Update apache package to 1.3.31.

Apache 1.3.31 Major changes Security vulnerabilities * CAN-2003-0987 (cve.mitre.org) In mod_digest, verify whether the nonce returned in the client response is one we issued ourselves. This problem does not affect mod_auth_digest. * CAN-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. * CAN-2004-0174 (cve.mitre.org) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. * CAN-2003-0993 (cve.mitre.org) Fix parsing of Allow/Deny rules using IP addresses without a netmask; issue is only known to affect big-endian 64-bit platforms New features New features that relate to specific platforms: * Linux 2.4+: If Apache is started as root and you code CoreDumpDirectory, core dumps are enabled via the prctl() syscall. New features that relate to all platforms: * Add mod_whatkilledus and mod_backtrace (experimental) for reporting diagnostic information after a child process crash. * Add fatal exception hook for running diagnostic code after a crash. * Forensic logging module added (mod_log_forensic) * '%X' is now accepted as an alias for '%c' in the LogFormat directive. This allows you to configure logging to still log the connection status even with mod_ssl Bugs fixed The following noteworthy bugs were found in Apache 1.3.29 (or earlier) and have been fixed in Apache 1.3.31: * Fix memory corruption problem with ap_custom_response() function. The core per-dir config would later point to request pool data that would be reused for different purposes on different requests. * mod_usertrack no longer inspects the Cookie2 header for the cookie name. It also no longer overwrites other cookies. * Fix bug causing core dump when using CookieTracking without specifying a CookieName directly. * UseCanonicalName off was ignoring the client provided port information.
author: taca <taca> 2004-05-13 11:39:09 +0000
committer: taca <taca> 2004-05-13 11:39:09 +0000
commit: 794efce466c8aaea676057edb6da1d38eb2e2cda (patch)
tree: db7798594ffc861faa4a36f8155fb8a9016c0b23 /www/apache/patches
parent: 5a6f99914689920054dc426df424b42700f0144f (diff)
download: pkgsrc-794efce466c8aaea676057edb6da1d38eb2e2cda.tar.gz
4 files changed, 0 insertions, 135 deletions
diff --git a/www/apache/patches/patch-ap b/www/apache/patches/patch-ap
deleted file mode 100644
index 3d2ee54266b..00000000000
--- a/www/apache/patches/patch-ap
+++ /dev/null
@@ -1,30 +0,0 @@
-$NetBSD: patch-ap,v 1.3 2004/04/07 19:53:27 reed Exp $
-SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
-
---- src/main/http_log.c.orig	2003-02-03 09:13:21.000000000 -0800
-+++ src/main/http_log.c
-@@ -314,6 +314,9 @@ static void log_error_core(const char *f
- 			   const char *fmt, va_list args)
- {
-     char errstr[MAX_STRING_LEN];
-+#ifndef AP_UNSAFE_ERROR_LOG_UNESCAPED
-+    char scratch[MAX_STRING_LEN];
-+#endif
-     size_t len;
-     int save_errno = errno;
-     FILE *logf;
-@@ -445,7 +448,14 @@ static void log_error_core(const char *f
-     }
- #endif
- 
-+#ifndef AP_UNSAFE_ERROR_LOG_UNESCAPED
-+   if (ap_vsnprintf(scratch, sizeof(scratch) - len, fmt, args)) {
-+       len += ap_escape_errorlog_item(errstr + len, scratch,
-+                                      sizeof(errstr) - len);
-+   }
-+#else
-     len += ap_vsnprintf(errstr + len, sizeof(errstr) - len, fmt, args);
-+#endif
- 
-     /* NULL if we are logging to syslog */
-     if (logf) {
diff --git a/www/apache/patches/patch-aq b/www/apache/patches/patch-aq
deleted file mode 100644
index 128e1b7f7e2..00000000000
--- a/www/apache/patches/patch-aq
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-aq,v 1.3 2004/04/07 19:53:27 reed Exp $
-SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
-
---- src/include/httpd.h.orig	2004-04-07 12:24:10.967724616 -0700
-+++ src/include/httpd.h
-@@ -1072,6 +1072,8 @@ API_EXPORT(char *) ap_escape_html(pool *
- API_EXPORT(char *) ap_construct_server(pool *p, const char *hostname,
- 				    unsigned port, const request_rec *r);
- API_EXPORT(char *) ap_escape_logitem(pool *p, const char *str);
-+API_EXPORT(size_t) ap_escape_errorlog_item(char *dest, const char *source,
-+                                           size_t buflen);
- API_EXPORT(char *) ap_escape_shell_cmd(pool *p, const char *s);
- 
- API_EXPORT(int) ap_count_dirs(const char *path);
diff --git a/www/apache/patches/patch-ar b/www/apache/patches/patch-ar
deleted file mode 100644
index 5461b844597..00000000000
--- a/www/apache/patches/patch-ar
+++ /dev/null
@@ -1,75 +0,0 @@
-$NetBSD: patch-ar,v 1.3 2004/04/07 19:53:27 reed Exp $
-SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the errorlog
-
---- src/main/util.c.orig	2003-02-03 09:13:23.000000000 -0800
-+++ src/main/util.c
-@@ -1520,6 +1520,69 @@ API_EXPORT(char *) ap_escape_logitem(poo
-     return ret;
- }
- 
-+API_EXPORT(size_t) ap_escape_errorlog_item(char *dest, const char *source,
-+                                           size_t buflen)
-+{
-+    unsigned char *d, *ep;
-+    const unsigned char *s;
-+
-+    if (!source || !buflen) { /* be safe */
-+        return 0;
-+    }
-+
-+    d = (unsigned char *)dest;
-+    s = (const unsigned char *)source;
-+    ep = d + buflen - 1;
-+
-+    for (; d < ep && *s; ++s) {
-+
-+        if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
-+            *d++ = '\\';
-+            if (d >= ep) {
-+                --d;
-+                break;
-+            }
-+
-+            switch(*s) {
-+            case '\b':
-+                *d++ = 'b';
-+                break;
-+            case '\n':
-+                *d++ = 'n';
-+                break;
-+            case '\r':
-+                *d++ = 'r';
-+                break;
-+            case '\t':
-+                *d++ = 't';
-+                break;
-+            case '\v':
-+                *d++ = 'v';
-+                break;
-+            case '\\':
-+                *d++ = *s;
-+                break;
-+            case '"': /* no need for this in error log */
-+                d[-1] = *s;
-+                break;
-+            default:
-+                if (d >= ep - 2) {
-+                    ep = --d; /* break the for loop as well */
-+                    break;
-+                }
-+                c2x(*s, d);
-+                *d = 'x';
-+                d += 3;
-+            }
-+        }
-+        else {
-+            *d++ = *s;
-+        }
-+    }
-+    *d = '\0';
-+
-+    return (d - (unsigned char *)dest);
-+}
- 
- API_EXPORT(char *) ap_escape_shell_cmd(pool *p, const char *str)
- {
diff --git a/www/apache/patches/patch-as b/www/apache/patches/patch-as
deleted file mode 100644
index 00c39ba9059..00000000000
--- a/www/apache/patches/patch-as
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-as,v 1.3 2004/04/26 20:06:58 jlam Exp $
-
---- src/modules/standard/mod_auth_db.c.orig	Mon Feb  3 12:13:27 2003
-+++ src/modules/standard/mod_auth_db.c
-@@ -170,7 +170,10 @@ static char *get_db_pw(request_rec *r, c
-     q.data = user;
-     q.size = strlen(q.data);
- 
--#if defined(DB3) || defined(DB4)
-+#if defined(DB4)
-+    if (   db_create(&f, NULL, 0) != 0 
-+        || f->open(f, NULL, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664) != 0) {
-+#elif defined(DB3)
-     if (   db_create(&f, NULL, 0) != 0 
-         || f->open(f, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664) != 0) {
- #elif defined(DB2)
author	taca <taca>	2004-05-13 11:39:09 +0000
committer	taca <taca>	2004-05-13 11:39:09 +0000
commit	794efce466c8aaea676057edb6da1d38eb2e2cda (patch)
tree	db7798594ffc861faa4a36f8155fb8a9016c0b23 /www/apache/patches
parent	5a6f99914689920054dc426df424b42700f0144f (diff)
download	pkgsrc-794efce466c8aaea676057edb6da1d38eb2e2cda.tar.gz