Peter Simons
2017158b53
apache-httpd: 2.4.38 -> 2.4.39 (CVE-2019-0211)
...
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or
prefork, code executing in less-privileged child processes or
threads (including scripts executed by an in-process scripting interpreter)
could execute arbitrary code with the privileges of the parent process (usually
root) by manipulating the scoreboard.
2019-04-02 09:46:25 +02:00
R. RyanTM
61bcf59e1d
apacheHttpd: 2.4.37 -> 2.4.38
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/apache-httpd/versions
2019-01-28 17:32:40 -08:00
R. RyanTM
8e24ea925b
apacheHttpd: 2.4.35 -> 2.4.37
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/apache-httpd/versions
2018-11-10 08:43:41 -08:00
Aaron Andersen
74e6e05479
apacheHttpd: add lynx binary path to apachectl
2018-10-11 20:37:55 -04:00
R. RyanTM
524c2120f9
apacheHttpd: 2.4.34 -> 2.4.35
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/apache-httpd/versions
2018-09-25 07:25:14 -07:00
John Ericson
85a9913edd
treewide: Make more complicated configureFlags lists
2018-08-03 17:06:03 -04:00
R. RyanTM
2c2f107a96
apacheHttpd: 2.4.33 -> 2.4.34
...
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/apache-httpd/versions .
2018-07-18 17:24:59 -07:00
Tristan Helmich
737bf1d229
apacheHttpd: 2.4.29 -> 2.4.33
2018-03-27 15:38:49 +02:00
Orivej Desh
729f97ef9b
apache-httpd: respect review in #33481
2018-01-06 18:40:44 +00:00
Eli Flanagan
f95d92ee96
apache-httpd: enable brotli support
2018-01-06 18:42:02 +01:00
Eli Flanagan
5a07d169bf
apache-httpd: 2.4.28 -> 2.4.29
2017-10-24 17:14:50 +02:00
Franz Pletz
0a9825a7f5
apacheHttpd: 2.4.27 -> 2.4.28
2017-10-07 04:04:20 +02:00
Franz Pletz
c9d11b8a1d
apacheHttpd: fix CVE-2017-9798 (Optionsbleed)
...
https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
2017-09-18 16:04:03 +02:00
Tuomas Tynkkynen
1ff422aa23
treewide: Add man & info outputs where necessary (instead of doc)
...
Because man & info pages won't be going to $doc after the next commit.
Scripted change for the files having one-package-per-file.
2017-08-11 21:32:54 +03:00
Franz Pletz
1f15b7c81b
apacheHttpd: 2.4.26 -> 2.4.27 for multiple CVEs
...
Fixes: CVE-2017-9788 CVE-2017-9789
See https://httpd.apache.org/security/vulnerabilities_24.html
2017-08-01 10:26:19 +02:00
Eelco Dolstra
8fc5beb855
httpd: 2.4.25 -> 2.4.26
...
CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679
2017-07-07 17:24:13 +02:00
Eelco Dolstra
4e5461127d
apache-httpd: Strip modules
...
We did this for 2.2 (cc61d31902
) but
lost this for 2.4. This reduces the Apache closure size from 312 MiB
to 102 MiB (primarily by getting rid of -dev outputs).
2017-03-20 17:30:47 +01:00
Robin Gloster
8769ddc823
apacheHttpd_2_2: remove
2017-01-27 15:33:54 +01:00
Graham Christensen
5ca180fa08
apacheHttpd: 2.4.23 -> 2.4.25 for
...
CVE-2016-8743, CVE-2016-2161, CVE-2016-0736
2016-12-28 20:36:46 -05:00
Tuomas Tynkkynen
a17216af4c
treewide: Shuffle outputs
...
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Franz Pletz
afb821fa15
apacheHttpd: use sha256 hash instead of sha1
2016-08-25 03:14:40 +02:00
Franz Pletz
4cb7272537
apacheHttpd: 2.4.20 -> 2.4.23 (security)
...
Fixes CVE-2016-4979.
2016-08-25 03:10:02 +02:00
Eelco Dolstra
c51af01325
apache-httpd: 2.4.18 -> 2.4.20
...
CVE-2016-1546
2016-06-20 15:17:12 +02:00
Tuomas Tynkkynen
7fb29bfa73
treewide: Make explicit that 'dev' output of zlib is used
2016-05-19 10:04:38 +02:00
Tuomas Tynkkynen
d42e94472d
treewide: Make explicit that 'dev' output of pcre is used
2016-05-19 10:02:28 +02:00
Tuomas Tynkkynen
2a73de6e6c
treewide: Make explicit that 'dev' output of openssl is used
2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
d298b52fd3
treewide: Make explicit that 'dev' output of aprutil is used
2016-05-19 10:00:25 +02:00
Tuomas Tynkkynen
29694b43b6
treewide: Make explicit that 'dev' output of apr is used
2016-05-19 10:00:24 +02:00
Peter Simons
8e462995ba
Bring my stdenv.lib.maintainers user name in line with my github nick.
2016-05-16 22:49:55 +02:00
Eelco Dolstra
b4bf432709
nghttp2: 1.8.0 -> 1.9.2, unify with libnghttp2, and use multiple outputs
...
Note: I ignored the C++ libraries, but it appears we're not currently
using them. Once we do, we'll probably want to put them in a separate
output as well (to prevent non-C++ users from depending on Boost).
2016-04-18 21:13:18 +02:00
Vladimír Čunát
ab15a62c68
Merge branch 'master' into closure-size
...
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
zimbatm
eac89788da
apacheHttpd: add support for HTTP/2
...
In NixOS you can enable HTTP/2 like this:
services.httpd.extraModules = [ "http2" ];
services.httpd.extraConfig = ''
Protocols h2 http/1.1
'';
2016-03-12 15:31:23 +00:00
Vladimír Čunát
f9f6f41bff
Merge branch 'master' into closure-size
...
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Robin Gloster
566c06c5a7
apacheHttpd: 2.4.17 -> 2.4.18
2015-12-27 21:31:30 +00:00
Vladimír Čunát
6cc57be289
apache modules: fix build problems
...
pkgs.mod_evasive was removed, because that combination isn't supported
(according to an assertion).
2015-12-05 13:16:55 +01:00
Vladimír Čunát
2709a815e5
apache-httpd-2.2: fix build
...
It was broken by interaction with b81515c2
.
I should've tested both versions before pushing 34b5d193c0
.
2015-12-05 11:59:10 +01:00
Vladimír Čunát
34b5d193c0
apache*: don't change layout in $out WRT master
2015-12-04 15:27:32 +01:00
Vladimír Čunát
333d69a5f0
Merge staging into closure-size
...
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Tuomas Tynkkynen
f302d78d6c
apacheHttpd_2_4: Port multiple-output changes from 2.2
2015-10-28 10:23:03 +01:00
Tuomas Tynkkynen
7a68c25baf
apacheHttpd_2_2: Remove obsolete cruft
2015-10-28 10:23:02 +01:00
Tuomas Tynkkynen
b81515c2d4
apacheHttpd_2_2: Fix setting installbuilddir
...
Otherwise mod_dnssd doesn't build.
Also move apxs to $dev.
2015-10-28 10:23:02 +01:00
Jude Taylor
f35f421d60
apache-httpd: add libiconv for darwin
2015-10-23 10:57:43 -07:00
Robin Gloster
8521bc097c
apacheHttpd: 2.4.16 -> 2.4.17
2015-10-18 17:42:55 +00:00
Vladimír Čunát
38313d5d87
libxml2,libxslt: split into multiple outputs
...
Fixed all references, hopefully.
libxml2Python is slightly hacky now, but it seems to work.
2015-10-05 13:44:16 +02:00
Tuomas Tynkkynen
7cd13b9003
apache-httpd: Enable SSL via buildInputs
...
The old approach doesn't seem to work with multiple outputs.
2015-10-03 14:08:53 +02:00
Vladimír Čunát
5227fb1dd5
Merge commit staging+systemd into closure-size
...
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
Robert Scott
1dca2fba7f
apache-httpd: update minor versions of both 2.2 and 2.4 for security-related fixes
2015-07-25 15:40:29 +01:00
Vladimír Čunát
bf414c9d4f
Merge 'staging' into closure-size
...
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes
Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
2015-04-18 11:22:20 +02:00
Eelco Dolstra
b1ec8e6c64
apache-httpd: Update to 2.4.12
...
CVE-2014-3583, CVE-2014-3581, CVE-2014-8109, CVE-2013-5704.
2015-02-24 16:10:55 +01:00
Eelco Dolstra
db4053fb59
httpd-2.2: Enable building of mod_cache and friends
2014-11-11 10:39:24 +01:00