From nobody Mon Jun  8 21:21:45 2026
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ4jj3Tc8z6gmG7
	for <dev-commits-ports-all@mlmmj.nyi.freebsd.org>; Mon, 08 Jun 2026 21:21:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ4jj2PvYz3yfc
	for <dev-commits-ports-all@FreeBSD.org>; Mon, 08 Jun 2026 21:21:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1780953705;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lCFPgTECIPsxUxP3bIxiufSp4OnsvplID/gEbR0ZGEs=;
	b=G/YJppwluHQvW7cRHlBzV52+go9IzlVqYOvO3V9xjRTBRo/y3ziomX5YHR4nncKGSpr1Av
	Y3bVhks9fMfMtn5WvYOhc3y5qCHzZfQu/1G6HeN03oPiv3PwqUPu+4V4E6qpJV6HIeRIJy
	vsaKO/cjVeBTFxsap/g/lexk9iZmdchYRm/kkPShkM5BmWC8L1zyKBVG2fpaOY03rwrkgr
	NwrJpbXDlY5c+pvpjbckgKhpKFd7L87upy+0i/FQX3zOlcgSIsHQIUJWHkZNz8DMJhsd9Y
	AdLxxg9TmAu7ERUEWYepfdBftoCvZ/SKXc5Tm/MgZUmIq+woT6jG2426MG+5ww==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780953705; a=rsa-sha256; cv=none;
	b=QxA/IKhrIjyEUD5S1RSkO0aUUZO2312XARWaKXjHSviFWocQC/FGzCppQ/yYU3JOPbpEe9
	3Yu5DGjeevpfk/xUyyKCrwpysj8yPyLL07MFd3XILjuFsvY4iVPlOQg3bN1aM3NF+rqUfm
	GKpvV88i/n2cdhuU981vdCaKk75SZSwiTqtbQuITZmu+QTDqwo/1TjVoHLEdS5LJKst9dN
	tqnSDYPUmhkeTS/0hrzlca6D6d2FtrdSj+920m8O5TiXuidiLu58CqqQXg2vSad1gzP2xL
	AbfcSxCwdrSW1ub1Dq/D9JKYTYjlP9Op3LT+p/AidW+fTyjR08LCxx4ltaReFA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1780953705;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lCFPgTECIPsxUxP3bIxiufSp4OnsvplID/gEbR0ZGEs=;
	b=TYqFzpfiDpVrC8uSuszFtPa/4RpUYPV5T5PF9g+ybbKBQJ7wADdoMVmuqEC2JYVcdq/TMC
	7agVHkS07XOtlfvgktgIZmbacLBXoqyEs9Ek0zklbgI8g5S8NwYJurspihq1slvw2LjyuT
	2W4tEqCfGteiU4AHNLKhDGiqAVO3jihEWc5e0/5wAelwURSeuupxWN15pLqJzpKcwHe6B4
	jqJUJJZw5eL3Ca2NhkwksbyK68guyYxZQBykg81pIjNGvNWCty+r6GflBtx4iaZ4x9pw6f
	nQ0ttm0lRt2eDOc0uRNndJFVXPbraU0YX/j7sWTXxx47ZnDBTZemzSRU9HPXIw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ4jj21Glz14Yl
	for <dev-commits-ports-all@FreeBSD.org>; Mon, 08 Jun 2026 21:21:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 19356
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Mon, 08 Jun 2026 21:21:45 +0000
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
From: Bernard Spil <brnrd@FreeBSD.org>
Subject: git: d905532d79b5 - main - www/apache24: Security update to 2.4.68
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-all@freebsd.org
Sender: owner-dev-commits-ports-all@FreeBSD.org
List-Id: <dev-commits-ports-all.FreeBSD.org>
List-Post: <mailto:dev-commits-ports-all@FreeBSD.org>
List-Help: <mailto:dev-commits-ports-all+help@FreeBSD.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@FreeBSD.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@FreeBSD.org>
List-Owner: <mailto:postmaster@FreeBSD.org>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: brnrd
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: d905532d79b533bddefd3ccebc63e5f3abf69296
Auto-Submitted: auto-generated
Date: Mon, 08 Jun 2026 21:21:45 +0000
Message-Id: <6a273269.19356.750a77b6@gitrepo.freebsd.org>

The branch main has been updated by brnrd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d905532d79b533bddefd3ccebc63e5f3abf69296

commit d905532d79b533bddefd3ccebc63e5f3abf69296
Author:     Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2026-06-08 21:19:58 +0000
Commit:     Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2026-06-08 21:21:41 +0000

    www/apache24: Security update to 2.4.68
    
    With hat:       apache
    Security:       7655baae-637d-11f1-8607-8447094a420f
    MFH:            2026Q2
---
 www/apache24/Makefile                   |  3 +-
 www/apache24/distinfo                   |  6 +--
 www/apache24/files/patch-CVE-2026-49975 | 67 ---------------------------------
 www/apache24/pkg-plist                  |  1 +
 4 files changed, 5 insertions(+), 72 deletions(-)

diff --git a/www/apache24/Makefile b/www/apache24/Makefile
index e63914dd9358..43138a98fe72 100644
--- a/www/apache24/Makefile
+++ b/www/apache24/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	apache24
-PORTVERSION=	2.4.67
-PORTREVISION=	2
+PORTVERSION=	2.4.68
 CATEGORIES=	www
 MASTER_SITES=	APACHE_HTTPD
 DISTNAME=	httpd-${PORTVERSION}
diff --git a/www/apache24/distinfo b/www/apache24/distinfo
index 9d445609108e..9f63444da7a4 100644
--- a/www/apache24/distinfo
+++ b/www/apache24/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1777974771
-SHA256 (apache24/httpd-2.4.67.tar.bz2) = 66cd206637b0d5c446fa7dabe75fe03525da8fb55855876c46288cd88b136aa4
-SIZE (apache24/httpd-2.4.67.tar.bz2) = 7493067
+TIMESTAMP = 1780952454
+SHA256 (apache24/httpd-2.4.68.tar.bz2) = 68c74d4df38c26bed4dfbdb8f3baf1eb532f3872357becc1bba5d136f6b63c06
+SIZE (apache24/httpd-2.4.68.tar.bz2) = 7738512
diff --git a/www/apache24/files/patch-CVE-2026-49975 b/www/apache24/files/patch-CVE-2026-49975
deleted file mode 100644
index 321ce8b7bd13..000000000000
--- a/www/apache24/files/patch-CVE-2026-49975
+++ /dev/null
@@ -1,67 +0,0 @@
-From 47d3100b252dc6668a9e46ae885242be9eeca9cd Mon Sep 17 00:00:00 2001
-From: Stefan Eissing <icing@apache.org>
-Date: Wed, 27 May 2026 09:37:31 +0000
-Subject: [PATCH]   *) mod_http2: update to version 2.0.41      Fix cookie
- header accounting against LimitRequestFields.
-
-git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1934678 13f79535-47bb-0310-9956-ffa450edef68
----
- changes-entries/h2_v2.0.41.txt | 3 +++
- modules/http2/h2_util.c        | 4 ++++
- modules/http2/h2_version.h     | 4 ++--
- 3 files changed, 9 insertions(+), 2 deletions(-)
- create mode 100644 changes-entries/h2_v2.0.41.txt
-
-diff --git a/changes-entries/h2_v2.0.41.txt b/changes-entries/h2_v2.0.41.txt
-new file mode 100644
-index 00000000000..4d7df59fed0
---- /dev/null
-+++ changes-entries/h2_v2.0.41.txt
-@@ -0,0 +1,3 @@
-+  *) mod_http2: update to version 2.0.41
-+     Fix cookie header accounting against LimitRequestFields.
-+     [Stefan Eissing]
-diff --git a/modules/http2/h2_util.c b/modules/http2/h2_util.c
-index b377ff77f1b..b3039451f39 100644
---- modules/http2/h2_util.c.orig
-+++ modules/http2/h2_util.c
-@@ -1708,6 +1708,8 @@ static apr_status_t req_add_header(apr_table_t *headers, apr_pool_t *pool,
-              && !ap_cstr_casecmpn("cookie", (const char *)nv->name, nv->namelen)) {
-         existing = apr_table_get(headers, "cookie");
-         if (existing) {
-+            if (!nv->valuelen)
-+                return APR_SUCCESS;
-             /* Cookie header come separately in HTTP/2, but need
-              * to be merged by "; " (instead of default ", ")
-              */
-@@ -1719,6 +1721,8 @@ static apr_status_t req_add_header(apr_table_t *headers, apr_pool_t *pool,
-             apr_table_setn(headers, "Cookie",
-                            apr_psprintf(pool, "%s; %.*s", existing,
-                                         (int)nv->valuelen, nv->value));
-+            /* Treat the merge as an "add" to not escape LimitRequestFields */
-+            *pwas_added = 1;
-             return APR_SUCCESS;
-         }
-     }
-diff --git a/modules/http2/h2_version.h b/modules/http2/h2_version.h
-index 1d7113f58bd..cc0164e080d 100644
---- modules/http2/h2_version.h.orig
-+++ modules/http2/h2_version.h
-@@ -27,7 +27,7 @@
-  * @macro
-  * Version number of the http2 module as c string
-  */
--#define MOD_HTTP2_VERSION "2.0.39"
-+#define MOD_HTTP2_VERSION "2.0.41"
- 
- /**
-  * @macro
-@@ -35,7 +35,7 @@
-  * release. This is a 24 bit number with 8 bits for major number, 8 bits
-  * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
-  */
--#define MOD_HTTP2_VERSION_NUM 0x020027
-+#define MOD_HTTP2_VERSION_NUM 0x020029
- 
- 
- #endif /* mod_h2_h2_version_h */
diff --git a/www/apache24/pkg-plist b/www/apache24/pkg-plist
index 43774e51f601..e132596327c3 100644
--- a/www/apache24/pkg-plist
+++ b/www/apache24/pkg-plist
@@ -262,6 +262,7 @@ sbin/split-logfile
 %%WWWDIR%%/error/HTTP_BAD_GATEWAY.html.var
 %%WWWDIR%%/error/HTTP_BAD_REQUEST.html.var
 %%WWWDIR%%/error/HTTP_FORBIDDEN.html.var
+%%WWWDIR%%/error/HTTP_GATEWAY_TIME_OUT.html.var
 %%WWWDIR%%/error/HTTP_GONE.html.var
 %%WWWDIR%%/error/HTTP_INTERNAL_SERVER_ERROR.html.var
 %%WWWDIR%%/error/HTTP_LENGTH_REQUIRED.html.var