summaryrefslogtreecommitdiff
path: root/www/apache
diff options
context:
space:
mode:
authortron <tron@pkgsrc.org>2004-09-24 06:04:00 +0000
committertron <tron@pkgsrc.org>2004-09-24 06:04:00 +0000
commit1c3ab32f1502a81b359c45ea126b33a33852b160 (patch)
tree2f982458ccafe1bfaf350e466dc705c1d8a10772 /www/apache
parentedb19009767c6f4e438c5ecb6d84db563a9600ea (diff)
downloadpkgsrc-1c3ab32f1502a81b359c45ea126b33a33852b160.tar.gz
Apply fix for security vulnerability in proxy module reported in
CAN-2004-0492. Bump package revision package of this.
Diffstat (limited to 'www/apache')
-rw-r--r--www/apache/Makefile4
-rw-r--r--www/apache/distinfo3
-rw-r--r--www/apache/patches/patch-ap18
3 files changed, 22 insertions, 3 deletions
diff --git a/www/apache/Makefile b/www/apache/Makefile
index df5a2bbd541..c1a9e3bd21a 100644
--- a/www/apache/Makefile
+++ b/www/apache/Makefile
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.150 2004/08/22 19:32:52 jlam Exp $
+# $NetBSD: Makefile,v 1.151 2004/09/24 06:04:00 tron Exp $
#
# This pkg does not compile in mod_ssl, only the `mod_ssl EAPI' (a set of
# code hooks that allow mod_ssl to be compiled separately later, if desired).
DISTNAME= apache_1.3.31
PKGNAME= ${DISTNAME:S/_/-/}
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
${MASTER_SITE_APACHE:=httpd/old/}
diff --git a/www/apache/distinfo b/www/apache/distinfo
index a8a4acf9b7c..4685ebae229 100644
--- a/www/apache/distinfo
+++ b/www/apache/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.36 2004/07/17 12:44:28 tron Exp $
+$NetBSD: distinfo,v 1.37 2004/09/24 06:04:00 tron Exp $
SHA1 (apache_1.3.31.tar.gz) = a5d4298e8f99cae220ba65b5ef128d5742c7298d
Size (apache_1.3.31.tar.gz) = 2467371 bytes
@@ -20,3 +20,4 @@ SHA1 (patch-ak) = 8f790a692ed9b2dd6943be43fa1cf7629c673955
SHA1 (patch-al) = a27b9676998621229dc3a1d920ea44b8e622feb2
SHA1 (patch-am) = d05f7c30b73c0e90daf17d9d1c4838be7fd73b02
SHA1 (patch-ao) = 5930f9ea0f5080b260a6e0c66a37c6d1ad0df4d4
+SHA1 (patch-ap) = da8016c534bbed4036837d8e494ea3d5bb4342ea
diff --git a/www/apache/patches/patch-ap b/www/apache/patches/patch-ap
new file mode 100644
index 00000000000..02a1090d33e
--- /dev/null
+++ b/www/apache/patches/patch-ap
@@ -0,0 +1,18 @@
+$NetBSD: patch-ap,v 1.5 2004/09/24 06:04:00 tron Exp $
+
+--- src/modules/proxy/proxy_http.c.orig 29 Mar 2004 17:47:15 -0000 1.106
++++ src/modules/proxy/proxy_http.c 11 Jun 2004 07:54:38 -0000 1.107
+@@ -485,6 +485,13 @@
+ content_length = ap_table_get(resp_hdrs, "Content-Length");
+ if (content_length != NULL) {
+ c->len = ap_strtol(content_length, NULL, 10);
++
++ if (c->len < 0) {
++ ap_kill_timeout(r);
++ return ap_proxyerror(r, HTTP_BAD_GATEWAY, ap_pstrcat(r->pool,
++ "Invalid Content-Length from remote server",
++ NULL));
++ }
+ }
+
+ }