add temporary patch from

http://trac.lighttpd.net/trac/attachment/ticket/1562/Fix-372-and-1562.patch
in order to fix CVE-2008-0983. Bump PKGREVISION

4 files changed, 30 insertions, 3 deletions

diff --git a/www/lighttpd/Makefile b/www/lighttpd/Makefile
index 5f19fd25643..f52130d3a8f 100644
--- a/www/lighttpd/Makefile
+++ b/www/lighttpd/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.18 2008/01/18 05:09:51 tnn Exp $
+# $NetBSD: Makefile,v 1.19 2008/03/04 11:17:57 kefren Exp $
 
 DISTNAME=	lighttpd-1.4.18
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	www
 MASTER_SITES=	http://www.lighttpd.net/download/
 
diff --git a/www/lighttpd/distinfo b/www/lighttpd/distinfo
index 85fdda469c3..e082ba2cbc0 100644
--- a/www/lighttpd/distinfo
+++ b/www/lighttpd/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2007/09/10 13:59:50 jlam Exp $
+$NetBSD: distinfo,v 1.12 2008/03/04 11:17:57 kefren Exp $
 
 SHA1 (lighttpd-1.4.18.tar.gz) = 30eb24cdfcfeadf10fa16f187330bdc5deb25ed2
 RMD160 (lighttpd-1.4.18.tar.gz) = dfca15e4b02a405cc89dcdfb9a0f8137971cfb24
@@ -6,3 +6,5 @@ Size (lighttpd-1.4.18.tar.gz) = 803361 bytes
 SHA1 (patch-aa) = d48beb6e526f31f9ea19657e6010c5165026b475
 SHA1 (patch-ab) = b02003db1b2ac978846eb0f7be178b91f59fc176
 SHA1 (patch-ac) = b2bc7bcbd151bf64ce085dad359077c5ffa2da1f
+SHA1 (patch-ad) = b862738a23fcc02a67bcef7339acd622f5c3a3e3
+SHA1 (patch-ae) = 95705fd9148d2538083442d1ec190299fddc6971
diff --git a/www/lighttpd/patches/patch-ad b/www/lighttpd/patches/patch-ad
new file mode 100644
index 00000000000..18201a381f0
--- /dev/null
+++ b/www/lighttpd/patches/patch-ad
@@ -0,0 +1,12 @@
+$NetBSD: patch-ad,v 1.3 2008/03/04 11:17:57 kefren Exp $
+--- src/fdevent_solaris_devpoll.c.orig	2008-03-04 13:12:51.000000000 +0200
++++ src/fdevent_solaris_devpoll.c	2008-03-04 13:13:02.000000000 +0200
+@@ -67,7 +67,7 @@ static int fdevent_solaris_devpoll_poll(
+ 	int ret;
+ 
+ 	dopoll.dp_timeout = timeout_ms;
+-	dopoll.dp_nfds = ev->maxfds;
++	dopoll.dp_nfds = ev->maxfds - 1;
+ 	dopoll.dp_fds = ev->devpollfds;
+ 
+ 	ret = ioctl(ev->devpoll_fd, DP_POLL, &dopoll);
diff --git a/www/lighttpd/patches/patch-ae b/www/lighttpd/patches/patch-ae
new file mode 100644
index 00000000000..77f429e8c4f
--- /dev/null
+++ b/www/lighttpd/patches/patch-ae
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.3 2008/03/04 11:17:57 kefren Exp $
+--- src/server.c.orig	2008-03-04 13:13:12.000000000 +0200
++++ src/server.c	2008-03-04 13:13:56.000000000 +0200
+@@ -697,9 +697,6 @@ int main (int argc, char **argv) {
+ 			}
+ 		}
+ 
+-		/* #372: solaris need some fds extra for devpoll */
+-		if (rlim.rlim_cur > 10) rlim.rlim_cur -= 10;
+-
+ 		if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ 			srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ 		} else {