cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
71,307 Commits 1 Branch 0 Tags 544 MiB
a2a4ea383a
Commit Graph

95 Commits

Author SHA1 Message Date
gsoares
7898a82eb0 SECURITY FIX for lighttpd: 
(CVE-2011-4362: out of bounds read due to a signedness error)

OK jasper, brad(maintainer), sthen
 2011-12-01 12:17:11 +00:00
sthen
2132e022a6 lighttpd patches; 
- let HEAD for 0-byte files return the Content-Length, from upstream via Brad
- implement reloads (graceful restart) in rc, from Ben Lovett via Brad
 2011-10-09 20:42:33 +00:00
sthen
817de92022 Fix mod_status bug: always showed "0/0" in the "Read" column for uploads. 
From Brad.
 2011-10-07 20:04:39 +00:00
espie
58fffade54 normalize pkgpath 2011-09-16 12:00:05 +00:00
sthen
5b9d7d9e95 fixes from lighttpd upstream via Brad (maintainer) 
- Add static-file.disable-pathinfo option to prevent handling of
  urls like .../secret.php/image.jpg as static file.
- Don't overwrite 401 (auth required) with 501 (unknown method).
 2011-09-06 08:49:51 +00:00
sthen
3c594e3ee9 lighttpd bugfix: Limit amount of bytes we send in one go; fixes stalling in one 
connection and timeouts on slow systems. From upstream via Brad (maintainer)
 2011-08-24 21:28:09 +00:00
sthen
076483e0f2 update lighttpd to 1.4.29, from Brad 
- while there, remove patch-src_server_c too, all the various /dev/*random
are equivalent now, ok Brad
 2011-07-07 14:34:36 +00:00
sthen
5262fc0208 - backport a patch from upstream to avoid a conflict between OpenSSL and 
internal implementations of MD5. Fixes SSL problems with some clients.

From Brad
 2011-04-25 09:39:36 +00:00
sthen
12db8b934a switch to autoconf 2.67, from Brad. config.h's checked. 2011-04-15 21:43:13 +00:00
sthen
00582ef96a Bump ports which should be using newer autoconf to 2.65; 
config.h files checked.  From Brad.
 2011-03-26 10:05:24 +00:00
sthen
9371498af4 add an rc script for lighttpd; ok brad and ajacoutot@ 2011-03-23 12:47:24 +00:00
sthen
bd91594371 Fixes from upstream via Brad (maintainer) 
* mod_proxy: fix delayed connect
* mod_cgi: make read buffer as big as incoming data block
* ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman
key exchange (add ssl.use-sslv3)

While there, update autoconf version comment, should be 2.67.
 2011-03-20 13:42:53 +00:00
jasper
90847ee882 - remove USE_GROFF=Yes, manpages checked by brad. 
from brad (MAINTAINER)
 2011-01-15 10:56:51 +00:00
espie
9ff53f35ab remaining WANTLIB go .>= to >= 2010-11-22 10:16:08 +00:00
espie
e50b98837f new depends 2010-11-22 08:36:47 +00:00
espie
5c69e94e9f every WANTLIB that's linked to the build should be okay 2010-11-11 19:56:19 +00:00
sthen
89d5cdea52 new-style LIB_DEPENDS/REVISION/WANTLIB 2010-11-11 12:35:09 +00:00
jasper
6e9d6bc608 - unbreak https 
from brad (MAINTAINER)
 2010-11-07 19:13:40 +00:00
espie
c82c4422b0 USE_GROFF=Yes 2010-10-19 08:02:53 +00:00
sthen
d425867587 Fix lighttpd mod_proxy waiting for response even if content-length is 0. 
From upstream via Brad.
 2010-09-17 21:59:43 +00:00
sthen
92545e9199 update lighttpd to 1.4.28 (a couple of small changes only); from Brad. 2010-08-23 22:44:10 +00:00
sthen
19895d4c56 lighttpd 1.4.27; various fixes/cleanup. From Brad, small conf tweak from me. 2010-08-18 11:16:55 +00:00
sthen
2fe5ee4af4 fix gcc2 build; from Brad, tested by Sevan who submitted a different 
diff to fix the same problem.
 2010-07-06 17:17:50 +00:00
sthen
0ca01b0f74 Fix from upstream via Brad: 
Check uri instead of physical path for directory redirect.
Should fix alias handling for "/foo" => "/var/www/";
http://example.com/foo should result in a redirect to
http://example.com/foo/
 2010-04-18 08:24:31 +00:00
sthen
d9712547e1 mod_proxy fixes, from upstream via Brad 2010-04-09 11:06:22 +00:00
sthen
a6aa965fae update to 1.4.26, from Brad 2010-03-21 09:56:55 +00:00
sthen
639fea5f60 SECURITY fix for CVE-2010-0295 DoS issue. 
http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt

From Brad, ok ajacoutot@ jasper@
 2010-02-02 08:10:29 +00:00
sthen
19df8d0e1f Add a patch from upstream via Brad; fix request parser to handle packets 
with splitted \r\n\r\n. (http://redmine.lighttpd.net/issues/2105)
 2009-12-13 22:06:24 +00:00
sthen
a95ebdea4d update to 1.4.25, from Brad 2009-11-25 23:06:53 +00:00
sthen
ef98216b12 add patches from upstream via Brad: 
- disable warning "CLOSE-read"
- reset tlsext_server_name in connection_reset - fixes random
hostnames in the $HTTP["host"] conditional
- mod_fastcgi: fix mod_fastcgi packet parsing
- mod_fastcgi: Don't reconnect after connect() succeeded
 2009-11-08 13:16:40 +00:00
sthen
b518dd066d update to 1.4.24, from Brad (maintainer). 2009-10-27 23:02:11 +00:00
sthen
bef8b743d2 Fix If-Modified-Since bug with daylight saving time; from upstream 
repo via Brad.
 2009-08-11 21:55:27 +00:00
sthen
bcb6ce4f58 Add information about keep-alive connections to mod_status. 
From upstream repo, via Brad.
 2009-06-22 09:28:07 +00:00
sthen
d622c6aaee Bugfix update to 1.4.23; from Brad. 2009-06-19 23:12:03 +00:00
sthen
0f5dadbf43 remove internal spawn-fcgi in favour of a RUN_DEPENDS on www/spawn-fcgi 2009-03-16 17:15:34 +00:00
sthen
7d8c2ce209 update to 1.4.22, from Brad (maintainer). Fixes regressions with 1.4.21 
(notably: default vhost in mod_simple_vhost, segfault in mod_scgi).
 2009-03-08 11:13:43 +00:00
sthen
f0fef5a77a update to 1.4.21 and tidy Makefile from Brad; lots of bug fixes. 2009-02-17 12:44:17 +00:00
brad
1aaf868654 Upgrade to lighttpd 1.4.20. Large bug fix update. 
Tested by a number of users.
 2008-10-23 20:29:17 +00:00
jasper
bfe8448a3a - Handle EINTR in mod_cgi during write() 
- Fix mod_magnet to set con->mode = p->id if it generates content,
  so returning 4xx/5xx doesn't append an error page

from brad@
 2008-04-25 10:23:07 +00:00
jasper
5631075d51 - tweak sample config file to chroot(), use kqueue and bind to ipv4 and ipv6 
- install documentation

from brad@ (with the docs part from me)
 2008-04-16 20:42:35 +00:00
jasper
e6db108b7c - fix typos in the previous ssl fix; 
from lighttpd svn (changeset 2144); via brad@
 2008-04-08 19:11:40 +00:00
jasper
2d090ef045 SECURITY FIX for http://secunia.com/advisories/29544/ 
lighttpd OpenSSL Error Queue Denial of Service Vulnerability

patches from upstream svn, via brad@
 2008-04-03 10:18:15 +00:00
brad
34929ca49e upgrade to lighttpd 1.4.19. security and bug fix update. CVE-2008-1270 
looks good jasper@
 2008-03-16 18:43:31 +00:00
jasper
d7498b80d4 - SECURITY FIX for CVE-2008-0983 
( http://secunia.com/cve_reference/CVE-2008-0983/ )
- add a patch to fix issues with group permissions,
  provided by Antti Harri ( already accepted upstream )

ok naddy@ brad@ (MAINTAINER)
 2008-03-02 10:04:22 +00:00
rui
77a9e6848f SECURITY: update lighttpd to 1.4.18, from brad. 
Reference: http://secunia.com/advisories/26732/

ok jasper@
 2007-09-10 20:41:59 +00:00
kili
eb4770dc84 Change Brads email address for now, so people can reach him instead of 
getting bounces or 550s. Bump pkgnames. While here, remove quotes from
comments.

prompted by espie@
 2007-09-01 20:11:21 +00:00
rui
26a21ce500 update lighttpd to 1.4.17, from brad. 
ok jasper@
 2007-08-31 10:10:17 +00:00
todd
c062d94790 target:: -> target: typo cleanup; no functional change, no pkg bump 
from brad
 2007-07-26 03:54:06 +00:00
rui
9057741b45 update lighttpd to 1.4.16 
ok brad (maintainer), simon@
 2007-07-25 21:31:46 +00:00
rui
41ffa063ff roll in some distribution patches which fix multiple vulnerabilities. 
Reference: http://secunia.com/advisories/26130/

ok kili@, simon@
 2007-07-22 19:44:17 +00:00