From 394ce01d6f854ed0ab44a35bacbabda375b0ac9f Mon Sep 17 00:00:00 2001 From: tron Date: Thu, 6 Aug 2009 07:07:23 +0000 Subject: Update "apache22" package to version 2.2.12. Changes since version 2.2.11: - SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. Bug 39605. [Joe Orton, Ruediger Pluem] - SECURITY: CVE-2009-1195 (cve.mitre.org) Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. [Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick] - SECURITY: CVE-2009-1890 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] - SECURITY: CVE-2009-1191 (cve.mitre.org) mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. Bug 46949 [Ruediger Pluem] - SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) The bundled copy of the APR-util library has been updated, fixing three different security issues which may affect particular configurations and third-party modules. - mod_include: fix potential segfault when handling back references on an empty SSI variable. [Ruediger Pluem, Lars Eilebrecht, Nick Kew] - mod_alias: check sanity in Redirect arguments. Bug 44729 [Sönke Tesch , Jim Jagielski] - mod_proxy_http: fix Host: header for literal IPv6 addresses. Bug 47177 [Carlos Garcia Braschi ] - mod_rewrite: Remove locking for writing to the rewritelog. Bug 46942 - mod_alias: Ensure Redirect emits HTTP-compliant URLs. Bug 44020 - mod_proxy_http: fix case sensitivity checking transfer encoding Bug 47383 [Ryuzo Yamamoto ] - mod_rewrite: Fix the error string returned by RewriteRule. RewriteRule returned "RewriteCond: bad flag delimiters" when the 3rd argument of RewriteRule was not started with "[" or not ended with "]". Bug 45082 [Vitaly Polonetsky ] - mod_proxy: Complete ProxyPassReverse to handle balancer URL's. Given; BalancerMember balancer://alias http://example.com/foo ProxyPassReverse /bash balancer://alias/bar backend url http://example.com/foo/bar/that is now translated /bash/that [William Rowe] - New piped log syntax: Use "||process args" to launch the given process without invoking the shell/command interpreter. Use "|$command line" (the default behavior of "|command line" in 2.2) to invoke using shell, consuming an additional shell process for the lifetime of the logging pipe program but granting additional process invocation flexibility. [William Rowe] - mod_ssl: Add server name indication support (RFC 4366) and better support for name based virtual hosts with SSL. Bug 34607 [Peter Sylvester , Kaspar Brand , Guenter Knauf, Joe Orton, Ruediger Pluem] - mod_negotiation: Escape pathes of filenames in 406 responses to avoid HTML injections and HTTP response splitting. Bug 46837. [Geoff Keating ] - mod_include: Prevent a case of SSI timefmt-smashing with filter chains including multiple INCLUDES filters. Bug 39369 [Joe Orton] - mod_rewrite: When evaluating a proxy rule in directory context, do escape the filename by default. Bug 46428 [Joe Orton] - mod_proxy_ajp: Check more strictly that the backend follows the AJP protocol. [Mladen Turk] - mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives to enable stricter checking of remote server certificates. [Ruediger Pluem] - mod_substitute: Fix a memory leak. Bug 44948 [Dan Poirier ] - mod_proxy_ajp: Forward remote port information by default. [Rainer Jung] - mod_disk_cache/mod_mem_cache: Fix handling of CacheIgnoreHeaders directive to correctly remove headers before storing them. [Lars Eilebrecht] - mod_deflate: revert changes in 2.2.8 that caused an invalid etag to be emitted for on-the-fly gzip content-encoding. Bug 39727 will require larger fixes and this fix was far more harmful than the original code. Bug 45023. [Roy T. Fielding] - mod_disk_cache: The module now turns off sendfile support if 'EnableSendfile off' is defined globally. Bug 41218. [Lars Eilebrecht, Issac Goldstand] - prefork: Fix child process hang during graceful restart/stop in configurations with multiple listening sockets. Bug 42829. [Joe Orton, Jeff Trawick] - mod_ssl: Add SSLRenegBufferSize directive to allow changing the size of the buffer used for the request-body where necessary during a per-dir renegotiation. Bug 39243. [Joe Orton] - mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome way that per-directory rewrites append the previous notion of PATH_INFO to each substitution before evaluating subsequent rules. Bug 38642 [Eric Covener] - mod_authnz_ldap: Reduce number of initialization debug messages and make information more clear. Bug 46342 [Dan Poirier] - mod_cache: Introduce 'no-cache' per-request environment variable to prevent the saving of an otherwise cacheable response. [Eric Covener] - core: Translate the status line to ASCII on EBCDIC platforms in ap_send_interim_response() and for locally generated "100 Continue" responses. [Eric Covener] - CGI: return 504 (Gateway timeout) rather than 500 when a script times out before returning status line/headers. Bug 42190 [Nick Kew] - prefork: Log an error instead of segfaulting when child startup fails due to pollset creation failures. Bug 46467. [Jeff Trawick] - mod_ext_filter: fix error handling when the filter prog fails to start, and introduce an onfail configuration option to abort MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All the security problems mentioned above had already been fixed in "pkgsrc" via patches. Thanks a lot to Adam Ciarcinski for letting me know that new version had finally been released. --- www/apache22/Makefile | 5 ++--- www/apache22/PLIST | 15 ++++++++++++++- www/apache22/distinfo | 14 ++++---------- www/apache22/patches/patch-ab | 40 --------------------------------------- www/apache22/patches/patch-af | 35 ---------------------------------- www/apache22/patches/patch-ah | 44 ------------------------------------------- www/apache22/patches/patch-ba | 42 ----------------------------------------- www/apache22/patches/patch-bc | 35 ---------------------------------- www/apache22/patches/patch-bd | 22 ---------------------- 9 files changed, 20 insertions(+), 232 deletions(-) delete mode 100644 www/apache22/patches/patch-ab delete mode 100644 www/apache22/patches/patch-af delete mode 100644 www/apache22/patches/patch-ah delete mode 100644 www/apache22/patches/patch-ba delete mode 100644 www/apache22/patches/patch-bc delete mode 100644 www/apache22/patches/patch-bd (limited to 'www/apache22') diff --git a/www/apache22/Makefile b/www/apache22/Makefile index 5d761935f31..b4a507e6073 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.47 2009/07/14 12:23:39 tron Exp $ +# $NetBSD: Makefile,v 1.48 2009/08/06 07:07:23 tron Exp $ -DISTNAME= httpd-2.2.11 -PKGREVISION= 6 +DISTNAME= httpd-2.2.12 PKGNAME= ${DISTNAME:S/httpd/apache/} CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ diff --git a/www/apache22/PLIST b/www/apache22/PLIST index 156be975af4..98591f33757 100644 --- a/www/apache22/PLIST +++ b/www/apache22/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.12 2009/06/14 22:00:18 joerg Exp $ +@comment $NetBSD: PLIST,v 1.13 2009/08/06 07:07:23 tron Exp $ ${PLIST.suexec}sbin/suexec include/httpd/ap_compat.h include/httpd/ap_config.h @@ -534,6 +534,7 @@ share/httpd/manual/howto/public_html.html share/httpd/manual/howto/public_html.html.en share/httpd/manual/howto/public_html.html.ja.utf8 share/httpd/manual/howto/public_html.html.ko.euc-kr +share/httpd/manual/howto/public_html.html.tr.utf8 share/httpd/manual/howto/ssi.html share/httpd/manual/howto/ssi.html.en share/httpd/manual/howto/ssi.html.ja.utf8 @@ -612,6 +613,7 @@ share/httpd/manual/misc/password_encryptions.html.en share/httpd/manual/misc/perf-tuning.html share/httpd/manual/misc/perf-tuning.html.en share/httpd/manual/misc/perf-tuning.html.ko.euc-kr +share/httpd/manual/misc/perf-tuning.html.tr.utf8 share/httpd/manual/misc/relevant_standards.html share/httpd/manual/misc/relevant_standards.html.en share/httpd/manual/misc/relevant_standards.html.ko.euc-kr @@ -1000,6 +1002,7 @@ share/httpd/manual/programs/apachectl.html.tr.utf8 share/httpd/manual/programs/apxs.html share/httpd/manual/programs/apxs.html.en share/httpd/manual/programs/apxs.html.ko.euc-kr +share/httpd/manual/programs/apxs.html.tr.utf8 share/httpd/manual/programs/configure.html share/httpd/manual/programs/configure.html.en share/httpd/manual/programs/configure.html.ko.euc-kr @@ -1007,23 +1010,29 @@ share/httpd/manual/programs/configure.html.tr.utf8 share/httpd/manual/programs/dbmmanage.html share/httpd/manual/programs/dbmmanage.html.en share/httpd/manual/programs/dbmmanage.html.ko.euc-kr +share/httpd/manual/programs/dbmmanage.html.tr.utf8 share/httpd/manual/programs/htcacheclean.html share/httpd/manual/programs/htcacheclean.html.en share/httpd/manual/programs/htcacheclean.html.ko.euc-kr +share/httpd/manual/programs/htcacheclean.html.tr.utf8 share/httpd/manual/programs/htdbm.html share/httpd/manual/programs/htdbm.html.en +share/httpd/manual/programs/htdbm.html.tr.utf8 share/httpd/manual/programs/htdigest.html share/httpd/manual/programs/htdigest.html.en share/httpd/manual/programs/htdigest.html.ko.euc-kr +share/httpd/manual/programs/htdigest.html.tr.utf8 share/httpd/manual/programs/htpasswd.html share/httpd/manual/programs/htpasswd.html.en share/httpd/manual/programs/htpasswd.html.ko.euc-kr +share/httpd/manual/programs/htpasswd.html.tr.utf8 share/httpd/manual/programs/httpd.html share/httpd/manual/programs/httpd.html.en share/httpd/manual/programs/httpd.html.ko.euc-kr share/httpd/manual/programs/httpd.html.tr.utf8 share/httpd/manual/programs/httxt2dbm.html share/httpd/manual/programs/httxt2dbm.html.en +share/httpd/manual/programs/httxt2dbm.html.tr.utf8 share/httpd/manual/programs/index.html share/httpd/manual/programs/index.html.en share/httpd/manual/programs/index.html.es @@ -1033,15 +1042,19 @@ share/httpd/manual/programs/index.html.tr.utf8 share/httpd/manual/programs/logresolve.html share/httpd/manual/programs/logresolve.html.en share/httpd/manual/programs/logresolve.html.ko.euc-kr +share/httpd/manual/programs/logresolve.html.tr.utf8 share/httpd/manual/programs/other.html share/httpd/manual/programs/other.html.en share/httpd/manual/programs/other.html.ko.euc-kr +share/httpd/manual/programs/other.html.tr.utf8 share/httpd/manual/programs/rotatelogs.html share/httpd/manual/programs/rotatelogs.html.en share/httpd/manual/programs/rotatelogs.html.ko.euc-kr +share/httpd/manual/programs/rotatelogs.html.tr.utf8 share/httpd/manual/programs/suexec.html share/httpd/manual/programs/suexec.html.en share/httpd/manual/programs/suexec.html.ko.euc-kr +share/httpd/manual/programs/suexec.html.tr.utf8 share/httpd/manual/rewrite/index.html share/httpd/manual/rewrite/index.html.en share/httpd/manual/rewrite/index.html.tr.utf8 diff --git a/www/apache22/distinfo b/www/apache22/distinfo index 29c87d4790d..bbf200f170e 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,16 +1,13 @@ -$NetBSD: distinfo,v 1.21 2009/07/14 12:23:39 tron Exp $ +$NetBSD: distinfo,v 1.22 2009/08/06 07:07:23 tron Exp $ -SHA1 (httpd-2.2.11.tar.bz2) = 7af256d53b79342f82222bd7b86eedbd9ac21d9a -RMD160 (httpd-2.2.11.tar.bz2) = b2012af716a459f666e0e41eb04808bd0f7fc28d -Size (httpd-2.2.11.tar.bz2) = 5230130 bytes +SHA1 (httpd-2.2.12.tar.bz2) = 76e243a5b7dc9896e83bdfac1aa98bbfdc85aeae +RMD160 (httpd-2.2.12.tar.bz2) = 4c8e781e5e60a7a332383a798fe0ddc1adffc914 +Size (httpd-2.2.12.tar.bz2) = 5140433 bytes SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf -SHA1 (patch-ab) = d5391ca1af9d817d35cb472b0feb05b86a95e560 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 -SHA1 (patch-af) = cf7cc7d09e0379830d1ce0be4be74c8f2bbb1719 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 -SHA1 (patch-ah) = 5fc2a3fad42fa67669c219123b8c27e138927452 SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 @@ -19,6 +16,3 @@ SHA1 (patch-as) = 7880eae75b702563bff8bca833ca81fb3dc4444c SHA1 (patch-au) = d4c623bb953ac45cb4c8d95fc1d3c2788452d9a1 SHA1 (patch-av) = faf8fe2c72c7830daa407907b8161b56300afeaf SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 -SHA1 (patch-ba) = ab9984391fcdda9c9793009290d95de8ec2a1371 -SHA1 (patch-bc) = f980d98f1b0ee277d995e3be0f5e55622ebc3931 -SHA1 (patch-bd) = 66f882a4d8c884e5422e025ed175a17412b02fd4 diff --git a/www/apache22/patches/patch-ab b/www/apache22/patches/patch-ab deleted file mode 100644 index 0d3d420696c..00000000000 --- a/www/apache22/patches/patch-ab +++ /dev/null @@ -1,40 +0,0 @@ -$NetBSD: patch-ab,v 1.10 2009/05/22 09:46:06 tron Exp $ - -Patch for CVE-2009-1191 taken from the Apache SVN repository: -http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c?view=markup&pathrev=768506 - ---- modules/proxy/mod_proxy_ajp.c 2008/11/15 14:25:54 714273 -+++ modules/proxy/mod_proxy_ajp.c 2009/04/25 09:58:52 768506 -@@ -307,21 +307,17 @@ - "proxy: read zero bytes, expecting" - " %" APR_OFF_T_FMT " bytes", - content_length); -- status = ajp_send_data_msg(conn->sock, msg, 0); -- if (status != APR_SUCCESS) { -- /* We had a failure: Close connection to backend */ -- conn->close++; -- ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server, -- "proxy: send failed to %pI (%s)", -- conn->worker->cp->addr, -- conn->worker->hostname); -- return HTTP_INTERNAL_SERVER_ERROR; -- } -- else { -- /* Client send zero bytes with C-L > 0 -- */ -- return HTTP_BAD_REQUEST; -- } -+ /* -+ * We can only get here if the client closed the connection -+ * to us without sending the body. -+ * Now the connection is in the wrong state on the backend. -+ * Sending an empty data msg doesn't help either as it does -+ * not move this connection to the correct state on the backend -+ * for later resusage by the next request again. -+ * Close it to clean things up. -+ */ -+ conn->close++; -+ return HTTP_BAD_REQUEST; - } - } - diff --git a/www/apache22/patches/patch-af b/www/apache22/patches/patch-af deleted file mode 100644 index faff767dc3a..00000000000 --- a/www/apache22/patches/patch-af +++ /dev/null @@ -1,35 +0,0 @@ -$NetBSD: patch-af,v 1.1 2009/07/14 12:23:40 tron Exp $ - -Fix for CVE-2009-1891 taken from here: - -http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/core_filters.c?r1=421103&r2=791454&pathrev=791454 - ---- server/core_filters.c.orig 2006-07-12 04:38:44.000000000 +0100 -+++ server/core_filters.c 2009-07-14 13:01:09.000000000 +0100 -@@ -542,6 +542,12 @@ - apr_read_type_e eblock = APR_NONBLOCK_READ; - apr_pool_t *input_pool = b->p; - -+ /* Fail quickly if the connection has already been aborted. */ -+ if (c->aborted) { -+ apr_brigade_cleanup(b); -+ return APR_ECONNABORTED; -+ } -+ - if (ctx == NULL) { - ctx = apr_pcalloc(c->pool, sizeof(*ctx)); - net->out_ctx = ctx; -@@ -909,12 +915,9 @@ - /* No need to check for SUCCESS, we did that above. */ - if (!APR_STATUS_IS_EAGAIN(rv)) { - c->aborted = 1; -+ return APR_ECONNABORTED; - } - -- /* The client has aborted, but the request was successful. We -- * will report success, and leave it to the access and error -- * logs to note that the connection was aborted. -- */ - return APR_SUCCESS; - } - diff --git a/www/apache22/patches/patch-ah b/www/apache22/patches/patch-ah deleted file mode 100644 index f42450e7da1..00000000000 --- a/www/apache22/patches/patch-ah +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-ah,v 1.1 2009/07/14 12:23:40 tron Exp $ - -Fix for CVE-2009-1890 taken from here: - -http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587 - ---- modules/proxy/mod_proxy_http.c.orig 2008-11-11 20:04:34.000000000 +0000 -+++ modules/proxy/mod_proxy_http.c 2009-07-14 13:03:49.000000000 +0100 -@@ -422,10 +422,16 @@ - apr_off_t bytes_streamed = 0; - - if (old_cl_val) { -+ char *endstr; -+ - add_cl(p, bucket_alloc, header_brigade, old_cl_val); -- if (APR_SUCCESS != (status = apr_strtoff(&cl_val, old_cl_val, NULL, -- 0))) { -- return HTTP_INTERNAL_SERVER_ERROR; -+ status = apr_strtoff(&cl_val, old_cl_val, &endstr, 10); -+ -+ if (status || *endstr || endstr == old_cl_val || cl_val < 0) { -+ ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, -+ "proxy: could not parse request Content-Length (%s)", -+ old_cl_val); -+ return HTTP_BAD_REQUEST; - } - } - terminate_headers(bucket_alloc, header_brigade); -@@ -453,8 +459,13 @@ - * - * Prevents HTTP Response Splitting. - */ -- if (bytes_streamed > cl_val) -- continue; -+ if (bytes_streamed > cl_val) { -+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, -+ "proxy: read more bytes of request body than expected " -+ "(got %" APR_OFF_T_FMT ", expected %" APR_OFF_T_FMT ")", -+ bytes_streamed, cl_val); -+ return HTTP_INTERNAL_SERVER_ERROR; -+ } - - if (header_brigade) { - /* we never sent the header brigade, so go ahead and diff --git a/www/apache22/patches/patch-ba b/www/apache22/patches/patch-ba deleted file mode 100644 index a6c93923735..00000000000 --- a/www/apache22/patches/patch-ba +++ /dev/null @@ -1,42 +0,0 @@ -$NetBSD: patch-ba,v 1.2 2009/06/11 20:30:59 tron Exp $ - -Patch for CVE-2009-1195 taken from: - -http://svn.apache.org/viewvc?view=rev&revision=773881 -http://svn.apache.org/viewvc?view=rev&revision=779472 - ---- include/http_core.h.orig 2008-02-26 19:47:51.000000000 +0000 -+++ include/http_core.h 2009-06-11 20:53:26.000000000 +0100 -@@ -65,7 +65,7 @@ - #define OPT_NONE 0 - /** Indexes directive */ - #define OPT_INDEXES 1 --/** Includes directive */ -+/** SSI is enabled without exec= permission */ - #define OPT_INCLUDES 2 - /** FollowSymLinks directive */ - #define OPT_SYM_LINKS 4 -@@ -80,9 +80,22 @@ - /** MultiViews directive */ - #define OPT_MULTI 128 - /** All directives */ --#define OPT_ALL (OPT_INDEXES|OPT_INCLUDES|OPT_SYM_LINKS|OPT_EXECCGI) -+#define OPT_ALL (OPT_INDEXES|OPT_INCLUDES|OPT_INCNOEXEC|OPT_SYM_LINKS|OPT_EXECCGI) - /** @} */ - -+#ifdef CORE_PRIVATE -+/* For internal use only - since 2.2.12, the OPT_INCNOEXEC bit is -+ * internally replaced by OPT_INC_WITH_EXEC. The internal semantics -+ * of the two SSI-related bits are hence: -+ * -+ * OPT_INCLUDES => "enable SSI, without exec= permission" -+ * OPT_INC_WITH_EXEC => "iff OPT_INCLUDES is set, also enable exec=" -+ * -+ * The set of options exposed via ap_allow_options() retains the -+ * semantics of OPT_INCNOEXEC by flipping the bit. */ -+#define OPT_INC_WITH_EXEC OPT_INCNOEXEC -+#endif -+ - /** - * @defgroup get_remote_host Remote Host Resolution - * @ingroup APACHE_CORE_HTTPD diff --git a/www/apache22/patches/patch-bc b/www/apache22/patches/patch-bc deleted file mode 100644 index 4936c08682a..00000000000 --- a/www/apache22/patches/patch-bc +++ /dev/null @@ -1,35 +0,0 @@ -$NetBSD: patch-bc,v 1.2 2009/06/11 20:30:59 tron Exp $ - -Patch for CVE-2009-1195 taken from: - -http://svn.apache.org/viewvc?view=rev&revision=773881 - ---- server/config.c.orig 2008-12-02 22:28:21.000000000 +0000 -+++ server/config.c 2009-06-04 09:44:24.000000000 +0100 -@@ -1510,7 +1510,7 @@ - parms.temp_pool = ptemp; - parms.server = s; - parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT); -- parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI; -+ parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; - - parms.config_file = ap_pcfg_open_custom(p, "-c/-C directives", - &arr_parms, NULL, -@@ -1617,7 +1617,7 @@ - parms.temp_pool = ptemp; - parms.server = s; - parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT); -- parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI; -+ parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; - - rv = ap_pcfg_openfile(&cfp, p, fname); - if (rv != APR_SUCCESS) { -@@ -1755,7 +1755,7 @@ - parms.temp_pool = ptemp; - parms.server = s; - parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT); -- parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI; -+ parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; - parms.limited = -1; - - errmsg = ap_walk_config(conftree, &parms, s->lookup_defaults); diff --git a/www/apache22/patches/patch-bd b/www/apache22/patches/patch-bd deleted file mode 100644 index ebfe0e1ee67..00000000000 --- a/www/apache22/patches/patch-bd +++ /dev/null @@ -1,22 +0,0 @@ -$NetBSD: patch-bd,v 1.2 2009/06/11 20:30:59 tron Exp $ - -Patch for CVE-2009-1195 taken from: - -http://svn.apache.org/viewvc?view=rev&revision=773881 -http://svn.apache.org/viewvc?view=rev&revision=779472 - ---- server/core.c.orig 2009-06-11 20:51:15.000000000 +0100 -+++ server/core.c 2009-06-11 21:01:04.000000000 +0100 -@@ -659,7 +659,11 @@ - core_dir_config *conf = - (core_dir_config *)ap_get_module_config(r->per_dir_config, &core_module); - -- return conf->opts; -+ /* Per comment in http_core.h - the OPT_INC_WITH_EXEC bit is -+ * inverted, such that the exposed semantics match that of -+ * OPT_INCNOEXEC; i.e., the bit is only enabled if exec= is *not* -+ * permitted. */ -+ return conf->opts ^ OPT_INC_WITH_EXEC; - } - - AP_DECLARE(int) ap_allow_overrides(request_rec *r) -- cgit v1.2.3