Add fixes for CAN-2005-1268 (not really a security problem) and

CAN-2005-2088 from the Apache SVN repository.

2 files changed, 33 insertions, 0 deletions

diff --git a/www/apache2/patches/patch-ae b/www/apache2/patches/patch-ae
new file mode 100644
index 00000000000..83b13945a06
--- /dev/null
+++ b/www/apache2/patches/patch-ae
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.4 2005/08/08 18:30:26 tron Exp $
+
+--- modules/ssl/ssl_engine_kernel.c.orig	2005-03-29 09:44:31.000000000 +0100
++++ modules/ssl/ssl_engine_kernel.c	2005-08-08 19:19:05.000000000 +0100
+@@ -1398,7 +1398,7 @@
+             BIO_printf(bio, ", nextUpdate: ");
+             ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl));
+ 
+-            n = BIO_read(bio, buff, sizeof(buff));
++            n = BIO_read(bio, buff, sizeof(buff) - 1);
+             buff[n] = '\0';
+ 
+             BIO_free(bio);
diff --git a/www/apache2/patches/patch-af b/www/apache2/patches/patch-af
new file mode 100644
index 00000000000..fef7cf4b529
--- /dev/null
+++ b/www/apache2/patches/patch-af
@@ -0,0 +1,20 @@
+$NetBSD: patch-af,v 1.4 2005/08/08 18:30:26 tron Exp $
+
+--- server/protocol.c.orig	2005/07/14 16:49:17	219060
++++ server/protocol.c	2005/07/14 16:51:55	219061
+@@ -885,6 +885,15 @@
+             apr_brigade_destroy(tmp_bb);
+             return r;
+         }
++
++        if (apr_table_get(r->headers_in, "Transfer-Encoding")
++            && apr_table_get(r->headers_in, "Content-Length")) {
++            /* 2616 section 4.4, point 3: "if both Transfer-Encoding
++             * and Content-Length are received, the latter MUST be
++             * ignored"; so unset it here to prevent any confusion
++             * later. */
++            apr_table_unset(r->headers_in, "Content-Length");
++        }
+     }
+     else {
+         if (r->header_only) {