summaryrefslogtreecommitdiff
path: root/www/apache22
diff options
context:
space:
mode:
authortron <tron>2009-10-04 12:21:34 +0000
committertron <tron>2009-10-04 12:21:34 +0000
commitc8a5e836fb1a9f1a5dd3f225ce8bcbee16071883 (patch)
tree9bec9e6d1c2c3113f9efcecd7753afa42fc23544 /www/apache22
parent38d3406357c36cffedc31460f04f543ddb056c33 (diff)
downloadpkgsrc-c8a5e836fb1a9f1a5dd3f225ce8bcbee16071883.tar.gz
Add patch from the Apache SVN repository to the vulnerability reported
in CVE-2009-3095.
Diffstat (limited to 'www/apache22')
-rw-r--r--www/apache22/Makefile4
-rw-r--r--www/apache22/distinfo4
-rw-r--r--www/apache22/patches/patch-ab33
3 files changed, 27 insertions, 14 deletions
diff --git a/www/apache22/Makefile b/www/apache22/Makefile
index 58005c421aa..11e5fa3be5a 100644
--- a/www/apache22/Makefile
+++ b/www/apache22/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.51 2009/09/14 22:09:33 tron Exp $
+# $NetBSD: Makefile,v 1.52 2009/10/04 12:21:34 tron Exp $
DISTNAME= httpd-2.2.13
PKGNAME= ${DISTNAME:S/httpd/apache/}
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
${MASTER_SITE_APACHE:=httpd/old/}
diff --git a/www/apache22/distinfo b/www/apache22/distinfo
index 4e256b63e87..ab732344cf1 100644
--- a/www/apache22/distinfo
+++ b/www/apache22/distinfo
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.26 2009/09/14 22:09:33 tron Exp $
+$NetBSD: distinfo,v 1.27 2009/10/04 12:21:34 tron Exp $
SHA1 (httpd-2.2.13.tar.bz2) = 44d85da1b8e6c579d4514cfefbea00b284717b69
RMD160 (httpd-2.2.13.tar.bz2) = 4a6a2247cc118175a9a36f1e14344ee71da24627
Size (httpd-2.2.13.tar.bz2) = 5300199 bytes
SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf
-SHA1 (patch-ab) = 4427989bec4faadbd64c46dced5e57b4d6649270
+SHA1 (patch-ab) = 6aec00f6dc38eee2e8648b4e95df3dbf166ac548
SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
diff --git a/www/apache22/patches/patch-ab b/www/apache22/patches/patch-ab
index c8ab19d9f2f..910c2b6c7c3 100644
--- a/www/apache22/patches/patch-ab
+++ b/www/apache22/patches/patch-ab
@@ -1,12 +1,13 @@
-$NetBSD: patch-ab,v 1.13 2009/09/14 22:09:33 tron Exp $
+$NetBSD: patch-ab,v 1.14 2009/10/04 12:21:35 tron Exp $
-Fix for CVE-2009-3094 taken from the Apache SVN repository:
+Fixes for CVE-2009-3094 and CVE-2009-3095 taken from the Apache SVN repository:
-http://svn.apache.org/viewvc?view=rev&revision=814652
+http://svn.apache.org/viewvc?view=rev&revision=814844
+http://svn.apache.org/viewvc?view=rev&revision=814847
---- modules/proxy/mod_proxy_ftp.c 2009/09/14 14:15:34 814651
-+++ modules/proxy/mod_proxy_ftp.c 2009/09/14 14:16:14 814652
-@@ -683,6 +683,31 @@
+--- modules/proxy/mod_proxy_ftp.c.orig 2008-11-11 20:04:34.000000000 +0000
++++ modules/proxy/mod_proxy_ftp.c 2009-10-04 12:49:43.000000000 +0100
+@@ -604,6 +604,31 @@
return APR_SUCCESS;
}
@@ -38,7 +39,19 @@ http://svn.apache.org/viewvc?view=rev&revision=814652
/*
* Generic "send FTP command to server" routine, using the control socket.
* Returns the FTP returncode (3 digit code)
-@@ -1296,26 +1321,11 @@
+@@ -887,6 +912,11 @@
+ if ((password = apr_table_get(r->headers_in, "Authorization")) != NULL
+ && strcasecmp(ap_getword(r->pool, &password, ' '), "Basic") == 0
+ && (password = ap_pbase64decode(r->pool, password))[0] != ':') {
++ /* Check the decoded string for special characters. */
++ if (!ftp_check_string(password)) {
++ return ap_proxyerror(r, HTTP_BAD_REQUEST,
++ "user credentials contained invalid character");
++ }
+ /*
+ * Note that this allocation has to be made from r->connection->pool
+ * because it has the lifetime of the connection. The other
+@@ -1210,26 +1240,11 @@
return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, ftpmessage);
}
else if (rc == 229) {
@@ -68,7 +81,7 @@ http://svn.apache.org/viewvc?view=rev&revision=814652
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"proxy: FTP: EPSV contacting remote host on port %d",
-@@ -1356,10 +1366,6 @@
+@@ -1272,10 +1287,6 @@
connect = 1;
}
}
@@ -79,7 +92,7 @@ http://svn.apache.org/viewvc?view=rev&revision=814652
}
}
-@@ -1446,10 +1452,6 @@
+@@ -1364,10 +1375,6 @@
connect = 1;
}
}
@@ -90,7 +103,7 @@ http://svn.apache.org/viewvc?view=rev&revision=814652
}
}
/*bypass:*/
-@@ -1929,7 +1931,9 @@
+@@ -1851,7 +1858,9 @@
* for a slow client to eat these bytes
*/
ap_flush_conn(data);