diff options
author | spz <spz> | 2016-06-11 10:06:37 +0000 |
---|---|---|
committer | spz <spz> | 2016-06-11 10:06:37 +0000 |
commit | 019a629788d8e67c118634df6c8427d430338e10 (patch) | |
tree | 958580a7dd9315b6d44248d2a111ba9bc04c06fc | |
parent | fb3570d94f1fe84a8272eb8ae22c2b50d105feb5 (diff) | |
download | pkgsrc-019a629788d8e67c118634df6c8427d430338e10.tar.gz |
Pullup ticket #5038 - requested by joerg
www/nginx: security patch
www/nginx-devel: security patch
Revisions pulled up:
- www/nginx-devel/Makefile 1.20
- www/nginx-devel/distinfo 1.20
- www/nginx-devel/patches/patch-src_os_unix_ngx__files.c 1.1
- www/nginx/Makefile 1.64
- www/nginx/patches/patch-src_os_unix_ngx__files.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Tue May 31 19:44:47 UTC 2016
Modified Files:
pkgsrc/www/nginx: Makefile
Added Files:
pkgsrc/www/nginx/patches: patch-src_os_unix_ngx__files.c
Log Message:
Avoid CVE-2016-4450 (NULL dereference while saving client body to
temporary file). Bump revision.
To generate a diff of this commit:
cvs rdiff -u -r1.63 -r1.64 pkgsrc/www/nginx/Makefile
cvs rdiff -u -r0 -r1.1 \
pkgsrc/www/nginx/patches/patch-src_os_unix_ngx__files.c
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: joerg
Date: Tue May 31 19:54:43 UTC 2016
Modified Files:
pkgsrc/www/nginx-devel: Makefile distinfo
Added Files:
pkgsrc/www/nginx-devel/patches: patch-src_os_unix_ngx__files.c
Log Message:
Avoid CVE-2016-4450 (NULL dereference while saving client body to
temporary file). Bump revision.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/nginx-devel/Makefile \
pkgsrc/www/nginx-devel/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/www/nginx-devel/patches/patch-src_os_unix_ngx__files.c
-rw-r--r-- | www/nginx-devel/Makefile | 3 | ||||
-rw-r--r-- | www/nginx-devel/distinfo | 3 | ||||
-rw-r--r-- | www/nginx-devel/patches/patch-src_os_unix_ngx__files.c | 17 | ||||
-rw-r--r-- | www/nginx/Makefile | 4 | ||||
-rw-r--r-- | www/nginx/patches/patch-src_os_unix_ngx__files.c | 17 |
5 files changed, 40 insertions, 4 deletions
diff --git a/www/nginx-devel/Makefile b/www/nginx-devel/Makefile index 290d18395d7..0dfe3d7303a 100644 --- a/www/nginx-devel/Makefile +++ b/www/nginx-devel/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.19 2016/01/26 17:59:13 joerg Exp $ +# $NetBSD: Makefile,v 1.19.2.1 2016/06/11 10:06:37 spz Exp $ DISTNAME= nginx-1.9.10 +PKGREVISION= 1 MAINTAINER= imil@NetBSD.org NGINX_HTTP_V2= yes diff --git a/www/nginx-devel/distinfo b/www/nginx-devel/distinfo index 203dbce58c7..57e76c421d6 100644 --- a/www/nginx-devel/distinfo +++ b/www/nginx-devel/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.19 2016/01/26 17:59:13 joerg Exp $ +$NetBSD: distinfo,v 1.19.2.1 2016/06/11 10:06:37 spz Exp $ SHA1 (array-var-nginx-module-0.04.tar.gz) = 1fd3bdd05c2d1d7667ed6f7baa612ddf7f630df3 RMD160 (array-var-nginx-module-0.04.tar.gz) = a751a2ce87dcfb88d072779097b4df9f42a415e4 @@ -46,3 +46,4 @@ SHA512 (set-misc-nginx-module-0.29.tar.gz) = 8dd2e1bf29e04e21b2aa4e7e72d07094b2c Size (set-misc-nginx-module-0.29.tar.gz) = 35495 bytes SHA1 (patch-auto_install) = 723e2ae222146775ae66aed7815bf3f911dd1cd7 SHA1 (patch-conf_nginx.conf) = ee9fbc3838cc006f6e1cddddadf6603f4941d171 +SHA1 (patch-src_os_unix_ngx__files.c) = e6159893bbdf6b991dd3b3ee6fae32d304374995 diff --git a/www/nginx-devel/patches/patch-src_os_unix_ngx__files.c b/www/nginx-devel/patches/patch-src_os_unix_ngx__files.c new file mode 100644 index 00000000000..15733a2ac60 --- /dev/null +++ b/www/nginx-devel/patches/patch-src_os_unix_ngx__files.c @@ -0,0 +1,17 @@ +$NetBSD: patch-src_os_unix_ngx__files.c,v 1.1.2.2 2016/06/11 10:06:37 spz Exp $ + +--- src/os/unix/ngx_files.c.orig 2016-01-26 14:27:43.000000000 +0000 ++++ src/os/unix/ngx_files.c +@@ -313,6 +313,12 @@ ngx_write_chain_to_file(ngx_file_t *file + /* create the iovec and coalesce the neighbouring bufs */ + + while (cl && vec.nelts < IOV_MAX) { ++ ++ if (ngx_buf_special(cl->buf)) { ++ cl = cl->next; ++ continue; ++ } ++ + if (prev == cl->buf->pos) { + iov->iov_len += cl->buf->last - cl->buf->pos; + diff --git a/www/nginx/Makefile b/www/nginx/Makefile index 1e0365dc22e..3a079ad56db 100644 --- a/www/nginx/Makefile +++ b/www/nginx/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.63 2016/03/05 11:29:38 jperkin Exp $ +# $NetBSD: Makefile,v 1.63.2.1 2016/06/11 10:06:37 spz Exp $ DISTNAME= nginx-1.8.1 MAINTAINER= joerg@NetBSD.org -PKGREVISION= 1 +PKGREVISION= 2 .include "../../www/nginx/Makefile.common" diff --git a/www/nginx/patches/patch-src_os_unix_ngx__files.c b/www/nginx/patches/patch-src_os_unix_ngx__files.c new file mode 100644 index 00000000000..b527927c694 --- /dev/null +++ b/www/nginx/patches/patch-src_os_unix_ngx__files.c @@ -0,0 +1,17 @@ +$NetBSD: patch-src_os_unix_ngx__files.c,v 1.1.2.2 2016/06/11 10:06:37 spz Exp $ + +--- src/os/unix/ngx_files.c.orig 2016-01-26 14:39:33.000000000 +0000 ++++ src/os/unix/ngx_files.c +@@ -292,6 +292,12 @@ ngx_write_chain_to_file(ngx_file_t *file + /* create the iovec and coalesce the neighbouring bufs */ + + while (cl && vec.nelts < IOV_MAX) { ++ ++ if (ngx_buf_special(cl->buf)) { ++ cl = cl->next; ++ continue; ++ } ++ + if (prev == cl->buf->pos) { + iov->iov_len += cl->buf->last - cl->buf->pos; + |