Franz Pletz
c9d11b8a1d
apacheHttpd: fix CVE-2017-9798 (Optionsbleed)
...
https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
2017-09-18 16:04:03 +02:00
Tuomas Tynkkynen
1ff422aa23
treewide: Add man & info outputs where necessary (instead of doc)
...
Because man & info pages won't be going to $doc after the next commit.
Scripted change for the files having one-package-per-file.
2017-08-11 21:32:54 +03:00
Franz Pletz
1f15b7c81b
apacheHttpd: 2.4.26 -> 2.4.27 for multiple CVEs
...
Fixes: CVE-2017-9788 CVE-2017-9789
See https://httpd.apache.org/security/vulnerabilities_24.html
2017-08-01 10:26:19 +02:00
Eelco Dolstra
8fc5beb855
httpd: 2.4.25 -> 2.4.26
...
CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679
2017-07-07 17:24:13 +02:00
Eelco Dolstra
4e5461127d
apache-httpd: Strip modules
...
We did this for 2.2 (cc61d31902
) but
lost this for 2.4. This reduces the Apache closure size from 312 MiB
to 102 MiB (primarily by getting rid of -dev outputs).
2017-03-20 17:30:47 +01:00
Robin Gloster
8769ddc823
apacheHttpd_2_2: remove
2017-01-27 15:33:54 +01:00
Graham Christensen
5ca180fa08
apacheHttpd: 2.4.23 -> 2.4.25 for
...
CVE-2016-8743, CVE-2016-2161, CVE-2016-0736
2016-12-28 20:36:46 -05:00
Tuomas Tynkkynen
a17216af4c
treewide: Shuffle outputs
...
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Franz Pletz
afb821fa15
apacheHttpd: use sha256 hash instead of sha1
2016-08-25 03:14:40 +02:00
Franz Pletz
4cb7272537
apacheHttpd: 2.4.20 -> 2.4.23 (security)
...
Fixes CVE-2016-4979.
2016-08-25 03:10:02 +02:00
Eelco Dolstra
c51af01325
apache-httpd: 2.4.18 -> 2.4.20
...
CVE-2016-1546
2016-06-20 15:17:12 +02:00
Tuomas Tynkkynen
7fb29bfa73
treewide: Make explicit that 'dev' output of zlib is used
2016-05-19 10:04:38 +02:00
Tuomas Tynkkynen
d42e94472d
treewide: Make explicit that 'dev' output of pcre is used
2016-05-19 10:02:28 +02:00
Tuomas Tynkkynen
2a73de6e6c
treewide: Make explicit that 'dev' output of openssl is used
2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
d298b52fd3
treewide: Make explicit that 'dev' output of aprutil is used
2016-05-19 10:00:25 +02:00
Tuomas Tynkkynen
29694b43b6
treewide: Make explicit that 'dev' output of apr is used
2016-05-19 10:00:24 +02:00
Peter Simons
8e462995ba
Bring my stdenv.lib.maintainers user name in line with my github nick.
2016-05-16 22:49:55 +02:00
Eelco Dolstra
b4bf432709
nghttp2: 1.8.0 -> 1.9.2, unify with libnghttp2, and use multiple outputs
...
Note: I ignored the C++ libraries, but it appears we're not currently
using them. Once we do, we'll probably want to put them in a separate
output as well (to prevent non-C++ users from depending on Boost).
2016-04-18 21:13:18 +02:00
Vladimír Čunát
ab15a62c68
Merge branch 'master' into closure-size
...
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
zimbatm
eac89788da
apacheHttpd: add support for HTTP/2
...
In NixOS you can enable HTTP/2 like this:
services.httpd.extraModules = [ "http2" ];
services.httpd.extraConfig = ''
Protocols h2 http/1.1
'';
2016-03-12 15:31:23 +00:00
Vladimír Čunát
f9f6f41bff
Merge branch 'master' into closure-size
...
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Robin Gloster
566c06c5a7
apacheHttpd: 2.4.17 -> 2.4.18
2015-12-27 21:31:30 +00:00
Vladimír Čunát
6cc57be289
apache modules: fix build problems
...
pkgs.mod_evasive was removed, because that combination isn't supported
(according to an assertion).
2015-12-05 13:16:55 +01:00
Vladimír Čunát
2709a815e5
apache-httpd-2.2: fix build
...
It was broken by interaction with b81515c2
.
I should've tested both versions before pushing 34b5d193c0
.
2015-12-05 11:59:10 +01:00
Vladimír Čunát
34b5d193c0
apache*: don't change layout in $out WRT master
2015-12-04 15:27:32 +01:00
Vladimír Čunát
333d69a5f0
Merge staging into closure-size
...
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Tuomas Tynkkynen
f302d78d6c
apacheHttpd_2_4: Port multiple-output changes from 2.2
2015-10-28 10:23:03 +01:00
Tuomas Tynkkynen
7a68c25baf
apacheHttpd_2_2: Remove obsolete cruft
2015-10-28 10:23:02 +01:00
Tuomas Tynkkynen
b81515c2d4
apacheHttpd_2_2: Fix setting installbuilddir
...
Otherwise mod_dnssd doesn't build.
Also move apxs to $dev.
2015-10-28 10:23:02 +01:00
Jude Taylor
f35f421d60
apache-httpd: add libiconv for darwin
2015-10-23 10:57:43 -07:00
Robin Gloster
8521bc097c
apacheHttpd: 2.4.16 -> 2.4.17
2015-10-18 17:42:55 +00:00
Vladimír Čunát
38313d5d87
libxml2,libxslt: split into multiple outputs
...
Fixed all references, hopefully.
libxml2Python is slightly hacky now, but it seems to work.
2015-10-05 13:44:16 +02:00
Tuomas Tynkkynen
7cd13b9003
apache-httpd: Enable SSL via buildInputs
...
The old approach doesn't seem to work with multiple outputs.
2015-10-03 14:08:53 +02:00
Vladimír Čunát
5227fb1dd5
Merge commit staging+systemd into closure-size
...
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
Robert Scott
1dca2fba7f
apache-httpd: update minor versions of both 2.2 and 2.4 for security-related fixes
2015-07-25 15:40:29 +01:00
Vladimír Čunát
bf414c9d4f
Merge 'staging' into closure-size
...
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes
Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
2015-04-18 11:22:20 +02:00
Eelco Dolstra
b1ec8e6c64
apache-httpd: Update to 2.4.12
...
CVE-2014-3583, CVE-2014-3581, CVE-2014-8109, CVE-2013-5704.
2015-02-24 16:10:55 +01:00
Eelco Dolstra
db4053fb59
httpd-2.2: Enable building of mod_cache and friends
2014-11-11 10:39:24 +01:00
Eelco Dolstra
8e40703f6c
apache-httpd: Update to 2.2.29
...
CVE-2014-0118, CVE-2014-0231, CVE-2014-0226, CVE-2013-5704.
2014-09-24 21:04:24 +02:00
Vladimír Čunát
381dcb1d98
various packages fixed
2014-08-30 23:30:31 +02:00
Vladimír Čunát
96cec2a7bd
Merge 'staging' into multiple-outputs
...
Conflicts:
pkgs/applications/audio/flac/default.nix
pkgs/build-support/gcc-wrapper/builder.sh
pkgs/development/libraries/apr-util/default.nix
pkgs/development/libraries/apr/default.nix
pkgs/development/libraries/atk/default.nix
pkgs/development/libraries/freetype/default.nix
pkgs/development/libraries/gdk-pixbuf/default.nix
pkgs/development/libraries/glib/default.nix
pkgs/development/libraries/glibc/2.17/builder.sh
pkgs/development/libraries/glibc/2.17/locales.nix
pkgs/development/libraries/libjpeg/default.nix
pkgs/development/libraries/libogg/default.nix
pkgs/development/libraries/libsamplerate/default.nix
pkgs/development/libraries/libtiff/default.nix
pkgs/development/libraries/libvorbis/default.nix
pkgs/development/libraries/mesa/default.nix
pkgs/development/libraries/pango/default.nix
pkgs/development/web/nodejs/default.nix
pkgs/os-specific/linux/pam/default.nix
pkgs/os-specific/linux/systemd/default.nix
pkgs/stdenv/generic/setup.sh
pkgs/stdenv/linux/default.nix
pkgs/top-level/all-packages.nix
pkgs/top-level/release-small.nix
2014-08-23 16:04:53 +02:00
Marc Weber
ba154ec9d4
apache 2_4 update, fixes some CVE's
...
See http://www.apache.org/dist/httpd/Announcement2.4.html It compiles,
didn't run it. I guess minor update doesn't cause much trouble even
though there are some new features
2014-07-24 18:10:10 +02:00
Eelco Dolstra
65a78e16f1
httpd: Update to 2.2.27
...
CVE-2013-6438, CVE-2014-0098
2014-05-01 11:48:56 +02:00
Peter Simons
2d4919dbb4
apacheHttpd_2_4: update from 2.4.7 to 2.4.9
2014-04-09 12:41:11 +02:00
Evgeny Egorochkin
c67f562d5e
add branch info
2014-02-18 04:13:45 +02:00
Peter Simons
0266ac9c30
apache-httpd-2.4: revert "enable building the 'event'-based mpm worker"
...
Commit 0c3d910cd027a926ffc8538ea60cf2da099d7808 didn't have any effect.
The 'event' MPM module isn't built because our version of APR is too old.
2014-01-08 13:17:40 +01:00
Peter Simons
cdfd953ffa
apache-httpd-2.4: enable building the 'event'-based mpm worker
...
Adding "LoadModule mpm_event_module modules/mod_mpm_event.so" to httpd.conf
enables that worker instead of the default choice.
2013-12-29 12:52:54 +01:00
Nixpkgs Monitor
6996067dcf
apacheHttpd_2_4: update from 2.4.6 to 2.4.7
2013-12-09 10:49:00 +02:00
Nixpkgs Monitor
e523fdfc47
apacheHttpd: update from 2.2.25 to 2.2.26
2013-12-09 10:47:10 +02:00
Eelco Dolstra
01087750ba
Don't build some packages on some platforms
2013-11-04 21:11:00 +01:00