Franz Pletz
c9d11b8a1d
apacheHttpd: fix CVE-2017-9798 (Optionsbleed)
...
https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
2017-09-18 16:04:03 +02:00
Tuomas Tynkkynen
1ff422aa23
treewide: Add man & info outputs where necessary (instead of doc)
...
Because man & info pages won't be going to $doc after the next commit.
Scripted change for the files having one-package-per-file.
2017-08-11 21:32:54 +03:00
Franz Pletz
1f15b7c81b
apacheHttpd: 2.4.26 -> 2.4.27 for multiple CVEs
...
Fixes: CVE-2017-9788 CVE-2017-9789
See https://httpd.apache.org/security/vulnerabilities_24.html
2017-08-01 10:26:19 +02:00
Eelco Dolstra
8fc5beb855
httpd: 2.4.25 -> 2.4.26
...
CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679
2017-07-07 17:24:13 +02:00
Eelco Dolstra
4e5461127d
apache-httpd: Strip modules
...
We did this for 2.2 (cc61d31902
) but
lost this for 2.4. This reduces the Apache closure size from 312 MiB
to 102 MiB (primarily by getting rid of -dev outputs).
2017-03-20 17:30:47 +01:00
Graham Christensen
5ca180fa08
apacheHttpd: 2.4.23 -> 2.4.25 for
...
CVE-2016-8743, CVE-2016-2161, CVE-2016-0736
2016-12-28 20:36:46 -05:00
Tuomas Tynkkynen
a17216af4c
treewide: Shuffle outputs
...
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Franz Pletz
afb821fa15
apacheHttpd: use sha256 hash instead of sha1
2016-08-25 03:14:40 +02:00
Franz Pletz
4cb7272537
apacheHttpd: 2.4.20 -> 2.4.23 (security)
...
Fixes CVE-2016-4979.
2016-08-25 03:10:02 +02:00
Eelco Dolstra
c51af01325
apache-httpd: 2.4.18 -> 2.4.20
...
CVE-2016-1546
2016-06-20 15:17:12 +02:00
Tuomas Tynkkynen
7fb29bfa73
treewide: Make explicit that 'dev' output of zlib is used
2016-05-19 10:04:38 +02:00
Tuomas Tynkkynen
d42e94472d
treewide: Make explicit that 'dev' output of pcre is used
2016-05-19 10:02:28 +02:00
Tuomas Tynkkynen
d298b52fd3
treewide: Make explicit that 'dev' output of aprutil is used
2016-05-19 10:00:25 +02:00
Tuomas Tynkkynen
29694b43b6
treewide: Make explicit that 'dev' output of apr is used
2016-05-19 10:00:24 +02:00
Peter Simons
8e462995ba
Bring my stdenv.lib.maintainers user name in line with my github nick.
2016-05-16 22:49:55 +02:00
Eelco Dolstra
b4bf432709
nghttp2: 1.8.0 -> 1.9.2, unify with libnghttp2, and use multiple outputs
...
Note: I ignored the C++ libraries, but it appears we're not currently
using them. Once we do, we'll probably want to put them in a separate
output as well (to prevent non-C++ users from depending on Boost).
2016-04-18 21:13:18 +02:00
Vladimír Čunát
ab15a62c68
Merge branch 'master' into closure-size
...
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
zimbatm
eac89788da
apacheHttpd: add support for HTTP/2
...
In NixOS you can enable HTTP/2 like this:
services.httpd.extraModules = [ "http2" ];
services.httpd.extraConfig = ''
Protocols h2 http/1.1
'';
2016-03-12 15:31:23 +00:00
Vladimír Čunát
f9f6f41bff
Merge branch 'master' into closure-size
...
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Robin Gloster
566c06c5a7
apacheHttpd: 2.4.17 -> 2.4.18
2015-12-27 21:31:30 +00:00
Vladimír Čunát
6cc57be289
apache modules: fix build problems
...
pkgs.mod_evasive was removed, because that combination isn't supported
(according to an assertion).
2015-12-05 13:16:55 +01:00
Vladimír Čunát
34b5d193c0
apache*: don't change layout in $out WRT master
2015-12-04 15:27:32 +01:00
Vladimír Čunát
333d69a5f0
Merge staging into closure-size
...
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Tuomas Tynkkynen
f302d78d6c
apacheHttpd_2_4: Port multiple-output changes from 2.2
2015-10-28 10:23:03 +01:00
Jude Taylor
f35f421d60
apache-httpd: add libiconv for darwin
2015-10-23 10:57:43 -07:00
Robin Gloster
8521bc097c
apacheHttpd: 2.4.16 -> 2.4.17
2015-10-18 17:42:55 +00:00
Vladimír Čunát
38313d5d87
libxml2,libxslt: split into multiple outputs
...
Fixed all references, hopefully.
libxml2Python is slightly hacky now, but it seems to work.
2015-10-05 13:44:16 +02:00
Tuomas Tynkkynen
7cd13b9003
apache-httpd: Enable SSL via buildInputs
...
The old approach doesn't seem to work with multiple outputs.
2015-10-03 14:08:53 +02:00
Robert Scott
1dca2fba7f
apache-httpd: update minor versions of both 2.2 and 2.4 for security-related fixes
2015-07-25 15:40:29 +01:00
Eelco Dolstra
b1ec8e6c64
apache-httpd: Update to 2.4.12
...
CVE-2014-3583, CVE-2014-3581, CVE-2014-8109, CVE-2013-5704.
2015-02-24 16:10:55 +01:00
Marc Weber
ba154ec9d4
apache 2_4 update, fixes some CVE's
...
See http://www.apache.org/dist/httpd/Announcement2.4.html It compiles,
didn't run it. I guess minor update doesn't cause much trouble even
though there are some new features
2014-07-24 18:10:10 +02:00
Peter Simons
2d4919dbb4
apacheHttpd_2_4: update from 2.4.7 to 2.4.9
2014-04-09 12:41:11 +02:00
Peter Simons
0266ac9c30
apache-httpd-2.4: revert "enable building the 'event'-based mpm worker"
...
Commit 0c3d910cd027a926ffc8538ea60cf2da099d7808 didn't have any effect.
The 'event' MPM module isn't built because our version of APR is too old.
2014-01-08 13:17:40 +01:00
Peter Simons
cdfd953ffa
apache-httpd-2.4: enable building the 'event'-based mpm worker
...
Adding "LoadModule mpm_event_module modules/mod_mpm_event.so" to httpd.conf
enables that worker instead of the default choice.
2013-12-29 12:52:54 +01:00
Nixpkgs Monitor
6996067dcf
apacheHttpd_2_4: update from 2.4.6 to 2.4.7
2013-12-09 10:49:00 +02:00
Eelco Dolstra
01087750ba
Don't build some packages on some platforms
2013-11-04 21:11:00 +01:00
Eelco Dolstra
798ce14839
apache-httpd: Update to 2.4.6
2013-11-04 21:10:59 +01:00
Jason \"Don\" O'Conal
ccb7715de8
apacheHttpd_2_4: fix build on darwin
2013-07-07 13:46:43 +02:00
Eelco Dolstra
f2f860bd29
httpd: Update to 2.4.4
...
CVE-2012-3499, CVE-2012-4558
2013-02-27 14:43:00 +01:00
aszlig
0b592ce677
apache-httpd/2.4: Add modules for NixOS service.
...
The NixOS service module loads those modules by default. So we need to build
them here as well.
I'm not really sure why these modules are included by default, because (except
from maybe CGI) they obviously are only usable in very rare cases. Am I wrong?
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 15:56:08 +02:00
aszlig
2f3dcb9dd2
apache-httpd/2.4: Fix libxml2 support.
...
The reason because the configure script is unnable to find libxml2 is because it
is searching for a header file in `libxml/*.h`. Obviously this cases an error,
because it's actually in `${libxml2}/include/libxml2/libxml/*.h`, so let's add
the parent directory to --with-libxml2 and remove the comment from buildInputs.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-17 15:56:07 +02:00
Peter Simons
a596022d80
apache-httpd: update to version 2.4.3
2012-09-27 13:46:50 +02:00
Peter Simons
b98782f339
apache-httpd-2.4: build MPMs as DSOs so that the desired one can be selected at run-time
2012-07-07 09:09:05 +02:00
Peter Simons
32449b5ae6
apache-httpd-2.4: replace use of tabs with blanks
2012-07-07 08:57:53 +02:00
Peter Simons
ea1d479afb
apache-httpd-2.4: ensure that libgcc_s can be found at run-time
2012-07-07 08:57:28 +02:00
Peter Simons
c870b80512
apache: add version 2.4
2012-07-07 08:47:19 +02:00