diff options
| author | taca <taca> | 2015-06-11 15:38:48 +0000 |
|---|---|---|
| committer | taca <taca> | 2015-06-11 15:38:48 +0000 |
| commit | 7d3c91bc66add45eebe274da534c8af64ac1e934 (patch) | |
| tree | 4f28451b6fc64badf28fbca07cf5d0a1173d1fd9 /www/apache24 | |
| parent | e8ecc77a27bba740aa6236642a8c473fda04938a (diff) | |
| download | pkgsrc-7d3c91bc66add45eebe274da534c8af64ac1e934.tar.gz | |
Add fix for CVE-2015-0253.
Bump PKGREVISION.
Diffstat (limited to 'www/apache24')
| -rw-r--r-- | www/apache24/Makefile | 3 | ||||
| -rw-r--r-- | www/apache24/distinfo | 3 | ||||
| -rw-r--r-- | www/apache24/patches/patch-server_protocol.c | 24 |
3 files changed, 28 insertions, 2 deletions
diff --git a/www/apache24/Makefile b/www/apache24/Makefile index d7352794ce6..62d7ec74543 100644 --- a/www/apache24/Makefile +++ b/www/apache24/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.34 2015/02/02 14:45:51 adam Exp $ +# $NetBSD: Makefile,v 1.35 2015/06/11 15:38:48 taca Exp $ DISTNAME= httpd-2.4.12 PKGNAME= ${DISTNAME:S/httpd/apache/} +PKGREVISION= 1 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ http://archive.apache.org/dist/httpd/ \ diff --git a/www/apache24/distinfo b/www/apache24/distinfo index 6a41883a1af..c5b7c6c8103 100644 --- a/www/apache24/distinfo +++ b/www/apache24/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.19 2015/03/28 06:28:04 ryoon Exp $ +$NetBSD: distinfo,v 1.20 2015/06/11 15:38:48 taca Exp $ SHA1 (httpd-2.4.12.tar.bz2) = bc4681bfd63accec8d82d3cc440fbc8264ce0f17 RMD160 (httpd-2.4.12.tar.bz2) = 396deb95ca40f429cc3845a36b766a9fb1c2c2aa @@ -16,3 +16,4 @@ SHA1 (patch-am) = acdf7198ae8b4353cfc70c8015a0f09de036b777 SHA1 (patch-aw) = 43cd64df886853ef7b75b91ed20183f329fcc9df SHA1 (patch-include_ap__config.h) = 1d056e2d4db80ec97aaf755b6dd6aff69ed2cd96 SHA1 (patch-server_core__filters.c) = 331672c9a65691229518f31dcdae64382b392287 +SHA1 (patch-server_protocol.c) = 73f9cfad3217784fcdc6e5c7948eefd47b2a5a42 diff --git a/www/apache24/patches/patch-server_protocol.c b/www/apache24/patches/patch-server_protocol.c new file mode 100644 index 00000000000..0e61958d9e4 --- /dev/null +++ b/www/apache24/patches/patch-server_protocol.c @@ -0,0 +1,24 @@ +$NetBSD: patch-server_protocol.c,v 1.1 2015/06/11 15:38:48 taca Exp $ + +Fix for CVE-2015-0253, introduced in Apache 2.4.11. + +--- server/protocol.c.orig 2014-11-29 09:22:43.000000000 +0000 ++++ server/protocol.c +@@ -599,8 +599,6 @@ static int read_request_line(request_rec + */ + if (APR_STATUS_IS_ENOSPC(rv)) { + r->status = HTTP_REQUEST_URI_TOO_LARGE; +- r->proto_num = HTTP_VERSION(1,0); +- r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); + } + else if (APR_STATUS_IS_TIMEUP(rv)) { + r->status = HTTP_REQUEST_TIME_OUT; +@@ -608,6 +606,8 @@ static int read_request_line(request_rec + else if (APR_STATUS_IS_EINVAL(rv)) { + r->status = HTTP_BAD_REQUEST; + } ++ r->proto_num = HTTP_VERSION(1,0); ++ r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); + return 0; + } + } while ((len <= 0) && (++num_blank_lines < max_blank_lines)); |