diff options
| author | agc <agc> | 2004-09-30 13:58:22 +0000 |
|---|---|---|
| committer | agc <agc> | 2004-09-30 13:58:22 +0000 |
| commit | 66dd5d0e649fc99fc89b0ddf254a933cbbce3f0e (patch) | |
| tree | e2ed88d3a01146b07f3911bdcda8a4e36d5f16e3 | |
| parent | b9137bf03c39a6df4cf3907935fa6985a05d7254 (diff) | |
| download | pkgsrc-66dd5d0e649fc99fc89b0ddf254a933cbbce3f0e.tar.gz | |
Pullup ticket 114, requested by Matthias Scheler.
Security fix for apache
Modified Files:
pkgsrc/www/apache: Makefile distinfo
Added Files:
pkgsrc/www/apache/patches: patch-ap
Log Message:
Apply fix for security vulnerability in proxy module reported in
CAN-2004-0492. Bump package revision package of this.
| -rw-r--r-- | doc/CHANGES-pkgsrc-2004Q3 | 5 | ||||
| -rw-r--r-- | www/apache/Makefile | 4 | ||||
| -rw-r--r-- | www/apache/distinfo | 3 | ||||
| -rw-r--r-- | www/apache/patches/patch-ap | 18 |
4 files changed, 26 insertions, 4 deletions
diff --git a/doc/CHANGES-pkgsrc-2004Q3 b/doc/CHANGES-pkgsrc-2004Q3 index 44cc1800e1f..c5816ca1d31 100644 --- a/doc/CHANGES-pkgsrc-2004Q3 +++ b/doc/CHANGES-pkgsrc-2004Q3 @@ -1,6 +1,9 @@ -$NetBSD: CHANGES-pkgsrc-2004Q3,v 1.1.2.1 2004/09/30 13:54:11 agc Exp $ +$NetBSD: CHANGES-pkgsrc-2004Q3,v 1.1.2.2 2004/09/30 13:58:22 agc Exp $ Changes to the packages collection and infrastructure on the pkgsrc-2004Q3 branch: Created pkgsrc-2004Q3 branch [agc 2004-09-20 20:15 UTC] + +Pullup ticket 114 - requested by Matthias Scheler +security fix for apache diff --git a/www/apache/Makefile b/www/apache/Makefile index df5a2bbd541..ae3a06b98b3 100644 --- a/www/apache/Makefile +++ b/www/apache/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.150 2004/08/22 19:32:52 jlam Exp $ +# $NetBSD: Makefile,v 1.150.2.1 2004/09/30 13:58:22 agc Exp $ # # This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of # code hooks that allow mod_ssl to be compiled separately later, if desired). DISTNAME= apache_1.3.31 PKGNAME= ${DISTNAME:S/_/-/} -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ ${MASTER_SITE_APACHE:=httpd/old/} diff --git a/www/apache/distinfo b/www/apache/distinfo index a8a4acf9b7c..f6e1580b6f9 100644 --- a/www/apache/distinfo +++ b/www/apache/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.36 2004/07/17 12:44:28 tron Exp $ +$NetBSD: distinfo,v 1.36.2.1 2004/09/30 13:58:22 agc Exp $ SHA1 (apache_1.3.31.tar.gz) = a5d4298e8f99cae220ba65b5ef128d5742c7298d Size (apache_1.3.31.tar.gz) = 2467371 bytes @@ -20,3 +20,4 @@ SHA1 (patch-ak) = 8f790a692ed9b2dd6943be43fa1cf7629c673955 SHA1 (patch-al) = a27b9676998621229dc3a1d920ea44b8e622feb2 SHA1 (patch-am) = d05f7c30b73c0e90daf17d9d1c4838be7fd73b02 SHA1 (patch-ao) = 5930f9ea0f5080b260a6e0c66a37c6d1ad0df4d4 +SHA1 (patch-ap) = da8016c534bbed4036837d8e494ea3d5bb4342ea diff --git a/www/apache/patches/patch-ap b/www/apache/patches/patch-ap new file mode 100644 index 00000000000..d5473184712 --- /dev/null +++ b/www/apache/patches/patch-ap @@ -0,0 +1,18 @@ +$NetBSD: patch-ap,v 1.4.4.1 2004/09/30 13:58:22 agc Exp $ + +--- src/modules/proxy/proxy_http.c.orig 29 Mar 2004 17:47:15 -0000 1.106 ++++ src/modules/proxy/proxy_http.c 11 Jun 2004 07:54:38 -0000 1.107 +@@ -485,6 +485,13 @@ + content_length = ap_table_get(resp_hdrs, "Content-Length"); + if (content_length != NULL) { + c->len = ap_strtol(content_length, NULL, 10); ++ ++ if (c->len < 0) { ++ ap_kill_timeout(r); ++ return ap_proxyerror(r, HTTP_BAD_GATEWAY, ap_pstrcat(r->pool, ++ "Invalid Content-Length from remote server", ++ NULL)); ++ } + } + + } |