diff options
| author | sbd <sbd@pkgsrc.org> | 2011-11-12 04:25:37 +0000 |
|---|---|---|
| committer | sbd <sbd@pkgsrc.org> | 2011-11-12 04:25:37 +0000 |
| commit | a2c2cf8d57fec47955560c87f8291eee34ff5c93 (patch) | |
| tree | 1cb8971fe97056465ef3d52808a1414b553a5be5 | |
| parent | b8becc1a6b8f4626b664785251a3a2939047364f (diff) | |
| download | pkgsrc-a2c2cf8d57fec47955560c87f8291eee34ff5c93.tar.gz | |
Pullup ticket #3596 - requested by spz
www/apache22 security update
Revisions pulled up:
- www/apache22/Makefile 1.73
- www/apache22/distinfo 1.44
- www/apache22/patches/patch-server_util.c 1.1
---
Module Name: pkgsrc
Committed By: spz
Date: Fri Nov 11 07:58:03 UTC 2011
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Added Files:
pkgsrc/www/apache22/patches: patch-server_util.c
Log Message:
fix for http://secunia.com/advisories/45793/
snarfed (with adjustment regarding location) from
http://svn.apache.org/viewvc/httpd/httpd/trunk/server/util.c?r1=1198940&r2=1198939&pathrev=1198940
| -rw-r--r-- | www/apache22/Makefile | 4 | ||||
| -rw-r--r-- | www/apache22/distinfo | 3 | ||||
| -rw-r--r-- | www/apache22/patches/patch-server_util.c | 17 |
3 files changed, 21 insertions, 3 deletions
diff --git a/www/apache22/Makefile b/www/apache22/Makefile index f85f2a09e0d..22d4ce1eed6 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.71.2.1 2011/10/10 18:00:06 tron Exp $ +# $NetBSD: Makefile,v 1.71.2.2 2011/11/12 04:25:37 sbd Exp $ DISTNAME= httpd-2.2.21 PKGNAME= ${DISTNAME:S/httpd/apache/} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ http://archive.apache.org/dist/httpd/ \ diff --git a/www/apache22/distinfo b/www/apache22/distinfo index fc61192c3fe..c070fc49fad 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.42.2.1 2011/10/10 18:00:06 tron Exp $ +$NetBSD: distinfo,v 1.42.2.2 2011/11/12 04:25:37 sbd Exp $ SHA1 (httpd-2.2.21.tar.bz2) = c02f9b05da9a7e316ff37d9053dc76a57ba51cb4 RMD160 (httpd-2.2.21.tar.bz2) = 6464a03d78ab858b1288ea9eef4cd5f73b60a9f1 @@ -17,3 +17,4 @@ SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 SHA1 (patch-lock.c) = 770ca03f1cb4421879bd5baa5a7c30cc91acb6e1 SHA1 (patch-repos.c) = 0e0361b91d4b0fe6c7c55a12fdfd2e6aacc710e1 SHA1 (patch-server_protocol.c) = 5361b5218d4f2aa22ea79e4ba6534ca0252c6e4e +SHA1 (patch-server_util.c) = b63f73e2a482facd188eecb0864fc612d1b7b3a5 diff --git a/www/apache22/patches/patch-server_util.c b/www/apache22/patches/patch-server_util.c new file mode 100644 index 00000000000..4fd3d6a5738 --- /dev/null +++ b/www/apache22/patches/patch-server_util.c @@ -0,0 +1,17 @@ +$NetBSD: patch-server_util.c,v 1.1.2.2 2011/11/12 04:25:37 sbd Exp $ + +fix for http://secunia.com/advisories/45793/ +snarfed (with adjustment regarding location) from +http://svn.apache.org/viewvc/httpd/httpd/trunk/server/util.c?r1=1198940&r2=1198939&pathrev=1198940 + +--- server/util.c.orig 2011-05-19 02:17:37.000000000 +0000 ++++ server/util.c +@@ -391,6 +391,8 @@ AP_DECLARE(char *) ap_pregsub(apr_pool_t + len++; + } + else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) { ++ if (APR_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so) ++ return APR_ENOMEM; + len += pmatch[no].rm_eo - pmatch[no].rm_so; + } + |