Add patch provided by the Apache foundation to close the privacy leak

reported in CVE-2010-2068.

3 files changed, 39 insertions, 3 deletions

diff --git a/www/apache22/Makefile b/www/apache22/Makefile
index 5785ef8abe9..574bdbf65df 100644
--- a/www/apache22/Makefile
+++ b/www/apache22/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.58 2010/05/03 20:10:33 tron Exp $
+# $NetBSD: Makefile,v 1.59 2010/06/12 10:40:26 tron Exp $
 
 DISTNAME=	httpd-2.2.15
-PKGREVISION=	2
+PKGREVISION=	3
 PKGNAME=	${DISTNAME:S/httpd/apache/}
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_APACHE:=httpd/} \
diff --git a/www/apache22/distinfo b/www/apache22/distinfo
index af388820987..7477ee423d2 100644
--- a/www/apache22/distinfo
+++ b/www/apache22/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.32 2010/04/28 07:43:56 obache Exp $
+$NetBSD: distinfo,v 1.33 2010/06/12 10:40:26 tron Exp $
 
 SHA1 (httpd-2.2.15.tar.bz2) = 5f0e973839ed2e38a4d03adba109ef5ce3381bc2
 RMD160 (httpd-2.2.15.tar.bz2) = e5c5da1fdf86a6b0501f6c8e97ccb1982e81cfdf
@@ -8,6 +8,7 @@ SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150
 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
 SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
+SHA1 (patch-af) = c3051544406326297161f36ff3f499395630dc05
 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01
 SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312
 SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1
diff --git a/www/apache22/patches/patch-af b/www/apache22/patches/patch-af
new file mode 100644
index 00000000000..9c5efcc3ac1
--- /dev/null
+++ b/www/apache22/patches/patch-af
@@ -0,0 +1,35 @@
+$NetBSD: patch-af,v 1.3 2010/06/12 10:40:26 tron Exp $
+
+Patch to fix CVE-2010-2068, taken from here:
+
+http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch
+
+--- modules/proxy/mod_proxy_http.c.orig	2010-02-27 18:49:36.000000000 +0000
++++ modules/proxy/mod_proxy_http.c	2010-06-12 11:33:45.000000000 +0100
+@@ -1401,7 +1401,7 @@
+             ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r,
+                           "proxy: error reading status line from remote "
+                           "server %s", backend->hostname);
+-            if (rc == APR_TIMEUP) {
++            if (APR_STATUS_IS_TIMEUP(rc)) {
+                 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+                               "proxy: read timeout");
+             }
+@@ -1417,7 +1417,7 @@
+              * we normally would handle timeouts
+              */
+             if (r->proxyreq == PROXYREQ_REVERSE && c->keepalives &&
+-                rc != APR_TIMEUP) {
++                !APR_STATUS_IS_TIMEUP(rc)) {
+                 apr_bucket *eos;
+ 
+                 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+@@ -1449,6 +1449,8 @@
+                     APR_BUCKET_INSERT_BEFORE(eos, e);
+                 }
+                 ap_pass_brigade(r->output_filters, bb);
++                /* Mark the backend connection for closing */
++                backend->close = 1;
+                 /* Need to return OK to avoid sending an error message */
+                 return OK;
+             }