diff options
| author | adam <adam> | 2010-11-01 18:03:03 +0000 |
|---|---|---|
| committer | adam <adam> | 2010-11-01 18:03:03 +0000 |
| commit | c9c3394b990ecb50712e9def3934b042e20e2f43 (patch) | |
| tree | 8757480a73e7f8c3d07c729555549b12c57d777a /devel | |
| parent | ec15ae277864734c9a3d4b77eedadcbda626aa38 (diff) | |
| download | pkgsrc-c9c3394b990ecb50712e9def3934b042e20e2f43.tar.gz | |
Changes 2.0.64:
* SECURITY: CVE-2010-1452 (cve.mitre.org)
mod_dav: Fix Handling of requests without a path segment.
* SECURITY: CVE-2009-1891 (cve.mitre.org)
Fix a potential Denial-of-Service attack against mod_deflate or other
modules, by forcing the server to consume CPU time in compressing a
large file after a client disconnects.
* SECURITY: CVE-2009-3095 (cve.mitre.org)
mod_proxy_ftp: sanity check authn credentials.
* SECURITY: CVE-2009-3094 (cve.mitre.org)
mod_proxy_ftp: NULL pointer dereference on error paths.
* SECURITY: CVE-2009-3555 (cve.mitre.org)
mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
attack when compiled against OpenSSL version 0.9.8m or later. Introduces
the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
and offer unsafe legacy renegotiation with clients which do not yet
support the new secure renegotiation protocol, RFC 5746.
* SECURITY: CVE-2009-3555 (cve.mitre.org)
mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
for OpenSSL versions prior to 0.9.8l; reject any client-initiated
renegotiations. Forcibly disable keepalive for the connection if there
is any buffered data readable. Any configuration which requires
renegotiation for per-directory/location access control is still
vulnerable, unless using openssl 0.9.8l or later.
* SECURITY: CVE-2010-0434 (cve.mitre.org)
Ensure each subrequest has a shallow copy of headers_in so that the
parent request headers are not corrupted. Elimiates a problematic
optimization in the case of no request body.
* SECURITY: CVE-2008-2364 (cve.mitre.org)
mod_proxy_http: Better handling of excessive interim responses
from origin server to prevent potential denial of service and high
memory usage.
* SECURITY: CVE-2010-0425 (cve.mitre.org)
mod_isapi: Do not unload an isapi .dll module until the request
processing is completed, avoiding orphaned callback pointers.
* SECURITY: CVE-2008-2939 (cve.mitre.org)
mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
the FTP URL. Discovered by Marc Bevand of Rapid7.
* Fix recursive ErrorDocument handling.
* mod_ssl: Do not do overlapping memcpy.
* Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass
through on a 304 response.
* apxs: Fix -A and -a options to ignore whitespace in httpd.conf
Diffstat (limited to 'devel')
| -rw-r--r-- | devel/apr0/Makefile | 6 | ||||
| -rw-r--r-- | devel/apr0/distinfo | 14 | ||||
| -rw-r--r-- | devel/apr0/patches/patch-ab | 92 | ||||
| -rw-r--r-- | devel/apr0/patches/patch-ac | 58 | ||||
| -rw-r--r-- | devel/apr0/patches/patch-ao | 6 | ||||
| -rw-r--r-- | devel/apr0/patches/patch-au | 4 |
6 files changed, 14 insertions, 166 deletions
diff --git a/devel/apr0/Makefile b/devel/apr0/Makefile index f1feeb6ec35..bdd6f07794d 100644 --- a/devel/apr0/Makefile +++ b/devel/apr0/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.6 2009/08/12 03:37:28 taca Exp $ +# $NetBSD: Makefile,v 1.7 2010/11/01 18:03:03 adam Exp $ .include "../../www/apache2/Makefile.common" PKGNAME= apr-${APR_VERSION}.${APACHE_VERSION} -PKGREVISION= 2 CATEGORIES= devel HOMEPAGE= http://apr.apache.org/ @@ -26,6 +25,8 @@ GNU_CONFIGURE= yes CONFIGURE_ENV+= LIBS=${LIBS:M*:Q} LIBS.SunOS+= -lnsl +INSTALLATION_DIRS+= include/apr-0/arch/unix + APR_CONFIGURE_ARGS= \ --prefix=${PREFIX} \ --with-devrandom=/dev/urandom \ @@ -62,7 +63,6 @@ do-configure: post-install: ${RM} ${DESTDIR}${PREFIX}/libexec/apr/libtool ${INSTALL_SCRIPT} ${PKG_LIBTOOL} ${DESTDIR}${PREFIX}/libexec/apr/libtool - ${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/include/apr-0/arch/unix ${INSTALL_DATA} ${WRKSRC}/apr/include/arch/*.h ${DESTDIR}${PREFIX}/include/apr-0/arch ${INSTALL_DATA} ${WRKSRC}/apr/include/arch/unix/*.h ${DESTDIR}${PREFIX}/include/apr-0/arch/unix/ ${CHMOD} ${SHAREMODE} ${DESTDIR}${PREFIX}/include/apr-0/*.h diff --git a/devel/apr0/distinfo b/devel/apr0/distinfo index 9939c2314e0..af48d1b8fb3 100644 --- a/devel/apr0/distinfo +++ b/devel/apr0/distinfo @@ -1,16 +1,14 @@ -$NetBSD: distinfo,v 1.4 2009/08/12 03:37:28 taca Exp $ +$NetBSD: distinfo,v 1.5 2010/11/01 18:03:03 adam Exp $ -SHA1 (httpd-2.0.63.tar.bz2) = 20e2b64944e38e96491af788a37cb709d2c5b755 -RMD160 (httpd-2.0.63.tar.bz2) = f6a7de59860f627ac40b245fcf742fb07e1b4870 -Size (httpd-2.0.63.tar.bz2) = 4587670 bytes +SHA1 (httpd-2.0.64.tar.bz2) = eeabe0fb428d9f11ce00559ff163740c6ceabf1c +RMD160 (httpd-2.0.64.tar.bz2) = 6a4bfe4dfc4119a70cabbec2e0865dc2f12e8ec4 +Size (httpd-2.0.64.tar.bz2) = 4954766 bytes SHA1 (patch-aa) = c84bdb6bcb14bf6bc7ea0d8f13334dd8c3ef2ef9 -SHA1 (patch-ab) = f4de25804fa90ed686d8e8736ccee7967836c0ea -SHA1 (patch-ac) = a3d69920cf20cc03c89e5eaac6fe6a597c9c3a29 SHA1 (patch-an) = 76d9ac0cdddec7c0f41535baee63bf0aa26ed596 -SHA1 (patch-ao) = e35630af53a78fce9aa5347a81cb1bcf8fb3058e +SHA1 (patch-ao) = 1dc1dac5370159639b3dcc3ea97e51eeb47622a0 SHA1 (patch-ap) = 357776c7208407936e09891ae87d23b112a12756 SHA1 (patch-aq) = 6cc1fb879fb5d9280f543ebe068a441e2e6560f3 SHA1 (patch-ar) = defa2be14ec057e1c41151b8cd1edc0ffb219694 SHA1 (patch-as) = 37e70ff8b1a3344e47bcd2fe2b145a6e3e6a4562 SHA1 (patch-at) = 9935c308ba96a8c92dedd3288429a989f9d643f5 -SHA1 (patch-au) = 270a478bdfead4ffe2d069e8441655854fa54e5a +SHA1 (patch-au) = b05a774430ee3c4e8b67f8b77ccb57dde98a92b2 diff --git a/devel/apr0/patches/patch-ab b/devel/apr0/patches/patch-ab deleted file mode 100644 index ccbe27584cf..00000000000 --- a/devel/apr0/patches/patch-ab +++ /dev/null @@ -1,92 +0,0 @@ -$NetBSD: patch-ab,v 1.1 2009/08/12 03:37:28 taca Exp $ - -Fix for http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2412. - ---- apr-util/misc/apr_rmm.c.orig 2005-08-05 20:02:06.000000000 +0900 -+++ apr-util/misc/apr_rmm.c -@@ -47,6 +47,7 @@ struct apr_rmm_t { - static apr_rmm_off_t find_block_by_offset(apr_rmm_t *rmm, apr_rmm_off_t next, - apr_rmm_off_t find, int includes) - { -+ apr_size_t size; - apr_rmm_off_t prev = 0; - - while (next) { -@@ -277,13 +278,17 @@ APU_DECLARE(apr_status_t) apr_rmm_detach - - APU_DECLARE(apr_rmm_off_t) apr_rmm_malloc(apr_rmm_t *rmm, apr_size_t reqsize) - { -+ apr_size_t size; - apr_rmm_off_t this; - -- reqsize = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; -+ size = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; -+ if (size < reqsize) { -+ return 0; -+ } - - APR_ANYLOCK_LOCK(&rmm->lock); - -- this = find_block_of_size(rmm, reqsize); -+ this = find_block_of_size(rmm, size); - - if (this) { - move_block(rmm, this, 0); -@@ -296,18 +301,22 @@ APU_DECLARE(apr_rmm_off_t) apr_rmm_mallo - - APU_DECLARE(apr_rmm_off_t) apr_rmm_calloc(apr_rmm_t *rmm, apr_size_t reqsize) - { -+ apr_size_t size; - apr_rmm_off_t this; - -- reqsize = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; -+ size = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; -+ if (size < reqsize) { -+ return 0; -+ } - - APR_ANYLOCK_LOCK(&rmm->lock); - -- this = find_block_of_size(rmm, reqsize); -+ this = find_block_of_size(rmm, size); - - if (this) { - move_block(rmm, this, 0); - this += RMM_BLOCK_SIZE; -- memset((char*)rmm->base + this, 0, reqsize - RMM_BLOCK_SIZE); -+ memset((char*)rmm->base + this, 0, size - RMM_BLOCK_SIZE); - } - - APR_ANYLOCK_UNLOCK(&rmm->lock); -@@ -320,16 +329,19 @@ APU_DECLARE(apr_rmm_off_t) apr_rmm_reall - apr_rmm_off_t this; - apr_rmm_off_t old; - struct rmm_block_t *blk; -- apr_size_t oldsize; -+ apr_size_t size, oldsize; - - if (!entity) { - return apr_rmm_malloc(rmm, reqsize); - } - -- reqsize = APR_ALIGN_DEFAULT(reqsize); -+ size = APR_ALIGN_DEFAULT(reqsize); -+ if (size < reqsize) { -+ return 0; -+ } - old = apr_rmm_offset_get(rmm, entity); - -- if ((this = apr_rmm_malloc(rmm, reqsize)) == 0) { -+ if ((this = apr_rmm_malloc(rmm, size)) == 0) { - return 0; - } - -@@ -337,7 +349,7 @@ APU_DECLARE(apr_rmm_off_t) apr_rmm_reall - oldsize = blk->size; - - memcpy(apr_rmm_addr_get(rmm, this), -- apr_rmm_addr_get(rmm, old), oldsize < reqsize ? oldsize : reqsize); -+ apr_rmm_addr_get(rmm, old), oldsize < size ? oldsize : size); - apr_rmm_free(rmm, old); - - return this; diff --git a/devel/apr0/patches/patch-ac b/devel/apr0/patches/patch-ac deleted file mode 100644 index d4b0cf322ae..00000000000 --- a/devel/apr0/patches/patch-ac +++ /dev/null @@ -1,58 +0,0 @@ -$NetBSD: patch-ac,v 1.1 2009/08/12 03:37:28 taca Exp $ - -Fix for http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2412. - ---- apr/memory/unix/apr_pools.c.orig 2007-10-17 13:09:40.000000000 +0900 -+++ apr/memory/unix/apr_pools.c -@@ -189,15 +189,19 @@ APR_DECLARE(void) apr_allocator_max_free - } - - static APR_INLINE --apr_memnode_t *allocator_alloc(apr_allocator_t *allocator, apr_size_t size) -+apr_memnode_t *allocator_alloc(apr_allocator_t *allocator, apr_size_t in_size) - { - apr_memnode_t *node, **ref; - apr_uint32_t i, index, max_index; -+ apr_size_t size; - - /* Round up the block size to the next boundary, but always - * allocate at least a certain size (MIN_ALLOC). - */ -- size = APR_ALIGN(size + APR_MEMNODE_T_SIZE, BOUNDARY_SIZE); -+ size = APR_ALIGN(in_size + APR_MEMNODE_T_SIZE, BOUNDARY_SIZE); -+ if (size < in_size) { -+ return NULL; -+ } - if (size < MIN_ALLOC) - size = MIN_ALLOC; - -@@ -625,13 +629,19 @@ void netware_pool_proc_cleanup () - * Memory allocation - */ - --APR_DECLARE(void *) apr_palloc(apr_pool_t *pool, apr_size_t size) -+APR_DECLARE(void *) apr_palloc(apr_pool_t *pool, apr_size_t in_size) - { - apr_memnode_t *active, *node; - void *mem; - apr_uint32_t free_index; -+ apr_size_t size; - -- size = APR_ALIGN_DEFAULT(size); -+ size = APR_ALIGN_DEFAULT(in_size); -+ if (size < in_size) { -+ if (pool->abort_fn) -+ pool->abort_fn(APR_ENOMEM); -+ -+ } - active = pool->active; - - /* If the active node has enough bytes left, use it. */ -@@ -696,7 +706,6 @@ APR_DECLARE(void *) apr_pcalloc(apr_pool - { - void *mem; - -- size = APR_ALIGN_DEFAULT(size); - if ((mem = apr_palloc(pool, size)) != NULL) { - memset(mem, 0, size); - } diff --git a/devel/apr0/patches/patch-ao b/devel/apr0/patches/patch-ao index e9dee966dfa..784950abc4d 100644 --- a/devel/apr0/patches/patch-ao +++ b/devel/apr0/patches/patch-ao @@ -1,8 +1,8 @@ -$NetBSD: patch-ao,v 1.1.1.1 2007/01/24 19:31:24 epg Exp $ +$NetBSD: patch-ao,v 1.2 2010/11/01 18:03:04 adam Exp $ ---- apr/configure.orig 2005-10-09 18:34:19.000000000 -0700 +--- apr/configure.orig 2010-10-14 18:00:18.000000000 +0000 +++ apr/configure -@@ -40851,7 +40851,7 @@ fi; +@@ -40982,7 +40982,7 @@ fi if test "$apr_devrandom" = "yes"; then # /dev/random on OpenBSD doesn't provide random data, so # prefer /dev/arandom, which does; see random(4). diff --git a/devel/apr0/patches/patch-au b/devel/apr0/patches/patch-au index 8b79dee6a0a..3a866842404 100644 --- a/devel/apr0/patches/patch-au +++ b/devel/apr0/patches/patch-au @@ -1,10 +1,10 @@ -$NetBSD: patch-au,v 1.1.1.1 2007/01/24 19:31:24 epg Exp $ +$NetBSD: patch-au,v 1.2 2010/11/01 18:03:04 adam Exp $ NetBSD 3.0 does not have pthread_setconcurrency(). --- apr/test/testatomic.c.orig 2005-02-04 21:36:31.000000000 +0100 +++ apr/test/testatomic.c 2006-10-04 22:30:21.000000000 +0200 -@@ -227,7 +227,7 @@ int main(int argc, char**argv) +@@ -231,7 +231,7 @@ int main(int argc, char**argv) } printf("APR Atomic Test\n===============\n\n"); |