doc/apache2/misc/index.html.en
>  share/doc/apache2/misc/index.html.ko.euc-kr
>  share/doc/apache2/misc/index.html.tr.utf8
> +share/doc/apache2/misc/index.html.zh-cn
>  share/doc/apache2/misc/password_encryptions.html
>  share/doc/apache2/misc/password_encryptions.html.en
>  share/doc/apache2/misc/perf-tuning.html
> @@ -372,6 +384,7 @@
>  share/doc/apache2/mod/core.html
>  share/doc/apache2/mod/core.html.de
>  share/doc/apache2/mod/core.html.en
> +share/doc/apache2/mod/core.html.fr
>  share/doc/apache2/mod/core.html.ja.utf8
>  share/doc/apache2/mod/core.html.tr.utf8
>  share/doc/apache2/mod/directive-dict.html
> @@ -387,6 +400,7 @@
>  share/doc/apache2/mod/directives.html.ko.euc-kr
>  share/doc/apache2/mod/directives.html.ru.koi8-r
>  share/doc/apache2/mod/directives.html.tr.utf8
> +share/doc/apache2/mod/directives.html.zh-cn
>  share/doc/apache2/mod/event.html
>  share/doc/apache2/mod/event.html.en
>  share/doc/apache2/mod/index.html
> @@ -396,6 +410,7 @@
>  share/doc/apache2/mod/index.html.ja.utf8
>  share/doc/apache2/mod/index.html.ko.euc-kr
>  share/doc/apache2/mod/index.html.tr.utf8
> +share/doc/apache2/mod/index.html.zh-cn
>  share/doc/apache2/mod/mod_actions.html
>  share/doc/apache2/mod/mod_actions.html.de
>  share/doc/apache2/mod/mod_actions.html.en
> @@ -412,13 +427,16 @@
>  share/doc/apache2/mod/mod_asis.html.ko.euc-kr
>  share/doc/apache2/mod/mod_auth_basic.html
>  share/doc/apache2/mod/mod_auth_basic.html.en
> +share/doc/apache2/mod/mod_auth_basic.html.fr
>  share/doc/apache2/mod/mod_auth_basic.html.ja.utf8
>  share/doc/apache2/mod/mod_auth_basic.html.ko.euc-kr
>  share/doc/apache2/mod/mod_auth_digest.html
>  share/doc/apache2/mod/mod_auth_digest.html.en
> +share/doc/apache2/mod/mod_auth_digest.html.fr
>  share/doc/apache2/mod/mod_auth_digest.html.ko.euc-kr
>  share/doc/apache2/mod/mod_authn_alias.html
>  share/doc/apache2/mod/mod_authn_alias.html.en
> +share/doc/apache2/mod/mod_authn_alias.html.fr
>  share/doc/apache2/mod/mod_authn_anon.html
>  share/doc/apache2/mod/mod_authn_anon.html.en
>  share/doc/apache2/mod/mod_authn_anon.html.ja.utf8
> @@ -435,10 +453,12 @@
>  share/doc/apache2/mod/mod_authn_default.html.ko.euc-kr
>  share/doc/apache2/mod/mod_authn_file.html
>  share/doc/apache2/mod/mod_authn_file.html.en
> +share/doc/apache2/mod/mod_authn_file.html.fr
>  share/doc/apache2/mod/mod_authn_file.html.ja.utf8
>  share/doc/apache2/mod/mod_authn_file.html.ko.euc-kr
>  share/doc/apache2/mod/mod_authnz_ldap.html
>  share/doc/apache2/mod/mod_authnz_ldap.html.en
> +share/doc/apache2/mod/mod_authnz_ldap.html.fr
>  share/doc/apache2/mod/mod_authz_dbm.html
>  share/doc/apache2/mod/mod_authz_dbm.html.en
>  share/doc/apache2/mod/mod_authz_dbm.html.ko.euc-kr
> @@ -464,6 +484,7 @@
>  share/doc/apache2/mod/mod_authz_user.html.ko.euc-kr
>  share/doc/apache2/mod/mod_autoindex.html
>  share/doc/apache2/mod/mod_autoindex.html.en
> +share/doc/apache2/mod/mod_autoindex.html.fr
>  share/doc/apache2/mod/mod_autoindex.html.ja.utf8
>  share/doc/apache2/mod/mod_autoindex.html.ko.euc-kr
>  share/doc/apache2/mod/mod_autoindex.html.tr.utf8
> @@ -592,6 +613,7 @@
>  share/doc/apache2/mod/mod_nw_ssl.html.en
>  share/doc/apache2/mod/mod_proxy.html
>  share/doc/apache2/mod/mod_proxy.html.en
> +share/doc/apache2/mod/mod_proxy.html.fr
>  share/doc/apache2/mod/mod_proxy.html.ja.utf8
>  share/doc/apache2/mod/mod_proxy_ajp.html
>  share/doc/apache2/mod/mod_proxy_ajp.html.en
> @@ -606,12 +628,14 @@
>  share/doc/apache2/mod/mod_proxy_ftp.html.en
>  share/doc/apache2/mod/mod_proxy_http.html
>  share/doc/apache2/mod/mod_proxy_http.html.en
> +share/doc/apache2/mod/mod_proxy_http.html.fr
>  share/doc/apache2/mod/mod_proxy_scgi.html
>  share/doc/apache2/mod/mod_proxy_scgi.html.en
>  share/doc/apache2/mod/mod_reqtimeout.html
>  share/doc/apache2/mod/mod_reqtimeout.html.en
>  share/doc/apache2/mod/mod_rewrite.html
>  share/doc/apache2/mod/mod_rewrite.html.en
> +share/doc/apache2/mod/mod_rewrite.html.fr
>  share/doc/apache2/mod/mod_setenvif.html
>  share/doc/apache2/mod/mod_setenvif.html.en
>  share/doc/apache2/mod/mod_setenvif.html.ja.utf8
> @@ -637,6 +661,7 @@
>  share/doc/apache2/mod/mod_substitute.html.en
>  share/doc/apache2/mod/mod_suexec.html
>  share/doc/apache2/mod/mod_suexec.html.en
> +share/doc/apache2/mod/mod_suexec.html.fr
>  share/doc/apache2/mod/mod_suexec.html.ja.utf8
>  share/doc/apache2/mod/mod_suexec.html.ko.euc-kr
>  share/doc/apache2/mod/mod_suexec.html.tr.utf8
> @@ -689,6 +714,7 @@
>  share/doc/apache2/mod/quickreference.html.ko.euc-kr
>  share/doc/apache2/mod/quickreference.html.ru.koi8-r
>  share/doc/apache2/mod/quickreference.html.tr.utf8
> +share/doc/apache2/mod/quickreference.html.zh-cn
>  share/doc/apache2/mod/worker.html
>  share/doc/apache2/mod/worker.html.de
>  share/doc/apache2/mod/worker.html.en
> @@ -702,6 +728,7 @@
>  share/doc/apache2/mpm.html.ja.utf8
>  share/doc/apache2/mpm.html.ko.euc-kr
>  share/doc/apache2/mpm.html.tr.utf8
> +share/doc/apache2/mpm.html.zh-cn
>  share/doc/apache2/new_features_2_0.html
>  share/doc/apache2/new_features_2_0.html.de
>  share/doc/apache2/new_features_2_0.html.en
> @@ -724,6 +751,7 @@
>  share/doc/apache2/platform/index.html
>  share/doc/apache2/platform/index.html.en
>  share/doc/apache2/platform/index.html.ko.euc-kr
> +share/doc/apache2/platform/index.html.zh-cn
>  share/doc/apache2/platform/netware.html
>  share/doc/apache2/platform/netware.html.en
>  share/doc/apache2/platform/netware.html.ko.euc-kr
> @@ -785,6 +813,7 @@
>  share/doc/apache2/programs/index.html.ko.euc-kr
>  share/doc/apache2/programs/index.html.ru.koi8-r
>  share/doc/apache2/programs/index.html.tr.utf8
> +share/doc/apache2/programs/index.html.zh-cn
>  share/doc/apache2/programs/logresolve.html
>  share/doc/apache2/programs/logresolve.html.en
>  share/doc/apache2/programs/logresolve.html.ko.euc-kr
> @@ -802,19 +831,36 @@
>  share/doc/apache2/programs/suexec.html.ko.euc-kr
>  share/doc/apache2/programs/suexec.html.tr.utf8
>  share/doc/apache2/rewrite/
> +share/doc/apache2/rewrite/access.html
> +share/doc/apache2/rewrite/access.html.en
> +share/doc/apache2/rewrite/advanced.html
> +share/doc/apache2/rewrite/advanced.html.en
> +share/doc/apache2/rewrite/avoid.html
> +share/doc/apache2/rewrite/avoid.html.en
> +share/doc/apache2/rewrite/flags.html
> +share/doc/apache2/rewrite/flags.html.en
> +share/doc/apache2/rewrite/flags.html.fr
> +share/doc/apache2/rewrite/htaccess.html
> +share/doc/apache2/rewrite/htaccess.html.en
>  share/doc/apache2/rewrite/index.html
>  share/doc/apache2/rewrite/index.html.en
> +share/doc/apache2/rewrite/index.html.fr
>  share/doc/apache2/rewrite/index.html.tr.utf8
> -share/doc/apache2/rewrite/rewrite_flags.html
> -share/doc/apache2/rewrite/rewrite_flags.html.en
> -share/doc/apache2/rewrite/rewrite_guide.html
> -share/doc/apache2/rewrite/rewrite_guide.html.en
> -share/doc/apache2/rewrite/rewrite_guide_advanced.html
> -share/doc/apache2/rewrite/rewrite_guide_advanced.html.en
> -share/doc/apache2/rewrite/rewrite_intro.html
> -share/doc/apache2/rewrite/rewrite_intro.html.en
> -share/doc/apache2/rewrite/rewrite_tech.html
> -share/doc/apache2/rewrite/rewrite_tech.html.en
> +share/doc/apache2/rewrite/index.html.zh-cn
> +share/doc/apache2/rewrite/intro.html
> +share/doc/apache2/rewrite/intro.html.en
> +share/doc/apache2/rewrite/intro.html.fr
> +share/doc/apache2/rewrite/proxy.html
> +share/doc/apache2/rewrite/proxy.html.en
> +share/doc/apache2/rewrite/remapping.html
> +share/doc/apache2/rewrite/remapping.html.en
> +share/doc/apache2/rewrite/rewritemap.html
> +share/doc/apache2/rewrite/rewritemap.html.en
> +share/doc/apache2/rewrite/tech.html
> +share/doc/apache2/rewrite/tech.html.en
> +share/doc/apache2/rewrite/tech.html.fr
> +share/doc/apache2/rewrite/vhosts.html
> +share/doc/apache2/rewrite/vhosts.html.en
>  share/doc/apache2/sections.html
>  share/doc/apache2/sections.html.en
>  share/doc/apache2/sections.html.fr
> @@ -833,11 +879,13 @@
>  share/doc/apache2/sitemap.html.ja.utf8
>  share/doc/apache2/sitemap.html.ko.euc-kr
>  share/doc/apache2/sitemap.html.tr.utf8
> +share/doc/apache2/sitemap.html.zh-cn
>  share/doc/apache2/ssl/
>  share/doc/apache2/ssl/index.html
>  share/doc/apache2/ssl/index.html.en
>  share/doc/apache2/ssl/index.html.ja.utf8
>  share/doc/apache2/ssl/index.html.tr.utf8
> +share/doc/apache2/ssl/index.html.zh-cn
>  share/doc/apache2/ssl/ssl_compat.html
>  share/doc/apache2/ssl/ssl_compat.html.en
>  share/doc/apache2/ssl/ssl_faq.html
> @@ -878,6 +926,7 @@
>  share/doc/apache2/style/xsl/util/
>  share/doc/apache2/suexec.html
>  share/doc/apache2/suexec.html.en
> +share/doc/apache2/suexec.html.fr
>  share/doc/apache2/suexec.html.ja.utf8
>  share/doc/apache2/suexec.html.ko.euc-kr
>  share/doc/apache2/suexec.html.tr.utf8
> @@ -916,6 +965,7 @@
>  share/doc/apache2/vhosts/index.html.ko.euc-kr
>  share/doc/apache2/vhosts/index.html.ru.koi8-r
>  share/doc/apache2/vhosts/index.html.tr.utf8
> +share/doc/apache2/vhosts/index.html.zh-cn
>  share/doc/apache2/vhosts/ip-based.html
>  share/doc/apache2/vhosts/ip-based.html.en
>  share/doc/apache2/vhosts/ip-based.html.fr
> 
> 
> 

-- 
Antoine

Re: Update www/apache-httpd to 2.2.20

Reply via email to