diff options
author | joerg <joerg@pkgsrc.org> | 2016-05-31 19:44:47 +0000 |
---|---|---|
committer | joerg <joerg@pkgsrc.org> | 2016-05-31 19:44:47 +0000 |
commit | 7c1518ec480c38d172c0d721a251199693cb9ed1 (patch) | |
tree | 688bfabc10b41d674459c5fda89c52955a9e44b4 /www/nginx | |
parent | f85f4a4ca5c4a31055ec8f9c0cfd34c14bda5de6 (diff) | |
download | pkgsrc-7c1518ec480c38d172c0d721a251199693cb9ed1.tar.gz |
Avoid CVE-2016-4450 (NULL dereference while saving client body to
temporary file). Bump revision.
Diffstat (limited to 'www/nginx')
-rw-r--r-- | www/nginx/Makefile | 4 | ||||
-rw-r--r-- | www/nginx/patches/patch-src_os_unix_ngx__files.c | 17 |
2 files changed, 19 insertions, 2 deletions
diff --git a/www/nginx/Makefile b/www/nginx/Makefile index 1e0365dc22e..68482ad6605 100644 --- a/www/nginx/Makefile +++ b/www/nginx/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.63 2016/03/05 11:29:38 jperkin Exp $ +# $NetBSD: Makefile,v 1.64 2016/05/31 19:44:47 joerg Exp $ DISTNAME= nginx-1.8.1 MAINTAINER= joerg@NetBSD.org -PKGREVISION= 1 +PKGREVISION= 2 .include "../../www/nginx/Makefile.common" diff --git a/www/nginx/patches/patch-src_os_unix_ngx__files.c b/www/nginx/patches/patch-src_os_unix_ngx__files.c new file mode 100644 index 00000000000..0585c479649 --- /dev/null +++ b/www/nginx/patches/patch-src_os_unix_ngx__files.c @@ -0,0 +1,17 @@ +$NetBSD: patch-src_os_unix_ngx__files.c,v 1.1 2016/05/31 19:44:47 joerg Exp $ + +--- src/os/unix/ngx_files.c.orig 2016-01-26 14:39:33.000000000 +0000 ++++ src/os/unix/ngx_files.c +@@ -292,6 +292,12 @@ ngx_write_chain_to_file(ngx_file_t *file + /* create the iovec and coalesce the neighbouring bufs */ + + while (cl && vec.nelts < IOV_MAX) { ++ ++ if (ngx_buf_special(cl->buf)) { ++ cl = cl->next; ++ continue; ++ } ++ + if (prev == cl->buf->pos) { + iov->iov_len += cl->buf->last - cl->buf->pos; + |