diff options
-rw-r--r-- | www/apache24/Makefile | 5 | ||||
-rw-r--r-- | www/apache24/distinfo | 11 | ||||
-rw-r--r-- | www/apache24/patches/patch-CVE-2015-0228 | 36 | ||||
-rw-r--r-- | www/apache24/patches/patch-server_core__filters.c | 26 | ||||
-rw-r--r-- | www/apache24/patches/patch-server_protocol.c | 24 |
5 files changed, 6 insertions, 96 deletions
diff --git a/www/apache24/Makefile b/www/apache24/Makefile index bf7412331fa..b3fc6ad257b 100644 --- a/www/apache24/Makefile +++ b/www/apache24/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.36 2015/06/12 10:51:48 wiz Exp $ +# $NetBSD: Makefile,v 1.36.2.1 2015/07/22 20:12:58 tron Exp $ -DISTNAME= httpd-2.4.12 +DISTNAME= httpd-2.4.16 PKGNAME= ${DISTNAME:S/httpd/apache/} -PKGREVISION= 2 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ http://archive.apache.org/dist/httpd/ \ diff --git a/www/apache24/distinfo b/www/apache24/distinfo index c5b7c6c8103..d5c7da6c9ec 100644 --- a/www/apache24/distinfo +++ b/www/apache24/distinfo @@ -1,9 +1,8 @@ -$NetBSD: distinfo,v 1.20 2015/06/11 15:38:48 taca Exp $ +$NetBSD: distinfo,v 1.20.2.1 2015/07/22 20:12:58 tron Exp $ -SHA1 (httpd-2.4.12.tar.bz2) = bc4681bfd63accec8d82d3cc440fbc8264ce0f17 -RMD160 (httpd-2.4.12.tar.bz2) = 396deb95ca40f429cc3845a36b766a9fb1c2c2aa -Size (httpd-2.4.12.tar.bz2) = 5054838 bytes -SHA1 (patch-CVE-2015-0228) = 2a6ec79cc8feb546b3d4ede08877ad72347b55a7 +SHA1 (httpd-2.4.16.tar.bz2) = 9963e7482700dd50c53e47abfe2d1c5068875a9c +RMD160 (httpd-2.4.16.tar.bz2) = ff29b1885d39e4ee96efdd6678c0881c921dedd8 +Size (httpd-2.4.16.tar.bz2) = 5101005 bytes SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839 SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324 SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d @@ -15,5 +14,3 @@ SHA1 (patch-al) = 02d9ade5aac4270182063d5ad413970c832ee911 SHA1 (patch-am) = acdf7198ae8b4353cfc70c8015a0f09de036b777 SHA1 (patch-aw) = 43cd64df886853ef7b75b91ed20183f329fcc9df SHA1 (patch-include_ap__config.h) = 1d056e2d4db80ec97aaf755b6dd6aff69ed2cd96 -SHA1 (patch-server_core__filters.c) = 331672c9a65691229518f31dcdae64382b392287 -SHA1 (patch-server_protocol.c) = 73f9cfad3217784fcdc6e5c7948eefd47b2a5a42 diff --git a/www/apache24/patches/patch-CVE-2015-0228 b/www/apache24/patches/patch-CVE-2015-0228 deleted file mode 100644 index 9b82fc443eb..00000000000 --- a/www/apache24/patches/patch-CVE-2015-0228 +++ /dev/null @@ -1,36 +0,0 @@ -$NetBSD: patch-CVE-2015-0228,v 1.1 2015/03/28 06:28:04 ryoon Exp $ - -http://svn.apache.org/viewvc?view=revision&revision=1657261 - ---- modules/lua/lua_request.c.orig 2014-09-05 14:20:27.000000000 +0000 -+++ modules/lua/lua_request.c -@@ -2229,6 +2229,7 @@ static int lua_websocket_read(lua_State - { - apr_socket_t *sock; - apr_status_t rv; -+ int do_read = 1; - int n = 0; - apr_size_t len = 1; - apr_size_t plen = 0; -@@ -2246,6 +2247,8 @@ static int lua_websocket_read(lua_State - mask_bytes = apr_pcalloc(r->pool, 4); - sock = ap_get_conn_socket(r->connection); - -+ while (do_read) { -+ do_read = 0; - /* Get opcode and FIN bit */ - if (plaintext) { - rv = apr_socket_recv(sock, &byte, &len); -@@ -2372,10 +2375,11 @@ static int lua_websocket_read(lua_State - frame[0] = 0x8A; - frame[1] = 0; - apr_socket_send(sock, frame, &plen); /* Pong! */ -- lua_websocket_read(L); /* read the next frame instead */ -+ do_read = 1; - } - } - } -+ } - return 0; - } - diff --git a/www/apache24/patches/patch-server_core__filters.c b/www/apache24/patches/patch-server_core__filters.c deleted file mode 100644 index a88a1f596da..00000000000 --- a/www/apache24/patches/patch-server_core__filters.c +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-server_core__filters.c,v 1.1 2012/05/18 20:56:29 ryoon Exp $ - -Fix PR pkg/46458 -Upstream bug report: https://issues.apache.org/bugzilla/show_bug.cgi?id=53253 - ---- server/core_filters.c.orig 2012-02-04 10:04:59.000000000 +0000 -+++ server/core_filters.c -@@ -640,18 +640,13 @@ static apr_status_t send_brigade_nonbloc - if ((apr_file_flags_get(fd) & APR_SENDFILE_ENABLED) && - (bucket->length >= AP_MIN_SENDFILE_BYTES)) { - if (nvec > 0) { -- (void)apr_socket_opt_set(s, APR_TCP_NOPUSH, 1); - rv = writev_nonblocking(s, vec, nvec, bb, bytes_written, c); - nvec = 0; - if (rv != APR_SUCCESS) { -- (void)apr_socket_opt_set(s, APR_TCP_NOPUSH, 0); - return rv; - } - } - rv = sendfile_nonblocking(s, bucket, bytes_written, c); -- if (nvec > 0) { -- (void)apr_socket_opt_set(s, APR_TCP_NOPUSH, 0); -- } - if (rv != APR_SUCCESS) { - return rv; - } diff --git a/www/apache24/patches/patch-server_protocol.c b/www/apache24/patches/patch-server_protocol.c deleted file mode 100644 index 0e61958d9e4..00000000000 --- a/www/apache24/patches/patch-server_protocol.c +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-server_protocol.c,v 1.1 2015/06/11 15:38:48 taca Exp $ - -Fix for CVE-2015-0253, introduced in Apache 2.4.11. - ---- server/protocol.c.orig 2014-11-29 09:22:43.000000000 +0000 -+++ server/protocol.c -@@ -599,8 +599,6 @@ static int read_request_line(request_rec - */ - if (APR_STATUS_IS_ENOSPC(rv)) { - r->status = HTTP_REQUEST_URI_TOO_LARGE; -- r->proto_num = HTTP_VERSION(1,0); -- r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); - } - else if (APR_STATUS_IS_TIMEUP(rv)) { - r->status = HTTP_REQUEST_TIME_OUT; -@@ -608,6 +606,8 @@ static int read_request_line(request_rec - else if (APR_STATUS_IS_EINVAL(rv)) { - r->status = HTTP_BAD_REQUEST; - } -+ r->proto_num = HTTP_VERSION(1,0); -+ r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); - return 0; - } - } while ((len <= 0) && (++num_blank_lines < max_blank_lines)); |