Add patch for Apache security issue.

2.0.51 had a regression where the Satisfy directive could take
effect for different directories (and could bypass some access
control).

This patch is direct from Apache.

Also bumped the package revision.

2 files changed, 31 insertions, 1 deletions

diff --git a/www/apache2/Makefile b/www/apache2/Makefile
index 545d0b24c37..9052cc375eb 100644
--- a/www/apache2/Makefile
+++ b/www/apache2/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.44 2004/09/20 17:19:33 adrianp Exp $
+# $NetBSD: Makefile,v 1.45 2004/09/23 21:07:25 reed Exp $
 
 PKGNAME=		apache-${APACHE_VERSION}
+PKGREVISION=		1
 CATEGORIES=		www
 
 HOMEPAGE=		http://httpd.apache.org/
diff --git a/www/apache2/patches/patch-ab b/www/apache2/patches/patch-ab
new file mode 100644
index 00000000000..19aaeada36c
--- /dev/null
+++ b/www/apache2/patches/patch-ab
@@ -0,0 +1,29 @@
+$NetBSD: patch-ab,v 1.3 2004/09/23 21:07:25 reed Exp $
+
+http://www.apache.org/dist/httpd/patches/apply_to_2.0.51/CAN-2004-0811.patch
+
+SECURITY: CAN-2004-0811 (cve.mitre.org)
+
+Fix merging of the Satisfy directive, which was applied to
+the surrounding context and could allow access despite configured
+authentication.  (a regression in 2.0.51)
+
+Apache PR: 31315
+Submitted by:	Rici Lake <rici ricilake.net>
+
+--- server/core.c	2004/08/31 08:16:56	1.225.2.27
++++ server/core.c	2004/09/21 13:21:16	1.225.2.28
+@@ -351,9 +351,13 @@
+     /* Otherwise we simply use the base->sec_file array
+      */
+ 
++    /* use a separate ->satisfy[] array either way */
++    conf->satisfy = apr_palloc(a, sizeof(*conf->satisfy) * METHODS);
+     for (i = 0; i < METHODS; ++i) {
+         if (new->satisfy[i] != SATISFY_NOSPEC) {
+             conf->satisfy[i] = new->satisfy[i];
++        } else {
++            conf->satisfy[i] = base->satisfy[i];
+         }
+     }
+