You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2012/09/11 16:08:54 UTC
svn commit: r835 - /release/httpd/
Author: jim
Date: Tue Sep 11 14:08:50 2012
New Revision: 835
Log:
Push out 2.2.23 for mirrors
Added:
release/httpd/CHANGES_2.2.23
release/httpd/httpd-2.2.23.tar.bz2 (with props)
release/httpd/httpd-2.2.23.tar.bz2.asc
release/httpd/httpd-2.2.23.tar.bz2.md5
release/httpd/httpd-2.2.23.tar.bz2.sha1
release/httpd/httpd-2.2.23.tar.gz (with props)
release/httpd/httpd-2.2.23.tar.gz.asc
release/httpd/httpd-2.2.23.tar.gz.md5
release/httpd/httpd-2.2.23.tar.gz.sha1
Modified:
release/httpd/Announcement2.2.html
release/httpd/Announcement2.2.txt
release/httpd/CHANGES_2.2
Modified: release/httpd/Announcement2.2.html
==============================================================================
--- release/httpd/Announcement2.2.html (original)
+++ release/httpd/Announcement2.2.html Tue Sep 11 14:08:50 2012
@@ -15,56 +15,38 @@
<img src="../../images/apache_sub.gif" alt="" />
<h1>
- Apache HTTP Server 2.2.22 Released
+ Apache HTTP Server 2.2.23 Released
</h1>
<p>
The Apache Software Foundation and the Apache HTTP Server Project are
- pleased to announce the release of version 2.2.22 of the Apache HTTP
- Server ("Apache"). This version of Apache is principally a security
- and bug fix release, including the following significant security fixes:
+ pleased to announce the release of version 2.2.23 of the Apache HTTP
+ Server ("Apache"). This version of Apache is principally a security
+ and bug fix maintenance release, including the following significant
+ security fixes:
</p>
<ul>
-<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368">CVE-2011-3368</a> (cve.mitre.org)
- Reject requests where the request-URI does not match the HTTP
- specification, preventing unexpected expansion of target URLs in
- some reverse proxy configurations.
-</li>
-<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607">CVE-2011-3607</a> (cve.mitre.org)
- Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
- is enabled, could allow local users to gain privileges via a .htaccess
- file.
-</li>
-<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317">CVE-2011-4317</a> (cve.mitre.org)
- Resolve additional cases of URL rewriting with ProxyPassMatch or
- RewriteRule, where particular request-URIs could result in undesired
- backend network exposure in some configurations.
-</li>
-<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021">CVE-2012-0021</a> (cve.mitre.org)
- mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
- string is in use and a client sends a nameless, valueless cookie, causing
- a denial of service. The issue existed since version 2.2.17.
-</li>
-<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031">CVE-2012-0031</a> (cve.mitre.org)
- Fix scoreboard issue which could allow an unprivileged child process
- could cause the parent to crash at shutdown rather than terminate
- cleanly.
-</li>
-<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053">CVE-2012-0053</a> (cve.mitre.org)
- Fixed an issue in error responses that could expose "httpOnly" cookies
- when no custom ErrorDocument is specified for status code 400.
+<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883">CVE-2012-0883</a> (cve.mitre.org)
+ envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
+ current working directory to be searched for DSOs.
+</li>
+<li>SECURITY: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687">CVE-2012-2687</a> (cve.mitre.org)
+ mod_negotiation: Escape filenames in variant list to prevent a
+ possible XSS for a site where untrusted users can upload files to
+ a location with MultiViews enabled.
</li>
</ul>
<p>
- The Apache HTTP Project thanks halfdog, Context Information Security Ltd,
- Prutha Parikh of Qualys, and Norman Hippert for bringing these issues to
- the attention of the security team.
-</p>
-<p>
- We consider this release to be the best version of Apache available, and
- encourage users of all prior versions to upgrade.
+ We consider the Apache HTTP Server 2.4.3 release to be the best version
+ of Apache available, and encourage users of 2.2 and all prior versions
+ to upgrade. This 2.2 maintenance release is offered for those unable
+ to do so at this time. For further details, see
+<dl>
+ <dd><a href="http://www.apache.org/dist/httpd/Announcement2.4.html"
+ >http://www.apache.org/dist/httpd/Announcement2.4.html</a></dd>
+</dl>
</p>
<p>
- Apache HTTP Server 2.2.22 is available for download from:
+ Apache HTTP Server 2.4.3 and 2.2.23 are available for download from:
</p>
<dl>
<dd><a href="http://httpd.apache.org/download.cgi"
@@ -72,7 +54,7 @@
</dl>
<p>
Please see the CHANGES_2.2 file, linked from the download page, for a
- full list of changes. A condensed list, CHANGES_2.2.22 includes only
+ full list of changes. A condensed list, CHANGES_2.2.23 includes only
those changes introduced since the prior 2.2 release. A summary of all
of the security vulnerabilities addressed in this and earlier releases
is available:
@@ -83,8 +65,8 @@
</dd>
</dl>
<p>
- This release includes the Apache Portable Runtime (APR) version 1.4.5
- and APR Utility Library (APR-util) version 1.4.2, bundled with the tar
+ This release includes the Apache Portable Runtime (APR) version 1.4.6
+ and APR Utility Library (APR-util) version 1.4.1, bundled with the tar
and zip distributions. The APR libraries libapr and libaprutil (and
on Win32, libapriconv version 1.2.1) must all be updated to ensure
binary compatibility and address many known security and platform bugs.
@@ -92,24 +74,11 @@
httpd source distributions, which previously included version 1.3.
</p>
<p>
- Apache 2.2 offers numerous enhancements, improvements, and performance
- boosts over the 2.0 codebase. For an overview of new features
- introduced since 2.0 please see:
+ This release builds on and extends the Apache 2.0 API and is superceeded
+ by the Apache 2.4 API. Modules written for Apache 2.0 or 2.4 will need
+ to be recompiled in order to run with Apache 2.2, and most will require
+ minimal or no source code changes.
</p>
-<dl>
- <dd><a href="http://httpd.apache.org/docs/2.2/new_features_2_2.html">
- http://httpd.apache.org/docs/2.2/new_features_2_2.html</a></dd>
-</dl>
-<p>
- This release builds on and extends the Apache 2.0 API. Modules written
- for Apache 2.0 will need to be recompiled in order to run with Apache
- 2.2, and require minimal or no source code changes.
-</p>
-<dl>
- <dd><a
-href="http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING"
-> http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING</a></dd>
-</dl>
<p>
When upgrading or installing this version of Apache, please bear in mind
that if you intend to use Apache with one of the threaded MPMs (other
Modified: release/httpd/Announcement2.2.txt
==============================================================================
--- release/httpd/Announcement2.2.txt (original)
+++ release/httpd/Announcement2.2.txt Tue Sep 11 14:08:50 2012
@@ -1,77 +1,51 @@
- Apache HTTP Server 2.2.22 Released
+ Apache HTTP Server 2.2.23 Released
The Apache Software Foundation and the Apache HTTP Server Project are
- pleased to announce the release of version 2.2.22 of the Apache HTTP
+ pleased to announce the release of version 2.2.23 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
- and bug fix release, including the following significant security fixes:
+ and bug fix maintenance release, including the following significant
+ security fixes:
- * SECURITY: CVE-2011-3368 (cve.mitre.org)
- Reject requests where the request-URI does not match the HTTP
- specification, preventing unexpected expansion of target URLs in
- some reverse proxy configurations.
-
- * SECURITY: CVE-2011-3607 (cve.mitre.org)
- Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
- is enabled, could allow local users to gain privileges via a .htaccess
- file.
-
- * SECURITY: CVE-2011-4317 (cve.mitre.org)
- Resolve additional cases of URL rewriting with ProxyPassMatch or
- RewriteRule, where particular request-URIs could result in undesired
- backend network exposure in some configurations.
-
- * SECURITY: CVE-2012-0021 (cve.mitre.org)
- mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
- string is in use and a client sends a nameless, valueless cookie, causing
- a denial of service. The issue existed since version 2.2.17.
-
- * SECURITY: CVE-2012-0031 (cve.mitre.org)
- Fix scoreboard issue which could allow an unprivileged child process
- could cause the parent to crash at shutdown rather than terminate
- cleanly.
-
- * SECURITY: CVE-2012-0053 (cve.mitre.org)
- Fixed an issue in error responses that could expose "httpOnly" cookies
- when no custom ErrorDocument is specified for status code 400.
-
- The Apache HTTP Project thanks halfdog, Context Information Security Ltd,
- Prutha Parikh of Qualys, and Norman Hippert for bringing these issues to
- the attention of the security team.
+ * SECURITY: CVE-2012-0883 (cve.mitre.org)
+ envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
+ current working directory to be searched for DSOs.
+
+ * SECURITY: CVE-2012-2687 (cve.mitre.org)
+ mod_negotiation: Escape filenames in variant list to prevent a
+ possible XSS for a site where untrusted users can upload files to
+ a location with MultiViews enabled.
+
+ We consider the Apache HTTP Server 2.4.3 release to be the best version
+ of Apache available, and encourage users of 2.2 and all prior versions
+ to upgrade. This 2.2 maintenance release is offered for those unable
+ to do so at this time. For further details, see
- We consider this release to be the best version of Apache available, and
- encourage users of all prior versions to upgrade.
+ http://www.apache.org/dist/httpd/Announcement2.4.txt
- Apache HTTP Server 2.2.22 is available for download from:
+ Apache HTTP Server 2.4.3 and 2.2.23 are available for download from:
http://httpd.apache.org/download.cgi
Please see the CHANGES_2.2 file, linked from the download page, for a
- full list of changes. A condensed list, CHANGES_2.2.22 includes only
+ full list of changes. A condensed list, CHANGES_2.2.23 includes only
those changes introduced since the prior 2.2 release. A summary of all
of the security vulnerabilities addressed in this and earlier releases
is available:
http://httpd.apache.org/security/vulnerabilities_22.html
- This release includes the Apache Portable Runtime (APR) version 1.4.5
- and APR Utility Library (APR-util) version 1.4.2, bundled with the tar
+ This release includes the Apache Portable Runtime (APR) version 1.4.6
+ and APR Utility Library (APR-util) version 1.4.1, bundled with the tar
and zip distributions. The APR libraries libapr and libaprutil (and
on Win32, libapriconv version 1.2.1) must all be updated to ensure
binary compatibility and address many known security and platform bugs.
APR-util version 1.4 represents a minor version upgrade from earlier
httpd source distributions, which previously included version 1.3.
- Apache 2.2 offers numerous enhancements, improvements, and performance
- boosts over the 2.0 codebase. For an overview of new features
- introduced since 2.0 please see:
-
- http://httpd.apache.org/docs/2.2/new_features_2_2.html
-
- This release builds on and extends the Apache 2.0 API. Modules written
- for Apache 2.0 will need to be recompiled in order to run with Apache
- 2.2, and require minimal or no source code changes.
-
- http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING
+ This release builds on and extends the Apache 2.0 API and is superceeded
+ by the Apache 2.4 API. Modules written for Apache 2.0 or 2.4 will need
+ to be recompiled in order to run with Apache 2.2, and most will require
+ minimal or no source code changes.
When upgrading or installing this version of Apache, please bear in mind
that if you intend to use Apache with one of the threaded MPMs (other
Modified: release/httpd/CHANGES_2.2
==============================================================================
--- release/httpd/CHANGES_2.2 (original)
+++ release/httpd/CHANGES_2.2 Tue Sep 11 14:08:50 2012
@@ -1,4 +1,86 @@
-*- coding: utf-8 -*-
+Changes with Apache 2.2.23
+
+ *) SECURITY: CVE-2012-0883 (cve.mitre.org)
+ envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
+ current working directory to be searched for DSOs. [Stefan Fritsch]
+
+ *) SECURITY: CVE-2012-2687 (cve.mitre.org)
+ mod_negotiation: Escape filenames in variant list to prevent a
+ possible XSS for a site where untrusted users can upload files to
+ a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]
+
+ *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled).
+ [Paul Wouters <pwouters redhat.com>, Joe Orton]
+
+ *) mod_ldap: Treat the "server unavailable" condition as a transient
+ error with all LDAP SDKs. [Filip Valder <filip.valder vsb.cz>]
+
+ *) core: Add filesystem paths to access denied / access failed messages.
+ [Eric Covener]
+
+ *) core: Fix error handling in ap_scan_script_header_err_brigade() if there
+ is no EOS bucket in the brigade. PR 48272. [Stefan Fritsch]
+
+ *) core: Prevent "httpd -k restart" from killing server in presence of
+ config error. [Joe Orton]
+
+ *) mod_ssl: when compiled against OpenSSL 1.0.1 or later, allow explicit
+ control of TLSv1.1 and TLSv1.2 through the SSLProtocol directive,
+ adding TLSv1.1 and TLSv1.2 support by default given 'SSLProtocol All'.
+ [Kaspar Brand, William Rowe]
+
+ *) mod_log_config: Fix %{abc}C truncating cookie values at first "=".
+ PR 53104. [Greg Ames]
+
+ *) Unix MPMs: Fix small memory leak in parent process if connect()
+ failed when waking up children. [Joe Orton]
+
+ *) mod_proxy_ajp: Add support for 'ProxyErrorOverride on'. PR 50945.
+ [Peter Pramberger <peter pramberger.at>, Jim Jagielski]
+
+ *) Added SSLProxyMachineCertificateChainFile directive so the proxy client
+ can select the proper client certificate when using a chain and the
+ remote server only lists the root CA as allowed.
+
+ *) mpm_event, mpm_worker: Remain active amidst prevalent child process
+ resource shortages. [Jeff Trawick]
+
+ *) mod_rewrite: Add "AllowAnyURI" option. PR 52774. [Joe Orton]
+
+ *) mod_rewrite: Fix the RewriteEngine directive to work within a
+ location. Previously, once RewriteEngine was switched on globally,
+ it was impossible to switch off. [Graham Leggett]
+
+ *) mod_proxy_balancer: Restore balancing after a failed worker has
+ recovered when using lbmethod_bybusyness. PR 48735. [Jeff Trawick]
+
+ *) mod_dumpio: Properly handle errors from subsequent input filters.
+ PR 52914. [Stefan Fritsch]
+
+ *) mpm_worker: Fix cases where the spawn rate wasn't reduced after child
+ process resource shortages. [Jeff Trawick]
+
+ *) mpm_prefork: Reduce spawn rate after a child process exits due to
+ unexpected poll or accept failure. [Jeff Trawick]
+
+ *) core: Adjust ap_scan_script_header_err*() to prevent mod_cgi and mod_cgid
+ from logging bogus data in case of errors. [Stefan Fritsch]
+
+ *) mod_disk_cache, mod_mem_cache: Decline the opportunity to cache if the
+ response is a 206 Partial Content. This stops a reverse proxied partial
+ response from becoming cached, and then being served in subsequent
+ responses. PR 49113. [Graham Leggett]
+
+ *) configure: Fix usage with external apr and apu in non-default paths
+ and recent gcc versions >= 4.6. [Jean-Frederic Clere]
+
+ *) core: Fix building against PCRE 8.30 by switching from the obsolete
+ pcre_info() to pcre_fullinfo(). PR 52623 [Ruediger Pluem, Rainer Jung]
+
+ *) mod_proxy: Add the forcerecovery balancer parameter that determines if
+ recovery for balancer workers is enforced. [Ruediger Pluem]
+
Changes with Apache 2.2.22
*) SECURITY: CVE-2011-3368 (cve.mitre.org)
Added: release/httpd/CHANGES_2.2.23
==============================================================================
--- release/httpd/CHANGES_2.2.23 (added)
+++ release/httpd/CHANGES_2.2.23 Tue Sep 11 14:08:50 2012
@@ -0,0 +1,83 @@
+ -*- coding: utf-8 -*-
+Changes with Apache 2.2.23
+
+ *) SECURITY: CVE-2012-0883 (cve.mitre.org)
+ envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
+ current working directory to be searched for DSOs. [Stefan Fritsch]
+
+ *) SECURITY: CVE-2012-2687 (cve.mitre.org)
+ mod_negotiation: Escape filenames in variant list to prevent a
+ possible XSS for a site where untrusted users can upload files to
+ a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]
+
+ *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled).
+ [Paul Wouters <pwouters redhat.com>, Joe Orton]
+
+ *) mod_ldap: Treat the "server unavailable" condition as a transient
+ error with all LDAP SDKs. [Filip Valder <filip.valder vsb.cz>]
+
+ *) core: Add filesystem paths to access denied / access failed messages.
+ [Eric Covener]
+
+ *) core: Fix error handling in ap_scan_script_header_err_brigade() if there
+ is no EOS bucket in the brigade. PR 48272. [Stefan Fritsch]
+
+ *) core: Prevent "httpd -k restart" from killing server in presence of
+ config error. [Joe Orton]
+
+ *) mod_ssl: when compiled against OpenSSL 1.0.1 or later, allow explicit
+ control of TLSv1.1 and TLSv1.2 through the SSLProtocol directive,
+ adding TLSv1.1 and TLSv1.2 support by default given 'SSLProtocol All'.
+ [Kaspar Brand, William Rowe]
+
+ *) mod_log_config: Fix %{abc}C truncating cookie values at first "=".
+ PR 53104. [Greg Ames]
+
+ *) Unix MPMs: Fix small memory leak in parent process if connect()
+ failed when waking up children. [Joe Orton]
+
+ *) mod_proxy_ajp: Add support for 'ProxyErrorOverride on'. PR 50945.
+ [Peter Pramberger <peter pramberger.at>, Jim Jagielski]
+
+ *) Added SSLProxyMachineCertificateChainFile directive so the proxy client
+ can select the proper client certificate when using a chain and the
+ remote server only lists the root CA as allowed.
+
+ *) mpm_event, mpm_worker: Remain active amidst prevalent child process
+ resource shortages. [Jeff Trawick]
+
+ *) mod_rewrite: Add "AllowAnyURI" option. PR 52774. [Joe Orton]
+
+ *) mod_rewrite: Fix the RewriteEngine directive to work within a
+ location. Previously, once RewriteEngine was switched on globally,
+ it was impossible to switch off. [Graham Leggett]
+
+ *) mod_proxy_balancer: Restore balancing after a failed worker has
+ recovered when using lbmethod_bybusyness. PR 48735. [Jeff Trawick]
+
+ *) mod_dumpio: Properly handle errors from subsequent input filters.
+ PR 52914. [Stefan Fritsch]
+
+ *) mpm_worker: Fix cases where the spawn rate wasn't reduced after child
+ process resource shortages. [Jeff Trawick]
+
+ *) mpm_prefork: Reduce spawn rate after a child process exits due to
+ unexpected poll or accept failure. [Jeff Trawick]
+
+ *) core: Adjust ap_scan_script_header_err*() to prevent mod_cgi and mod_cgid
+ from logging bogus data in case of errors. [Stefan Fritsch]
+
+ *) mod_disk_cache, mod_mem_cache: Decline the opportunity to cache if the
+ response is a 206 Partial Content. This stops a reverse proxied partial
+ response from becoming cached, and then being served in subsequent
+ responses. PR 49113. [Graham Leggett]
+
+ *) configure: Fix usage with external apr and apu in non-default paths
+ and recent gcc versions >= 4.6. [Jean-Frederic Clere]
+
+ *) core: Fix building against PCRE 8.30 by switching from the obsolete
+ pcre_info() to pcre_fullinfo(). PR 52623 [Ruediger Pluem, Rainer Jung]
+
+ *) mod_proxy: Add the forcerecovery balancer parameter that determines if
+ recovery for balancer workers is enforced. [Ruediger Pluem]
+
Added: release/httpd/httpd-2.2.23.tar.bz2
==============================================================================
Binary file - no diff available.
Propchange: release/httpd/httpd-2.2.23.tar.bz2
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: release/httpd/httpd-2.2.23.tar.bz2.asc
==============================================================================
--- release/httpd/httpd-2.2.23.tar.bz2.asc (added)
+++ release/httpd/httpd-2.2.23.tar.bz2.asc Tue Sep 11 14:08:50 2012
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.10 (GNU/Linux)
+
+iQIcBAABAgAGBQJQM9Y4AAoJEFWTvKlgxUQtIVMQALA7ougttel25yjrl3FJrnoJ
+Nlc4yRQcW2O5f2tBWDpQYWDOYkAQYRyrR2MAfVpiRY8rQVFKu+Lbl8t64hYDg6nn
+zf60eERJIZff0OiWQGXelS/reVCcDGB37ACl3EgEkwTpcTWtYcoR1IgKKGXws3/+
+oluLPu6RhMhBNR8iYa7ahUhkcs2EfAlQ1C8XXMdOt9rNMXUFCEqiCgcX3Dpc88I3
+QeZ3uQXsdpMDBNtOXqrYZx1UVGDosh7sR32t1l+rUrvv0ROMXLL7cgTKg+R9y0hD
+ah9vD//fp1PrAtcqKd2SMpMg4Xbqco288Sco6B2OwR+7eU7psMqIjLmvlDI+mCcu
+F9Xzw2nT1ZE7hHisSM/syc8RG/qszHBM0E1H7i4dgDoDhfu3ZcnsPi+q8Cg8qTM/
+YOtBVex57cubPZ7UTMz7Ep045lfr+E6NWnw3JjUz+5oVCyiXkPjPGRXThkNGQ8vo
+kYpcHcdoSTVgANEPNBmniRaY2RD03SdsIgB3G4SCm+w3KFloEX4jo/S+fWlqr38y
+1Z0nJ0T7KY3B2j7EUscv6CvMh5OZ3XDg5HNKzcE+7fqfipP6kxNrYxlUQTxQp1PL
+Kf4ipvUFCQHHwLBAzaQx7OAG3t7KmA7slkJEdMs5OYyzQNauLQmeeNfAufLHg12b
+JVIq6nHDoL0lYdeZgMvt
+=abuJ
+-----END PGP SIGNATURE-----
Added: release/httpd/httpd-2.2.23.tar.bz2.md5
==============================================================================
--- release/httpd/httpd-2.2.23.tar.bz2.md5 (added)
+++ release/httpd/httpd-2.2.23.tar.bz2.md5 Tue Sep 11 14:08:50 2012
@@ -0,0 +1 @@
+ca133de0e4b4b15316990a97186b9993 *httpd-2.2.23.tar.bz2
Added: release/httpd/httpd-2.2.23.tar.bz2.sha1
==============================================================================
--- release/httpd/httpd-2.2.23.tar.bz2.sha1 (added)
+++ release/httpd/httpd-2.2.23.tar.bz2.sha1 Tue Sep 11 14:08:50 2012
@@ -0,0 +1 @@
+2776145201068045d4ed83157a0e2e1c28c4c453 *httpd-2.2.23.tar.bz2
Added: release/httpd/httpd-2.2.23.tar.gz
==============================================================================
Binary file - no diff available.
Propchange: release/httpd/httpd-2.2.23.tar.gz
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: release/httpd/httpd-2.2.23.tar.gz.asc
==============================================================================
--- release/httpd/httpd-2.2.23.tar.gz.asc (added)
+++ release/httpd/httpd-2.2.23.tar.gz.asc Tue Sep 11 14:08:50 2012
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.10 (GNU/Linux)
+
+iQIcBAABAgAGBQJQM9Y1AAoJEFWTvKlgxUQtP2IP/jiizIwN+G4fWgWl+0IzGSM6
+PYGbl2KjAlVoH+8/gf2xfpFeeuV044vBgihfY+QRX9m4I2ctEz2gsoc7Mn4qpc03
+iBnjM4DELrmYqeHURyM5G9BBCFH7ImPGekfKxH2vNhdEGf2qeZ5UwrbP+N2mXbjF
+cd1JQg0q0e0zvm6HxtNTZVzxTdFUwxRhJHUwVdehZIzPQdnD8QjjnBlg0pMvqLsk
+gBny8eX7GbemOEQTZPADi6kmW9OL4p8iReoy1ZAN7khvg9gyXOn2JyB2DszvXAmr
+tMNIeUE+j1LkrKDR2jEYEhE7UW7DMM6QMtm2gAsJm5A/th/Thu34Mkh3Y9878pQc
+gF5EfglItYntGUW2OW8lAuYxUFe3yzFcCqQ3yIkP9l41b+u+sj2WbZDx/LRnlx5Q
+UeNhEBE1FbxVHVFnf7VZoA3UDFFwdLOgtaXhiLnLsWsP8YvEjpk94svJA6KshWoJ
+1kho7TR6l5R5PNcj9NCSjmF0OFeXCmBS6fdnZpFby+8YrwqLtmy8zfh2OqvCIYTu
+4pjdtFCet+X5seZP7bwQBB/5MjFbpi4dovoKAUHA0rldmDIX6tr8Bme9w9ZqJx3n
+tWjzopEXtBKKQMkUVo6J2mPYCPyg/QLj17akFrF2XZpSW2BYsRTIus4OadTgfxA+
+qAv1O9oV+LAYeBKH+pLb
+=1nMN
+-----END PGP SIGNATURE-----
Added: release/httpd/httpd-2.2.23.tar.gz.md5
==============================================================================
--- release/httpd/httpd-2.2.23.tar.gz.md5 (added)
+++ release/httpd/httpd-2.2.23.tar.gz.md5 Tue Sep 11 14:08:50 2012
@@ -0,0 +1 @@
+77246eaa84a54bb7451f68216333750d *httpd-2.2.23.tar.gz
Added: release/httpd/httpd-2.2.23.tar.gz.sha1
==============================================================================
--- release/httpd/httpd-2.2.23.tar.gz.sha1 (added)
+++ release/httpd/httpd-2.2.23.tar.gz.sha1 Tue Sep 11 14:08:50 2012
@@ -0,0 +1 @@
+966445d503ecb72e3eadf864cd21028d00d441a2 *httpd-2.2.23.tar.gz