1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
$NetBSD: patch-bc,v 1.1.2.2 2009/06/04 20:41:20 spz Exp $
Patch for CVE-2009-1195 taken from:
http://svn.apache.org/viewvc/httpd/httpd/trunk/server/config.c?r1=759924&r2=772997&pathrev=772997
--- server/config.c.orig 2008-12-02 22:28:21.000000000 +0000
+++ server/config.c 2009-06-04 09:44:24.000000000 +0100
@@ -1510,7 +1510,7 @@
parms.temp_pool = ptemp;
parms.server = s;
parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
- parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
+ parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI;
parms.config_file = ap_pcfg_open_custom(p, "-c/-C directives",
&arr_parms, NULL,
@@ -1617,7 +1617,7 @@
parms.temp_pool = ptemp;
parms.server = s;
parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
- parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
+ parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI;
rv = ap_pcfg_openfile(&cfp, p, fname);
if (rv != APR_SUCCESS) {
@@ -1755,7 +1755,7 @@
parms.temp_pool = ptemp;
parms.server = s;
parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT);
- parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI;
+ parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI;
parms.limited = -1;
errmsg = ap_walk_config(conftree, &parms, s->lookup_defaults);
|
