From fdbf3ca0a24c5946870f52aa4ab1474d740428e3 Mon Sep 17 00:00:00 2001 From: ghen Date: Mon, 10 Sep 2007 20:57:49 +0000 Subject: Pullup ticket 2185 - requested by tron security update for apache22 - pkgsrc/www/apache22/Makefile 1.18, 1.20 - pkgsrc/www/apache22/Makefile.common 1.6 - pkgsrc/www/apache22/PLIST 1.2, 1.3 - pkgsrc/www/apache22/distinfo 1.7 - pkgsrc/www/apache22/patches/patch-aa 1.2 - pkgsrc/www/apache22/patches/patch-ab removed - pkgsrc/www/apache22/patches/patch-an removed - pkgsrc/www/apache22/patches/patch-ao removed - pkgsrc/www/apache22/patches/patch-ap removed - pkgsrc/www/apache22/patches/patch-ar removed - pkgsrc/www/apache22/patches/patch-at removed Module Name: pkgsrc Committed By: tron Date: Sat Sep 8 11:02:11 UTC 2007 Modified Files: pkgsrc/www/apache22: Makefile Makefile.common PLIST distinfo pkgsrc/www/apache22/patches: patch-aa Removed Files: pkgsrc/www/apache22/patches: patch-ab patch-an patch-ao patch-ap patch-ar patch-at Log Message: Update "apache22" package to version 2.2.6. This update is a bug and security fix release. The following security problem hasn't been fixed in "pkgsrc" before: - CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer when parsing date-related headers. --- Module Name: pkgsrc Committed By: rillig Date: Sun Sep 9 08:12:58 UTC 2007 Modified Files: pkgsrc/www/apache22: Makefile Log Message: Only fix the suexec permissions if the file exists. --- Module Name: pkgsrc Committed By: tron Date: Mon Sep 10 20:36:41 UTC 2007 Modified Files: pkgsrc/www/apache22: PLIST Log Message: Remove duplicate entry for "share/httpd/icons/README.html". Pointed out by Geert Hendrickx in private e-mail. --- www/apache22/Makefile | 5 +-- www/apache22/Makefile.common | 6 ++-- www/apache22/PLIST | 25 ++++---------- www/apache22/distinfo | 16 +++------ www/apache22/patches/patch-aa | 10 +++--- www/apache22/patches/patch-ab | 43 ------------------------ www/apache22/patches/patch-an | 55 ------------------------------ www/apache22/patches/patch-ao | 44 ------------------------ www/apache22/patches/patch-ap | 78 ------------------------------------------- www/apache22/patches/patch-ar | 33 ------------------ www/apache22/patches/patch-at | 15 --------- 11 files changed, 23 insertions(+), 307 deletions(-) delete mode 100644 www/apache22/patches/patch-ab delete mode 100644 www/apache22/patches/patch-an delete mode 100644 www/apache22/patches/patch-ao delete mode 100644 www/apache22/patches/patch-ap delete mode 100644 www/apache22/patches/patch-ar delete mode 100644 www/apache22/patches/patch-at diff --git a/www/apache22/Makefile b/www/apache22/Makefile index d3769554e69..f37a9d127a1 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.14 2007/06/28 01:20:52 lkundrak Exp $ +# $NetBSD: Makefile,v 1.14.2.1 2007/09/10 20:57:49 ghen Exp $ .include "Makefile.common" PKGNAME= apache-${APACHE_VERSION} -PKGREVISION= 6 CATEGORIES= www HOMEPAGE= http://httpd.apache.org/ @@ -264,4 +263,6 @@ post-install: ${CHOWN} ${MANOWN}:${MANGRP} ${PREFIX}/${PKGMANDIR}/$$file; \ done + [ ! -f ${PREFIX}/sbin/suexec ] || ${CHMOD} -w ${PREFIX}/sbin/suexec + .include "../../mk/bsd.pkg.mk" diff --git a/www/apache22/Makefile.common b/www/apache22/Makefile.common index 321f79ae690..8fee8276187 100644 --- a/www/apache22/Makefile.common +++ b/www/apache22/Makefile.common @@ -1,10 +1,10 @@ -# $NetBSD: Makefile.common,v 1.5 2007/05/22 10:53:20 xtraeme Exp $ +# $NetBSD: Makefile.common,v 1.5.2.1 2007/09/10 20:57:50 ghen Exp $ DISTNAME= httpd-${APACHE_VERSION} EXTRACT_SUFX= .tar.bz2 # When updating this version be sure to update the checksum. -APACHE_VERSION= 2.2.4 +APACHE_VERSION= 2.2.6 MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ ${MASTER_SITE_APACHE:=httpd/old/} \ http://www.NetBSD.org/images/logos/ -MAINTAINER= pkgsrc-users@NetBSD.org +MAINTAINER= tron@NetBSD.org diff --git a/www/apache22/PLIST b/www/apache22/PLIST index a00a7ba9280..787ac69e70d 100644 --- a/www/apache22/PLIST +++ b/www/apache22/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.1.1.1 2006/12/08 23:31:52 xtraeme Exp $ +@comment $NetBSD: PLIST,v 1.1.1.1.6.1 2007/09/10 20:57:50 ghen Exp $ include/httpd/ap_compat.h include/httpd/ap_config.h include/httpd/ap_config_auto.h @@ -130,6 +130,7 @@ share/httpd/htdocs/apache_pb22.png share/httpd/htdocs/apache_pb22_ani.gif share/httpd/htdocs/index.html share/httpd/icons/README +share/httpd/icons/README.html share/httpd/icons/a.gif share/httpd/icons/a.png share/httpd/icons/alert.black.gif @@ -257,7 +258,6 @@ share/httpd/icons/screw2.gif share/httpd/icons/screw2.png share/httpd/icons/script.gif share/httpd/icons/script.png -share/httpd/icons/small/README.txt share/httpd/icons/small/back.gif share/httpd/icons/small/back.png share/httpd/icons/small/binary.gif @@ -405,24 +405,8 @@ share/httpd/manual/env.html share/httpd/manual/env.html.en share/httpd/manual/env.html.ja.euc-jp share/httpd/manual/env.html.ko.euc-kr -share/httpd/manual/faq/all_in_one.html -share/httpd/manual/faq/all_in_one.html.en -share/httpd/manual/faq/all_in_one.html.ja.euc-jp -share/httpd/manual/faq/all_in_one.html.ko.euc-kr -share/httpd/manual/faq/background.html -share/httpd/manual/faq/background.html.en -share/httpd/manual/faq/error.html -share/httpd/manual/faq/error.html.en -share/httpd/manual/faq/error.html.ja.euc-jp -share/httpd/manual/faq/error.html.ko.euc-kr share/httpd/manual/faq/index.html share/httpd/manual/faq/index.html.en -share/httpd/manual/faq/index.html.ja.euc-jp -share/httpd/manual/faq/index.html.ko.euc-kr -share/httpd/manual/faq/support.html -share/httpd/manual/faq/support.html.en -share/httpd/manual/faq/support.html.ja.euc-jp -share/httpd/manual/faq/support.html.ko.euc-kr share/httpd/manual/filter.html share/httpd/manual/filter.html.en share/httpd/manual/filter.html.es @@ -437,6 +421,7 @@ share/httpd/manual/glossary.html.ko.euc-kr share/httpd/manual/handler.html share/httpd/manual/handler.html.en share/httpd/manual/handler.html.es +share/httpd/manual/handler.html.fr share/httpd/manual/handler.html.ja.euc-jp share/httpd/manual/handler.html.ko.euc-kr share/httpd/manual/handler.html.ru.koi8-r @@ -514,6 +499,7 @@ share/httpd/manual/install.html.ko.euc-kr share/httpd/manual/invoking.html share/httpd/manual/invoking.html.de share/httpd/manual/invoking.html.en +share/httpd/manual/invoking.html.fr share/httpd/manual/invoking.html.es share/httpd/manual/invoking.html.ja.euc-jp share/httpd/manual/invoking.html.ko.euc-kr @@ -842,6 +828,7 @@ share/httpd/manual/mod/worker.html.ja.euc-jp share/httpd/manual/mpm.html share/httpd/manual/mpm.html.de share/httpd/manual/mpm.html.en +share/httpd/manual/mpm.html.fr share/httpd/manual/mpm.html.es share/httpd/manual/mpm.html.ja.euc-jp share/httpd/manual/mpm.html.ko.euc-kr @@ -855,6 +842,7 @@ share/httpd/manual/new_features_2_0.html.pt-br share/httpd/manual/new_features_2_0.html.ru.koi8-r share/httpd/manual/new_features_2_2.html share/httpd/manual/new_features_2_2.html.en +share/httpd/manual/new_features_2_2.html.fr share/httpd/manual/new_features_2_2.html.ko.euc-kr share/httpd/manual/new_features_2_2.html.pt-br share/httpd/manual/platform/ebcdic.html @@ -960,6 +948,7 @@ share/httpd/manual/ssl/ssl_intro.html share/httpd/manual/ssl/ssl_intro.html.en share/httpd/manual/ssl/ssl_intro.html.ja.euc-jp share/httpd/manual/stopping.html +share/httpd/manual/stopping.html.fr share/httpd/manual/stopping.html.de share/httpd/manual/stopping.html.en share/httpd/manual/stopping.html.es diff --git a/www/apache22/distinfo b/www/apache22/distinfo index 5cd2be48d4c..e9d8f1d5302 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,10 +1,9 @@ -$NetBSD: distinfo,v 1.6 2007/06/28 01:20:52 lkundrak Exp $ +$NetBSD: distinfo,v 1.6.2.1 2007/09/10 20:57:50 ghen Exp $ -SHA1 (httpd-2.2.4.tar.bz2) = 64ceae373434a986dc99b8ed953afa0d4fad85ce -RMD160 (httpd-2.2.4.tar.bz2) = bb6e8a7447fa8e8f629010f30b548068de518523 -Size (httpd-2.2.4.tar.bz2) = 4930375 bytes -SHA1 (patch-aa) = 233dbabda2bd830c6f0664c42e192e4acd2aff4c -SHA1 (patch-ab) = b8586dea7600febbadbbad5089300336ea695ffb +SHA1 (httpd-2.2.6.tar.bz2) = e6ef926ecd1f9a412af8c266239f0a6f58c63854 +RMD160 (httpd-2.2.6.tar.bz2) = 5ae895c6898213e1e3b7e7b02cdfcbe5b36a108f +Size (httpd-2.2.6.tar.bz2) = 4717066 bytes +SHA1 (patch-aa) = ae5b34058fc6455cfa9e3d52a50829155ce2eb11 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 @@ -12,11 +11,6 @@ SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 -SHA1 (patch-an) = 1d02b10e92ad1f613b17b6ebc812d8931b54d3da -SHA1 (patch-ao) = 85e38b6415ade9b328800b7bf15b9741758d455c -SHA1 (patch-ap) = 9a25ce74bd355d9eeb2a885f65e19a3ba473ce77 SHA1 (patch-aq) = 27a0093fc75dcafc673abc25e9ebe80167f52ac1 -SHA1 (patch-ar) = 536fb47cf750a316c773b1d3153cba52c3fac37c SHA1 (patch-as) = 7880eae75b702563bff8bca833ca81fb3dc4444c -SHA1 (patch-at) = 114a55493527a87bada21ee192828b5188a5cddd SHA1 (patch-au) = d4c623bb953ac45cb4c8d95fc1d3c2788452d9a1 diff --git a/www/apache22/patches/patch-aa b/www/apache22/patches/patch-aa index 8559f4c9173..74b04f2c8e1 100644 --- a/www/apache22/patches/patch-aa +++ b/www/apache22/patches/patch-aa @@ -1,7 +1,7 @@ -$NetBSD: patch-aa,v 1.1.1.1 2006/12/08 23:31:52 xtraeme Exp $ +$NetBSD: patch-aa,v 1.1.1.1.6.1 2007/09/10 20:57:51 ghen Exp $ ---- Makefile.in.orig 2005-11-13 07:33:15.000000000 +0100 -+++ Makefile.in 2006-12-08 20:32:36.000000000 +0100 +--- Makefile.in.orig 2007-04-24 12:08:01.000000000 +0100 ++++ Makefile.in 2007-09-08 11:31:13.000000000 +0100 @@ -4,7 +4,7 @@ PROGRAM_NAME = $(progname) @@ -134,12 +134,12 @@ $NetBSD: patch-aa,v 1.1.1.1 2006/12/08 23:31:52 xtraeme Exp $ - $(RSYNC) --exclude .svn -rlpt --numeric-ids $(top_srcdir)/docs/manual/ $(DESTDIR)$(manualdir)/; \ - else \ - cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir); \ -- cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null; \ +- cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi + $(BSD_INSTALL_MAN) $(top_srcdir)/docs/man/*.1 $(DESTDIR)$(mandir)/man1 + $(BSD_INSTALL_MAN) $(top_srcdir)/docs/man/*.8 $(DESTDIR)$(mandir)/man8 + cd $(top_srcdir)/docs/manual && \ -+ @PAX@ -rwppm . $(DESTDIR)$(manualdir) ++ @PAX@ -rwppm . $(DESTDIR)$(manualdir) install-suexec: @if test -f $(builddir)/support/suexec; then \ diff --git a/www/apache22/patches/patch-ab b/www/apache22/patches/patch-ab deleted file mode 100644 index 1c8d2a3b7ad..00000000000 --- a/www/apache22/patches/patch-ab +++ /dev/null @@ -1,43 +0,0 @@ -$NetBSD: patch-ab,v 1.2 2007/06/28 01:20:52 lkundrak Exp $ - -Part of fix for CVE-2007-3304 Denial of Service. - ---- server/mpm_common.c.orig 2007-06-28 02:53:52.000000000 +0200 -+++ server/mpm_common.c -@@ -126,6 +126,10 @@ static int reclaim_one_pid(pid_t pid, ac - apr_proc_t proc; - apr_status_t waitret; - -+ if (!MPM_VALID_PID(pid)) { -+ return 1; -+ } -+ - proc.pid = pid; - waitret = apr_proc_wait(&proc, NULL, NULL, APR_NOWAIT); - if (waitret != APR_CHILD_NOTDONE) { -@@ -305,6 +309,16 @@ void ap_relieve_child_processes(void) - cur_extra = next; - } - } -+ -+apr_status_t ap_mpm_safe_kill(pid_t pid, int sig) -+{ -+ if (MPM_VALID_PID(pid)) { -+ return kill(pid, sig) ? errno : APR_SUCCESS; -+ } -+ else { -+ return APR_EINVAL; -+ } -+} - #endif /* AP_MPM_WANT_RECLAIM_CHILD_PROCESSES */ - - #ifdef AP_MPM_WANT_WAIT_OR_TIMEOUT -@@ -468,7 +482,7 @@ AP_DECLARE(gid_t) ap_gname2id(const char - #ifndef HAVE_INITGROUPS - int initgroups(const char *name, gid_t basegid) - { --#if defined(QNX) || defined(MPE) || defined(BEOS) || defined(_OSD_POSIX) || defined(TPF) || defined(__TANDEM) || defined(OS2) || defined(WIN32) || defined(NETWARE) -+#if defined(QNX) || defined(MPE) || defined(BEOS) || defined(_OSD_POSIX) || defined(TPF) || defined(__TANDEM) || defined(OS2) || defined(WIN32) || defined(NETWARE) || defined(__INTERIX) - /* QNX, MPE and BeOS do not appear to support supplementary groups. */ - return 0; - #else /* ndef QNX */ diff --git a/www/apache22/patches/patch-an b/www/apache22/patches/patch-an deleted file mode 100644 index 5e215bd767c..00000000000 --- a/www/apache22/patches/patch-an +++ /dev/null @@ -1,55 +0,0 @@ -$NetBSD: patch-an,v 1.1 2007/06/05 01:43:44 lkundrak Exp $ - -Security fix for CVE-2007-1862 sensitive information disclosure -http://issues.apache.org/bugzilla/show_bug.cgi?id=41551 -http://issues.apache.org/bugzilla/attachment.cgi?id=20065 - ---- modules/cache/mod_mem_cache.c.orig 2007-06-05 03:31:29.000000000 +0200 -+++ modules/cache/mod_mem_cache.c -@@ -539,12 +539,26 @@ static int remove_url(cache_handle_t *h, - return OK; - } - -+static apr_table_t *deep_table_copy(apr_pool_t *p, const apr_table_t *table) -+{ -+ const apr_array_header_t *array = apr_table_elts(table); -+ apr_table_entry_t *elts = (apr_table_entry_t *) array->elts; -+ apr_table_t *copy = apr_table_make(p, array->nelts); -+ int i; -+ -+ for (i = 0; i < array->nelts; i++) { -+ apr_table_add(copy, elts[i].key, elts[i].val); -+ } -+ -+ return copy; -+} -+ - static apr_status_t recall_headers(cache_handle_t *h, request_rec *r) - { - mem_cache_object_t *mobj = (mem_cache_object_t*) h->cache_obj->vobj; - -- h->req_hdrs = apr_table_copy(r->pool, mobj->req_hdrs); -- h->resp_hdrs = apr_table_copy(r->pool, mobj->header_out); -+ h->req_hdrs = deep_table_copy(r->pool, mobj->req_hdrs); -+ h->resp_hdrs = deep_table_copy(r->pool, mobj->header_out); - - return OK; - } -@@ -585,7 +599,7 @@ static apr_status_t store_headers(cache_ - * - The original response headers (for returning with a cached response) - * - The body of the message - */ -- mobj->req_hdrs = apr_table_copy(mobj->pool, r->headers_in); -+ mobj->req_hdrs = deep_table_copy(mobj->pool, r->headers_in); - - /* Precompute how much storage we need to hold the headers */ - headers_out = ap_cache_cacheable_hdrs_out(r->pool, r->headers_out, -@@ -599,7 +613,7 @@ static apr_status_t store_headers(cache_ - } - - headers_out = apr_table_overlay(r->pool, headers_out, r->err_headers_out); -- mobj->header_out = apr_table_copy(mobj->pool, headers_out); -+ mobj->header_out = deep_table_copy(mobj->pool, headers_out); - - /* Init the info struct */ - obj->info.status = info->status; diff --git a/www/apache22/patches/patch-ao b/www/apache22/patches/patch-ao deleted file mode 100644 index bc54349ac39..00000000000 --- a/www/apache22/patches/patch-ao +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-ao,v 1.1 2007/06/28 01:20:52 lkundrak Exp $ - -Fix for CVE-2006-5752 XSS in mod_status with ExtendedStatus on. - ---- modules/generators/mod_status.c.orig 2007-06-28 01:54:44.000000000 +0200 -+++ modules/generators/mod_status.c -@@ -270,7 +270,7 @@ static int status_handler(request_rec *r - if (r->method_number != M_GET) - return DECLINED; - -- ap_set_content_type(r, "text/html"); -+ ap_set_content_type(r, "text/html; charset=ISO-8859-1"); - - /* - * Simple table-driven form data set parser that lets you alter the header -@@ -299,7 +299,7 @@ static int status_handler(request_rec *r - no_table_report = 1; - break; - case STAT_OPT_AUTO: -- ap_set_content_type(r, "text/plain"); -+ ap_set_content_type(r, "text/plain; charset=ISO-8859-1"); - short_report = 1; - break; - } -@@ -673,7 +673,8 @@ static int status_handler(request_rec *r - ap_escape_html(r->pool, - ws_record->client), - ap_escape_html(r->pool, -- ws_record->request), -+ ap_escape_logitem(r->pool, -+ ws_record->request)), - ap_escape_html(r->pool, - ws_record->vhost)); - } -@@ -763,7 +764,8 @@ static int status_handler(request_rec *r - ap_escape_html(r->pool, - ws_record->vhost), - ap_escape_html(r->pool, -- ws_record->request)); -+ ap_escape_logitem(r->pool, -+ ws_record->request))); - } /* no_table_report */ - } /* for (j...) */ - } /* for (i...) */ diff --git a/www/apache22/patches/patch-ap b/www/apache22/patches/patch-ap deleted file mode 100644 index c112356348c..00000000000 --- a/www/apache22/patches/patch-ap +++ /dev/null @@ -1,78 +0,0 @@ -$NetBSD: patch-ap,v 1.1 2007/06/28 01:20:52 lkundrak Exp $ - -Fix for CVE-2007-1863 remote crash when mod_cache enabled. - ---- modules/cache/cache_util.c.orig 2007-06-28 02:03:05.000000000 +0200 -+++ modules/cache/cache_util.c -@@ -243,7 +243,8 @@ CACHE_DECLARE(int) ap_cache_check_freshn - age = ap_cache_current_age(info, age_c, r->request_time); - - /* extract s-maxage */ -- if (cc_cresp && ap_cache_liststr(r->pool, cc_cresp, "s-maxage", &val)) { -+ if (cc_cresp && ap_cache_liststr(r->pool, cc_cresp, "s-maxage", &val) -+ && val != NULL) { - smaxage = apr_atoi64(val); - } - else { -@@ -252,7 +253,8 @@ CACHE_DECLARE(int) ap_cache_check_freshn - - /* extract max-age from request */ - if (!conf->ignorecachecontrol -- && cc_req && ap_cache_liststr(r->pool, cc_req, "max-age", &val)) { -+ && cc_req && ap_cache_liststr(r->pool, cc_req, "max-age", &val) -+ && val != NULL) { - maxage_req = apr_atoi64(val); - } - else { -@@ -260,7 +262,8 @@ CACHE_DECLARE(int) ap_cache_check_freshn - } - - /* extract max-age from response */ -- if (cc_cresp && ap_cache_liststr(r->pool, cc_cresp, "max-age", &val)) { -+ if (cc_cresp && ap_cache_liststr(r->pool, cc_cresp, "max-age", &val) -+ && val != NULL) { - maxage_cresp = apr_atoi64(val); - } - else { -@@ -282,7 +285,20 @@ CACHE_DECLARE(int) ap_cache_check_freshn - - /* extract max-stale */ - if (cc_req && ap_cache_liststr(r->pool, cc_req, "max-stale", &val)) { -- maxstale = apr_atoi64(val); -+ if(val != NULL) { -+ maxstale = apr_atoi64(val); -+ } -+ else { -+ /* -+ * If no value is assigned to max-stale, then the client is willing -+ * to accept a stale response of any age (RFC2616 14.9.3). We will -+ * set it to one year in this case as this situation is somewhat -+ * similar to a "never expires" Expires header (RFC2616 14.21) -+ * which is set to a date one year from the time the response is -+ * sent in this case. -+ */ -+ maxstale = APR_INT64_C(86400*365); -+ } - } - else { - maxstale = 0; -@@ -290,7 +306,8 @@ CACHE_DECLARE(int) ap_cache_check_freshn - - /* extract min-fresh */ - if (!conf->ignorecachecontrol -- && cc_req && ap_cache_liststr(r->pool, cc_req, "min-fresh", &val)) { -+ && cc_req && ap_cache_liststr(r->pool, cc_req, "min-fresh", &val) -+ && val != NULL) { - minfresh = apr_atoi64(val); - } - else { -@@ -419,6 +436,9 @@ CACHE_DECLARE(int) ap_cache_liststr(apr_ - next - val_start); - } - } -+ else { -+ *val = NULL; -+ } - } - return 1; - } diff --git a/www/apache22/patches/patch-ar b/www/apache22/patches/patch-ar deleted file mode 100644 index 7b3e7323e6d..00000000000 --- a/www/apache22/patches/patch-ar +++ /dev/null @@ -1,33 +0,0 @@ -$NetBSD: patch-ar,v 1.1 2007/06/28 01:20:53 lkundrak Exp $ - -Part of fix for CVE-2007-3304 Denial of Service. - ---- server/mpm/prefork/prefork.c.orig 2007-06-28 02:53:26.000000000 +0200 -+++ server/mpm/prefork/prefork.c -@@ -1127,7 +1127,7 @@ int ap_mpm_run(apr_pool_t *_pconf, apr_p - for (index = 0; index < ap_daemons_limit; ++index) { - if (ap_scoreboard_image->servers[index][0].status != SERVER_DEAD) { - /* Ask each child to close its listeners. */ -- kill(MPM_CHILD_PID(index), AP_SIG_GRACEFUL); -+ ap_mpm_safe_kill(MPM_CHILD_PID(index), AP_SIG_GRACEFUL); - active_children++; - } - } -@@ -1166,7 +1166,7 @@ int ap_mpm_run(apr_pool_t *_pconf, apr_p - active_children = 0; - for (index = 0; index < ap_daemons_limit; ++index) { - if (MPM_CHILD_PID(index) != 0) { -- if (kill(MPM_CHILD_PID(index), 0) == 0) { -+ if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == 0) { - active_children = 1; - /* Having just one child is enough to stay around */ - break; -@@ -1222,7 +1222,7 @@ int ap_mpm_run(apr_pool_t *_pconf, apr_p - * piped loggers, etc. They almost certainly won't handle - * it gracefully. - */ -- kill(ap_scoreboard_image->parent[index].pid, AP_SIG_GRACEFUL); -+ ap_mpm_safe_kill(ap_scoreboard_image->parent[index].pid, AP_SIG_GRACEFUL); - } - } - } diff --git a/www/apache22/patches/patch-at b/www/apache22/patches/patch-at deleted file mode 100644 index 1d1729cb84c..00000000000 --- a/www/apache22/patches/patch-at +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-at,v 1.1 2007/06/28 01:20:53 lkundrak Exp $ - -Part of fix for CVE-2007-3304 Denial of Service. - ---- server/mpm/worker/worker.c.orig 2007-06-28 02:53:26.000000000 +0200 -+++ server/mpm/worker/worker.c -@@ -1814,7 +1814,7 @@ int ap_mpm_run(apr_pool_t *_pconf, apr_p - active_children = 0; - for (index = 0; index < ap_daemons_limit; ++index) { - if (MPM_CHILD_PID(index) != 0) { -- if (kill(MPM_CHILD_PID(index), 0) == 0) { -+ if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == 0) { - active_children = 1; - /* Having just one child is enough to stay around */ - break; -- cgit v1.2.3