diff options
| author | tron <tron@pkgsrc.org> | 2005-08-08 18:30:26 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2005-08-08 18:30:26 +0000 |
| commit | 92cff08c3c3aacc55e26697858f33c8dfb7ef1de (patch) | |
| tree | e1cdecb49ce37613be09726f31ef03e4576909d4 /www/apache2 | |
| parent | a8be0d86e599bf5ed026d2459f110ceeb7305816 (diff) | |
| download | pkgsrc-92cff08c3c3aacc55e26697858f33c8dfb7ef1de.tar.gz | |
Add fixes for CAN-2005-1268 (not really a security problem) and
CAN-2005-2088 from the Apache SVN repository.
Diffstat (limited to 'www/apache2')
| -rw-r--r-- | www/apache2/Makefile | 4 | ||||
| -rw-r--r-- | www/apache2/distinfo | 4 | ||||
| -rw-r--r-- | www/apache2/patches/patch-ae | 13 | ||||
| -rw-r--r-- | www/apache2/patches/patch-af | 20 |
4 files changed, 38 insertions, 3 deletions
diff --git a/www/apache2/Makefile b/www/apache2/Makefile index ed15b4b7e4f..a80a75d27de 100644 --- a/www/apache2/Makefile +++ b/www/apache2/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.76 2005/07/16 19:10:40 jlam Exp $ +# $NetBSD: Makefile,v 1.77 2005/08/08 18:30:26 tron Exp $ .include "Makefile.common" PKGNAME= apache-${APACHE_VERSION} CATEGORIES= www -PKGREVISION= 1 +PKGREVISION= 2 HOMEPAGE= http://httpd.apache.org/ COMMENT= Apache HTTP (Web) server, version 2 diff --git a/www/apache2/distinfo b/www/apache2/distinfo index 617e8d020ad..5b0227625a5 100644 --- a/www/apache2/distinfo +++ b/www/apache2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.38 2005/04/25 09:13:14 adam Exp $ +$NetBSD: distinfo,v 1.39 2005/08/08 18:30:26 tron Exp $ SHA1 (httpd-2.0.54.tar.bz2) = 15b4fc3024cceea6562fb03383fd624e84e5e35a RMD160 (httpd-2.0.54.tar.bz2) = c511cb2fa396ba04caf77bfc6ca03413df48ea08 @@ -7,6 +7,8 @@ SHA1 (patch-aa) = bff1ef591f5361e7169ff9005dcf86437b9dac23 SHA1 (patch-ab) = 387892276efd49fd081a187c1123de26fb6486ba SHA1 (patch-ac) = 02e0ff6a6b3308ca86c96857b8159ebd6a405537 SHA1 (patch-ad) = 8c6f62346ffb5069de89a50516a3da2c6104e09b +SHA1 (patch-ae) = 0c7b733fe2e46a91dcd3bc29aa18c4b02455ff0d +SHA1 (patch-af) = 9e9a8bae118140cc8a49bd30c4753cab5741bdf3 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 SHA1 (patch-ai) = 4dc88c15b0525a5aabc80d5c2a0720cd260629de SHA1 (patch-ak) = f11a86b1235d5c595fa381bbb474db4fe8448215 diff --git a/www/apache2/patches/patch-ae b/www/apache2/patches/patch-ae new file mode 100644 index 00000000000..83b13945a06 --- /dev/null +++ b/www/apache2/patches/patch-ae @@ -0,0 +1,13 @@ +$NetBSD: patch-ae,v 1.4 2005/08/08 18:30:26 tron Exp $ + +--- modules/ssl/ssl_engine_kernel.c.orig 2005-03-29 09:44:31.000000000 +0100 ++++ modules/ssl/ssl_engine_kernel.c 2005-08-08 19:19:05.000000000 +0100 +@@ -1398,7 +1398,7 @@ + BIO_printf(bio, ", nextUpdate: "); + ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl)); + +- n = BIO_read(bio, buff, sizeof(buff)); ++ n = BIO_read(bio, buff, sizeof(buff) - 1); + buff[n] = '\0'; + + BIO_free(bio); diff --git a/www/apache2/patches/patch-af b/www/apache2/patches/patch-af new file mode 100644 index 00000000000..fef7cf4b529 --- /dev/null +++ b/www/apache2/patches/patch-af @@ -0,0 +1,20 @@ +$NetBSD: patch-af,v 1.4 2005/08/08 18:30:26 tron Exp $ + +--- server/protocol.c.orig 2005/07/14 16:49:17 219060 ++++ server/protocol.c 2005/07/14 16:51:55 219061 +@@ -885,6 +885,15 @@ + apr_brigade_destroy(tmp_bb); + return r; + } ++ ++ if (apr_table_get(r->headers_in, "Transfer-Encoding") ++ && apr_table_get(r->headers_in, "Content-Length")) { ++ /* 2616 section 4.4, point 3: "if both Transfer-Encoding ++ * and Content-Length are received, the latter MUST be ++ * ignored"; so unset it here to prevent any confusion ++ * later. */ ++ apr_table_unset(r->headers_in, "Content-Length"); ++ } + } + else { + if (r->header_only) { |