Add fix for CVE-2015-0253.

Bump PKGREVISION.
author: taca <taca@pkgsrc.org> 2015-06-11 15:38:48 +0000
committer: taca <taca@pkgsrc.org> 2015-06-11 15:38:48 +0000
commit: 53c4e4fe0d28a207639266aa452c9c4b4e129be2 (patch)
tree: 4f28451b6fc64badf28fbca07cf5d0a1173d1fd9 /www/apache24
parent: b85cdb0411925b6e394034ae2ff604192bcf32c3 (diff)
download: pkgsrc-53c4e4fe0d28a207639266aa452c9c4b4e129be2.tar.gz
3 files changed, 28 insertions, 2 deletions
diff --git a/www/apache24/Makefile b/www/apache24/Makefile
index d7352794ce6..62d7ec74543 100644
--- a/www/apache24/Makefile
+++ b/www/apache24/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.34 2015/02/02 14:45:51 adam Exp $
+# $NetBSD: Makefile,v 1.35 2015/06/11 15:38:48 taca Exp $
 
 DISTNAME=	httpd-2.4.12
 PKGNAME=	${DISTNAME:S/httpd/apache/}
+PKGREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_APACHE:=httpd/} \
 		http://archive.apache.org/dist/httpd/ \
diff --git a/www/apache24/distinfo b/www/apache24/distinfo
index 6a41883a1af..c5b7c6c8103 100644
--- a/www/apache24/distinfo
+++ b/www/apache24/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.19 2015/03/28 06:28:04 ryoon Exp $
+$NetBSD: distinfo,v 1.20 2015/06/11 15:38:48 taca Exp $
 
 SHA1 (httpd-2.4.12.tar.bz2) = bc4681bfd63accec8d82d3cc440fbc8264ce0f17
 RMD160 (httpd-2.4.12.tar.bz2) = 396deb95ca40f429cc3845a36b766a9fb1c2c2aa
@@ -16,3 +16,4 @@ SHA1 (patch-am) = acdf7198ae8b4353cfc70c8015a0f09de036b777
 SHA1 (patch-aw) = 43cd64df886853ef7b75b91ed20183f329fcc9df
 SHA1 (patch-include_ap__config.h) = 1d056e2d4db80ec97aaf755b6dd6aff69ed2cd96
 SHA1 (patch-server_core__filters.c) = 331672c9a65691229518f31dcdae64382b392287
+SHA1 (patch-server_protocol.c) = 73f9cfad3217784fcdc6e5c7948eefd47b2a5a42
diff --git a/www/apache24/patches/patch-server_protocol.c b/www/apache24/patches/patch-server_protocol.c
new file mode 100644
index 00000000000..0e61958d9e4
--- /dev/null
+++ b/www/apache24/patches/patch-server_protocol.c
@@ -0,0 +1,24 @@
+$NetBSD: patch-server_protocol.c,v 1.1 2015/06/11 15:38:48 taca Exp $
+
+Fix for CVE-2015-0253, introduced in Apache 2.4.11.
+
+--- server/protocol.c.orig	2014-11-29 09:22:43.000000000 +0000
++++ server/protocol.c
+@@ -599,8 +599,6 @@ static int read_request_line(request_rec
+              */
+             if (APR_STATUS_IS_ENOSPC(rv)) {
+                 r->status    = HTTP_REQUEST_URI_TOO_LARGE;
+-                r->proto_num = HTTP_VERSION(1,0);
+-                r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
+             }
+             else if (APR_STATUS_IS_TIMEUP(rv)) {
+                 r->status = HTTP_REQUEST_TIME_OUT;
+@@ -608,6 +606,8 @@ static int read_request_line(request_rec
+             else if (APR_STATUS_IS_EINVAL(rv)) {
+                 r->status = HTTP_BAD_REQUEST;
+             }
++	    r->proto_num = HTTP_VERSION(1,0);
++	    r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
+             return 0;
+         }
+     } while ((len <= 0) && (++num_blank_lines < max_blank_lines));
author	taca <taca@pkgsrc.org>	2015-06-11 15:38:48 +0000
committer	taca <taca@pkgsrc.org>	2015-06-11 15:38:48 +0000
commit	53c4e4fe0d28a207639266aa452c9c4b4e129be2 (patch)
tree	4f28451b6fc64badf28fbca07cf5d0a1173d1fd9 /www/apache24
parent	b85cdb0411925b6e394034ae2ff604192bcf32c3 (diff)
download	pkgsrc-53c4e4fe0d28a207639266aa452c9c4b4e129be2.tar.gz