19:51 ohauer 

- rewrite bsd.apache.mk  (prepare for options NG support)
   keep full backward support until apache20 is removed from the tree
   comment code to remove with MFC TODO:

- adjust apache20 and apache22 ports
   changes are transparent for users (no PORTREVISION bump)

 Users who are using special build instructions in make.conf, such as
  - WITH_STATIC_MODULES= alias dir log_config mime rewrite setenvif vhost_alias

 should convert the values to UPPERCASE
  - WITH_STATIC_MODULES= ALIAS DIR LOG_CONFIG MIME REWRITE SETENVIF VHOST_ALIAS

 At the moment code to support old lowercase style is in place, but
 target to remove in favor for options NG.

with hat apache@

05:40 bapt 

new devel/pkgconf added to replace devel/pkg-config. new version of pkg-config
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility

This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG

it can take the following arguments:
 - yes (meaning build only dep)
 - build (meaning build only dep)
 - run (meaning run only dep)
 - both (meaning run and build dep)

From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.

While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config

With Hat:	portmgr
Exp-runs by:	bapt (pointhat-west), beat (pointyhat)

18:50 ohauer 

- apache20 has no SLAVE_PORTS so cleanup and simplify Makefile.modules
- use port framework instead pkg-install to check for www user
- no REVISION bump, logic / functionality has not changed

with hat apache@

21:32 ohauer 

- cleanup conflicts (remove no longer existent ports)
- remove explicit ABI version number from LIB_DEPENDS

12:44 mm 

Bump pcre library dependency due to 8.30 update
Add (vendor) patch for deprecated pcre_info()

05:02 pgollucci 

- Fix WITH_LDAP support by adding =shared

PR:         ports/147806
With Hat:   apache@

16:55 pgollucci 

- Fix a typo (sync with the rest of them)

With Hat:       apache@

22:36 ohauer 

- bump PORTREVISION (devel/apr0 update)
- set EXPIRATION date to 2012-02-01

Feature safe:   yes

22:26 amdmi3 

- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav

23:17 gabor 

- Track dependencies after databases/gdbm update

21:36 pav 

- Close a race condition that sometimes resulted in configure.in patches being
  ignored

21:10 pgollucci 

- DEPRECATE and set EXPIRATION_DATE
  apache 2.3.10 will be release next week, 2.3.11 will be 1st beta shortly
  after that.  2.4.0 GA will follow not long after.  Once 2.4.0 is released
  2.0.x will be EOL upstream at httpd ASF.
  Get this in before 7.4/8.2 to help raise awareness and start migration plans.

- Work is already well in to move the default apache to www/apache22
  http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/147009, help is appreciated
there
  with the goal to have this be true before 9.0.

- www/apache13* are on track to be deprecated after 9.0.  apache1.3.x support
has
  been EOL upstream at ASF almost 1 year already.

With Hat:       apache@
Discussed with: httpd@dev.a.o, private@dev.a.o, #bsdports

07:34 ade 

Sync to new bsd.autotools.mk

06:22 pgollucci 

- forced commit, no changes, try to help QAT

05:55 pgollucci 

- Update to 2.0.64
- normalize patch-pcre.diff into makepatch format
- All 4 CVE patches are included upstream and part of 2.0.64
- part of the local apxs.in changes are upstream now too
- some patches were regenerated for offset updates

  ** There is NO security update here.  **

Changes:    http://www.apache.org/dist/httpd/CHANGES_2.0
With Hat:   apache@

<ChangeLog>
  *) SECURITY: CVE-2010-1452 (cve.mitre.org)
     mod_dav: Fix Handling of requests without a path segment.
     PR: 49246 [Mark Drayton, Jeff Trawick]

  *) SECURITY: CVE-2009-1891 (cve.mitre.org)
     Fix a potential Denial-of-Service attack against mod_deflate or other
     modules, by forcing the server to consume CPU time in compressing a
     large file after a client disconnects.  PR 39605.
     [Joe Orton, Ruediger Pluem]

  *) SECURITY: CVE-2009-3095 (cve.mitre.org)
     mod_proxy_ftp: sanity check authn credentials.
     [Stefan Fritsch <sf fritsch.de>, Joe Orton]

  *) SECURITY: CVE-2009-3094 (cve.mitre.org)
     mod_proxy_ftp: NULL pointer dereference on error paths.
     [Stefan Fritsch <sf fritsch.de>, Joe Orton]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
     attack when compiled against OpenSSL version 0.9.8m or later. Introduces
     the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
     and offer unsafe legacy renegotiation with clients which do not yet
     support the new secure renegotiation protocol, RFC 5746.
     [Joe Orton, and with thanks to the OpenSSL Team]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
     for OpenSSL versions prior to 0.9.8l; reject any client-initiated
     renegotiations. Forcibly disable keepalive for the connection if there
     is any buffered data readable. Any configuration which requires
     renegotiation for per-directory/location access control is still
     vulnerable, unless using openssl 0.9.8l or later.
     [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>,
      Rainer Jung]

  *) SECURITY: CVE-2010-0434 (cve.mitre.org)
     Ensure each subrequest has a shallow copy of headers_in so that the
     parent request headers are not corrupted.  Elimiates a problematic
     optimization in the case of no request body.  PR 48359
     [Jake Scott, William Rowe, Ruediger Pluem]

  *) SECURITY: CVE-2008-2364 (cve.mitre.org)
     mod_proxy_http: Better handling of excessive interim responses
     from origin server to prevent potential denial of service and high
     memory usage. Reported by Ryujiro Shibuya. [Ruediger Pluem,
     Joe Orton, Jim Jagielski]

  *) SECURITY: CVE-2010-0425 (cve.mitre.org)
     mod_isapi: Do not unload an isapi .dll module until the request
     processing is completed, avoiding orphaned callback pointers.
     [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]

  *) SECURITY: CVE-2008-2939 (cve.mitre.org)
     mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
     the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]

  *) Fix recursive ErrorDocument handling. PR 36090 [Chris Darroch]

  *) mod_ssl: Do not do overlapping memcpy. PR 45444 [Joe Orton]

  *) Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass
     through on a 304 response.  [Nick Kew]

  *) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
     [Philip M. Gollucci]
</ChangeLog>

11:52 ade 

Punt autoconf267->autoconf268

18:35 ade 

Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs

23:03 pgollucci 

- conflicts with www/apache22*

19:44 pgollucci 

- force a retry for QAT, no changes

19:30 pgollucci 

- Partial httpd SVN MFC of r15338
  [http://svn.apache.org/viewvc?view=revision&revision=153384]
  Essentially this internalizes the pcre POSIX API in the ap_ namespace.
  Thus fixing the use of an external pcre library and hence mod_redirect
  and other consumers.

- This includes an MMN bump which means you will need to recompile all your
  modules.  With ports this will happen when you upgrade via portmaster or
  portupgrade.  If you have any modules outside of ports they will need to
  be recompiled too.

- There is a small chance you will need to change some of your custom modules
  to adapt to the ap_regex_t and ap_regmatch_t api changes.

- For security, speed, maintenance, and simplification in the ports/ framework
  this route was chosen instead of reverting the devel/pcre change in 2.0.63_4.

PR:             ports/146604
Reported by:    Stefan Bethke <stb@lassitu.de>, serveral on ports@, apache@
With Hat:       apache@

23:59 pgollucci 

- Fix 5 seen in 3rd party module failures due to converting from bundled apr to
ports apr.

Reported by:    pav via pointyhat
With Hat:       apache@

19:38 pgollucci 

- lib/apache2 is empty and doesn't exist
- Bump PORTREVISION

Reported by:    Geraint Edwards <gedge@yadn.org> via apache@

19:27 pgollucci 

- whitespace only

04:51 pgollucci 

- Bump PORTREVISION

With Hat:   apache@

04:51 pgollucci 

- Whitespace

With Hat:   apache@

04:49 pgollucci 

- Force devel/apr0.  Bundled srclib/apr is never used now.

With Hat:   apache@

04:47 pgollucci 

- Whitespace only

With hat:   apache@

04:44 pgollucci 

- drop KQUEUE_SUPPORT, patch doesn't apply cleaning to devel/apr0

Patches to devel/apr0 are welcome, send-pr.

With Hat:   apache@

18:52 pgollucci 

By default suexec doesn't enforces different resource limitations configured in
login.conf(5). This is probably because resource limitations are handled
differently on various different platforms.

This modifies suexec behaviour to set resource limits for CGI's
from /etc/login.conf before execing the customers CGI script.

Doesn't affect default package, so no PORTREVISION bumps.

I will follow up at dev@httpd.apache.org to see about adding this
with #ifdefs.

PR:             ports/136928
Submitted by:   Alexey V.Degtyarev <alexey@renatasystems.org>
With Hat:       apache@

04:36 pgollucci 

- Fix some runtime devel/pcre conversion fallout
  the bundled pcre defined REG_NOSUB as 0 b/c its not used
  the devel/pcre port (8.0.0) defines it as 0x0020 which is causing havoc
  The REG_NOSUB was never used by pcre in www/apache20
  So, replace it with 0 in the www/apache20 code forcibly
- Bump PORTERVISION

PR:             ports/146399
Reported by:    ervin valentin <ervin23@gmail.com>
With Hat:       apache@

02:56 pgollucci 

- Carry the bundled apr patch through current freebsd versions.
  clement@ added this patch in 1.201 of Makefile for fbsd 6.x
  This only adds -funsigned-char to CFLAGS and I haven't seen
  it break anything or anyone report any issues with not having the update.
  It was also only neccessary in apr 0.9.x not apr 1.x+
  This was remove entirely in
http://svn.apache.org/viewvc?view=revision&revision=65257

- Bump PORTREVISION

With Hat:   apache@

01:13 pgollucci 

- Dupliate $] fix in apxs in www/apache22
- Rename rc.d script apache2.sh -> apache2
- Bump PORTREVISION

With Hat:   apache@

00:30 pgollucci 

- Fix openssl rengotiation patch [1]
- Fix the openssl from ports flag
- Bump PORTREVISION
- Also patch 2 more CVEs

 *) SECURITY: CVE-2010-0434 (cve.mitre.org)
     Ensure each subrequest has a shallow copy of headers_in so that the
     parent request headers are not corrupted.  Elimiates a problematic
     optimization in the case of no request body.  PR 48359
     [Jake Scott, William Rowe, Ruediger Pluem]

  *) SECURITY: CVE-2008-2364 (cve.mitre.org)
     mod_proxy_http: Better handling of excessive interim responses
     from origin server to prevent potential denial of service and high
     memory usage. Reported by Ryujiro Shibuya. [Ruediger Pluem,
     Joe Orton, Jim Jagielski]

PR:             ports/146389 [1]
Submitted by:   several [1]
With Hat:       apache@

23:57 pgollucci 

- Back out the OPTIONS framework for now.  Makefile.modules MODULES options
  also be in OPTIONS or they aren't passed to make.
  Thats one huge subtlety.  I'll fix this later, but don't have time now.

Reported by:    kevin brintnall <kbrint@qwest.net> via e-mail
Pointy hat:     myself
With Hat:       apache@

21:48 pgollucci 

- Fix -A and -a options for apxs to correctly ignore whitespace.
  This will fix about 100 pkg-plist left overs for httpd.conf
  apxs -A comments out the LoadModule line
  This adds custom FreeBSD mod to 'DELETE' the line so that it works with
  our pkg-plists in packages.
- Remove -s form the cmp httpd.conf in pkg-plist to be blatant about why
  it didn't get removed
- Bump PORTREVISION
- This will be in 2.0.64

PR:             ports/133704
Obtained from:  http://svn.apache.org/viewvc?rev=942211&view=rev
Reported by:    olli hauer <ohauer@gmx.de> (and very good pr!)
With Hat:       apache@

04:59 pgollucci 

- fix ldap support
  --with-ldap switches on LDAP library linking in apr-util
  --enable-ldap option switches on the LDAP caching module
  --enable-auth-ldap option switches on the LDAP authentication module
  also apply a custom patch to fix the linking
- add a missing quote to OPTIONS desc
- ldap is not in the default package, so no PORTREVISION bump

PR:             ports/128079
Reported by:    koitsu, skreuzer
With Hat:       apache@

03:22 pgollucci 

- duplicate www/apache22 re-fix for /etc/ftpusers in www/apache20

PR:             ports/144422
Reported by:    several
With hat:       apache@

01:56 pgollucci 

- Apply  SECURITY: CVE-2009-3555 (cve.mitre.org)
  to www/apache20 as well.

PR:             ports/140357
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>
With Hat:       apache@

01:42 pgollucci 

- Take stab at adding OPTIONS framework in limited capacity.
  Some options were intentionally omitted.
- Remove a legacy option kludge

PR:             ports/146199
Requested by:   Nick Hibma <nick@anywi.com>
With Hat:       apache@

01:29 pgollucci 

- Force devel/pcre and abandon the bundled pcre:
  0) its like 7yrs old
  0) the new version have speed,bug,&security fixes
  0) www/apache22 already does this
  0) www/apache23+ no longer bundle pcre [or apr* for that matter]
- Bump PORTREVISION

With Hat:   apache@

23:44 pgollucci 

- Set the ITK version.

With Hat:   apache@

21:10 pgollucci 

- Fix compile with security/openssl
- No PORTREVISION bump [security/openssl is not the default]

PR:             ports/146218
Submitted by:   Kazuo Dohzono <dohzono@axion-software.com>
Obtained from: 
http://mail-index.netbsd.org/pkgsrc-users/2009/08/25/msg010537.html
With Hat:       apache@

[I will contemplate sending this back to dev@httpd for branches/2.0.x for
2.0.64]

03:37 pgollucci 

- openssl patch is unconditionally applied

With Hat:   apache@

23:20 pgollucci 

- Fix another IGNORE message

23:19 pgollucci 

- Fix some whitespace
- Silence portlitn for IGNORE message

23:17 pgollucci 

- CFLAGS is already in CONFIGURE_ENV

With Hat:   apache@

23:16 pgollucci 

- add caudium14 conflict
- fix caudium12 conflict

With Hat:   apache@

21:05 pgollucci 

- Fix typo preventing install/deinstall when /etc/ftpusers was present

Note if you already have www/apache20 or www/apache22 installed this is
not worth updating for; however, you should verify your  [if you use it]
${PREFIX}/etc/apacheXX/extra/httpd-userdir.conf:
  DisableUser dir setting correct lists the users you don't want
  to have the ~/dir visible via http requests.

PR:             ports/144422
Reported by:    several
With hat:       apache@

04:44 dougb 

Cleanse uneeded RC_SUBR variables

Approved by:    pgolluci

19:36 mezz 

-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr

05:11 pgollucci 

- Backport apr-util security fixes pending the 2.2.12 release (forthcomming)

Security:      
http://www.vuxml.org/freebsd/eb9212f7-526b-11de-bbf2-001b77d09812
PR:             ports/135310
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>
With Hat:       apache

07:24 pgollucci 

- Mark SAFE apache@ ports MAKE_JOBS_SAFE=yes

14:13 pgollucci 

- Re-assign www/apache* ports to apache@
- Previous MATAINERs please welcome yourself to the apache@ team.

Approved by: portmgr (pav, flz), secteam (simon), clement

16:53 wxs 

- Remove conditional checks for FreeBSD 5.x and older

Approved by:    pav

23:04 clement 

- Revert previous patch to "fix" missing rc.d scripts. It
  actually breaks profiles.
- Fix CVE-2008-2939 for mod_proxy_ftp
  (XSS attacks when using wildcards in the path of the FTP URL)
- Bump PORTREVISION

18:58 clement 

- Fix plist when NOPORTDOCS is defined [1]
- Sometimes, rc scripts aren't included in package
  Try to fix this. [2]
- Bump PORTREVISION

PR:          ports/124671 [2]
Reported by: QA Tindy [1],
             George Donnelly [2]
Special thanks to: pgollucci@

06:18 rafan 

Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
 - Remove CONFIGURE_TARGET hack in various bsd.*.mk
 - USE_GNOME=gnometarget is now an no-op

Changes to individual ports, other than removing the CONFIGURE_TARGET hack:

= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
  - comms/gnuradio
  - science/abinit
  - science/elmer-fem
  - science/elmer-matc
  - science/elmer-meshgen2d
  - science/elmerfront
  - science/elmerpost

= use x86_64 as ARCH
  - devel/g-wrap

= other changes
  - print/magicfilter
    GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf

Total # of ports modified:  1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)

PR:             126524 (obsoletes 52917)
Submitted by:   rafan
Tested on:      two pointyhat 7-amd64 exp runs (by pav)
Approved by:    portmgr (pav)

00:57 ade 

Conversion from (now defunct) autoconf-2.61 to autoconf-2.62

Tested by:      exp build run (erwin)

03:07 clement 

- Workaround a sh segfault on 6-STABLE

Reported by:    many

15:00 clement 

- Update to 2.0.63
- Use BDB from bsd.database.mk instead of homebrew [1]

PR:             ports/119712 [1]
Submitted by:   mm [1]

04:47 linimon 

Switch autoconf dependencies from 2.53 or 2.59 to 2.61.

PR:             ports/116639
Submitted by:   aDe

19:18 clement 

- Fix profiles support in startup script [1]
- move envvars support to the beginning of apache2_checkconfig() to be
  sure we're using envvars during configtest [2]

PR:             ports/116401 [1],
                ports/116329 [2]
Submitted by:   kevin brintnall <kbrint@rufus.net> [1],
                Ruud Althuizen <ruud@il.fontys.nl>

14:48 clement 

- Re-add apache2ssl_enable support

Noticed by:      Oliver Brandmueller <ob at e-Gitt dot NET>

14:48 clement 

- Update to 2.0.61
- sync' startup script with www/apache22

11:41 gabor 

- Remove the DESTDIR modifications from individual ports as we have a new,
  fully chrooted DESTDIR, which does not need such any more.

Sponsored by:   Google Summer of Code 2007
Approved by:    portmgr (pav)

16:59 anders 

Remove thttpd from conflicts list, it has a different name for its
passwd program now.

Approved by:    maintainers/erwin

15:59 clement 

- Fix typo

15:47 clement 

- Add itk MPM
  mpm-itk allows you to run each of your vhost under a separate UID and GID
  WWW: http://home.samfundet.no/~sesse/mpm-itk/
- use LD_CONFIG

20:16 clement 

- Update to 2.0.59

20:26 clement 

- Fix security issue in mod_rewrite.
All people using mod_rewrite are strongly encouraged to update.

An off-by-one flaw exists in the Rewrite module, mod_rewrite.
Depending on the manner in which Apache httpd was compiled, this
software defect may result in a vulnerability which, in combination
with certain types of Rewrite rules in the web server configuration
files, could be triggered remotely.  For vulnerable builds, the nature
of the vulnerability can be denial of service (crashing of web server
processes) or potentially allow arbitrary code execution.
This issue has been rated as having important security impact
by the Apache HTTP Server Security Team

Updates to latest versions will follow soon.

Notified by:    so@ (simon)
Obtained from:  Apache Security Team
Security:       CVE-2006-3747

04:41 edwin 

Remove USE_REINPLACE from categories starting with W

19:50 clement 

- Remove obsolete patch which add support to Windows Update Service when
  apache acts as a proxy.

Reported by:    Bjoern Voigt <bjoern@cs.tu-berlin.de>

16:54 clement 

- Fix plist

Spotted by:     mnag
Pointy hat to:  clement

09:24 clement 

- Update to 2.0.58

10:40 ade 

Conversion to a single libtool environment.

Approved by:    portmgr (kris)

23:20 kuriyama 

Chase shlib bump of libexpat.

09:40 clement 

- Finish cleanups and fix build with threads enables.

08:22 clement 

- remove print-closest-mirror target from apache20 Makefile

Noticed by:     erwin, pav,  KOMATSU Shinichiro <koma2@lovepeers.org> [1]
PR:             ports/91849 [1]
Pointy hat to:  clement

18:58 clement 

Cleanups and fixes
- remove useless options (and fix thread stuff) [1]
- move print-closest-mirror to bsd.apache.mk
- move threads configure options out of Makefile.modules
- Fix stupid logic to disable v4mapped address [2]
- and more...

Submitted/spotted by:   many, Hirohisa Yamaguchi <umq@ueo.co.jp> [1]
                        ume[2]
PR:                     ports/91813 [1]

20:35 clement 

SECURITY: CVE-2005-3352 (cve.mitre.org)
     mod_imap: Escape untrusted referer header before outputting in HTML
     to avoid potential cross-site scripting.  Change also made to
     ap_escape_html so we escape quotes.  Reported by JPCERT.
     [Mark Cox]

Reported by:    simon

14:59 clement 

- Various package fixes
- Bump PORTREVISION

23:04 clement 

- resync' with www/apache2

06:52 ade 

Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.

18:58 fenner 

Use the proper syntax for groups when using ${MASTER_SITE_foo}

Approved by:    MAINTAINER timeout (2 weeks)

13:54 clement 

- Update to 2.0.55

08:39 clement 

- Apply openssl 0.9.8 fix by default. OpenSSL 0.9.8 is now the default
  from ports

Reported by:    erwin

22:29 clement 

- Hook www/apache20 to the build. It fixes some errors in INDEX build with
  exp build

Reported by:    kris

14:45 clement 

- Sync with www/apache2

10:04 clement 

- make sure SSL dependency doesn't exists if WITHOUT_MODULES_SSL is defined

10:10 clement 

- Add fix for CAN-2005-2088
From Changelog:
  *) SECURITY: CAN-2005-2088
     core: If a request contains both Transfer-Encoding and Content-Length
     headers, remove the Content-Length, mitigating some HTTP Request
     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]

- Rename previous patch to CVE ID
- bump PORTREVISION

Security:       CAN-2005-2088
Obtained From: Apache repository

08:25 clement 

Security: fix a buffer overrun in ssl_callback_SSLVerify_CRL()
Reported by:    thierry

09:09 clement 

- Sync with www/apache2