Created attachment 157949 [details] patch-mod_wsgi4 After seeing errors in apache log like: Exception TypeError: "'NoneType' object is not callable" in <bound method apr_pool_t.__del__ of <libsvn.core.apr_pool_t; proxy of <Swig Object of type 'apr_pool_t *' at 0x812e38f30> >> ignored I looked which module is the culprit, and it was mod_wsgi3 (used by viewvc). There is an interesting note in mod_wsgi-4.4.6 [1] ============= Version 4.4.6 ============= Version 4.4.6 of mod_wsgi can be obtained from: https://codeload.github.com/GrahamDumpleton/mod_wsgi/tar.gz/4.4.6 For details on the availability of Windows binaries see: https://github.com/GrahamDumpleton/mod_wsgi/tree/master/win32 Bugs Fixed ---------- 1. Apache 2.2.29 and 2.4.11 introduce additional fields to the request structure ``request_rec`` due to CVE-2013-5704. The addition of these fields will cause versions of mod_wsgi from 4.4.0-4.4.5 to crash when used in mod_wsgi daemon mode and mod_wsgi isn't initialising the new structure members. If you are upgrading your Apache installation to those versions or later versions, you must also update to mod_wsgi version 4.4.6. The mod_wsgi 4.4.6 source code must have also been compiled against the newer Apache version. [1] https://github.com/GrahamDumpleton/mod_wsgi/blob/develop/docs/release-notes/version-4.4.6.rst Since we have apache 2.2.29 and 2.4.12 in the tree I suggest to copy mod_wsgi3 => mod_wsgi4 and bump PORTREVISION for security/py-crits and devel/viewvc. Patch shaped with "svn --show-copies-as-adds" http://people.freebsd.org/~ohauer/diffs/mod_wsgi4.diff
Sounds good to me.
A commit references this bug: Author: ohauer Date: Sun Jul 12 10:04:31 UTC 2015 New revision: 391772 URL: https://svnweb.freebsd.org/changeset/ports/391772 Log: - rename mod_wsgi3 => mod_wsgi4 to reflect new version PR: 201023 Submitted by: ohauer Approved by: douglas_at_douglasthrift.net (maintainer) Changes: head/MOVED head/www/mod_wsgi3/ head/www/mod_wsgi4/
A commit references this bug: Author: ohauer Date: Sun Jul 12 10:09:39 UTC 2015 New revision: 391773 URL: https://svnweb.freebsd.org/changeset/ports/391773 Log: - update to 4.4.13 - use dedicated module file Bugs Fixed (since 4.4.6): ------------------------- 1. Apache 2.2.29 and 2.4.11 introduce additional fields to the request structure ``request_rec`` due to CVE-2013-5704. The addition of these fields will cause versions of mod_wsgi from 4.4.0-4.4.5 to crash when used in mod_wsgi daemon mode and mod_wsgi isn't initialising the new structure members. If you are upgrading your Apache installation to those versions or later versions, you must also update to mod_wsgi version 4.4.6. The mod_wsgi 4.4.6 source code must have also been compiled against the newer Apache version. PR: 201023 Submitted by: ohauer Approved by: douglas_at_douglasthrift.net (maintainer) Changes: head/www/mod_wsgi4/Makefile head/www/mod_wsgi4/distinfo head/www/mod_wsgi4/files/270_mod_wsgi.conf.sample.in head/www/mod_wsgi4/pkg-descr head/www/mod_wsgi4/pkg-plist
A commit references this bug: Author: ohauer Date: Sun Jul 12 10:11:34 UTC 2015 New revision: 391774 URL: https://svnweb.freebsd.org/changeset/ports/391774 Log: - refelct mod_wsgi3 => mod_wsgi3 update - bump PORTREVISION PR: 201023 Submitted by: ohauer Changes: head/devel/viewvc/Makefile head/security/py-crits/Makefile
Update committed