pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q1]: pkgsrc/www/apache22 Pullup ticket 2425 - requested by...
details: https://anonhg.NetBSD.org/pkgsrc/rev/884fd561a72d
branches: pkgsrc-2008Q1
changeset: 540418:884fd561a72d
user: ghen <ghen%pkgsrc.org@localhost>
date: Mon Jun 16 09:00:02 2008 +0000
description:
Pullup ticket 2425 - requested by tron
security patch for apache22
- pkgsrc/www/apache22/Makefile 1.26
- pkgsrc/www/apache22/distinfo 1.10
- pkgsrc/www/apache22/patches/patch-ab 1.6
Module Name: pkgsrc
Committed By: tron
Date: Thu Jun 12 14:12:19 UTC 2008
Modified Files:
pkgsrc/www/apache22: Makefile distinfo
Added Files:
pkgsrc/www/apache22/patches: patch-ab
Log Message:
Add patch for CVE-2008-2364 from the Apache SVN repository.
diffstat:
www/apache22/Makefile | 4 +-
www/apache22/distinfo | 3 +-
www/apache22/patches/patch-ab | 83 +++++++++++++++++++++++++++++++++++++++++++
3 files changed, 87 insertions(+), 3 deletions(-)
diffs (117 lines):
diff -r 3d1f84f23fd8 -r 884fd561a72d www/apache22/Makefile
--- a/www/apache22/Makefile Mon Jun 16 08:51:43 2008 +0000
+++ b/www/apache22/Makefile Mon Jun 16 09:00:02 2008 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.24 2008/01/21 15:07:10 xtraeme Exp $
+# $NetBSD: Makefile,v 1.24.2.1 2008/06/16 09:00:02 ghen Exp $
.include "Makefile.common"
PKGNAME= apache-${APACHE_VERSION}
-#PKGREVISION= 1
+PKGREVISION= 1
CATEGORIES= www
HOMEPAGE= http://httpd.apache.org/
diff -r 3d1f84f23fd8 -r 884fd561a72d www/apache22/distinfo
--- a/www/apache22/distinfo Mon Jun 16 08:51:43 2008 +0000
+++ b/www/apache22/distinfo Mon Jun 16 09:00:02 2008 +0000
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.9 2008/01/21 15:07:11 xtraeme Exp $
+$NetBSD: distinfo,v 1.9.2.1 2008/06/16 09:00:02 ghen Exp $
SHA1 (httpd-2.2.8.tar.bz2) = 5074904435d3d942ce2dc96c44b07294b8eaca77
RMD160 (httpd-2.2.8.tar.bz2) = 0736ea9617bafaa1c8cd34ce4fc1c7a659afea57
Size (httpd-2.2.8.tar.bz2) = 4799055 bytes
SHA1 (patch-aa) = ae5b34058fc6455cfa9e3d52a50829155ce2eb11
+SHA1 (patch-ab) = 55f4dac616fbe47fea7be0aecd1b7be679b9b0e7
SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
diff -r 3d1f84f23fd8 -r 884fd561a72d www/apache22/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/apache22/patches/patch-ab Mon Jun 16 09:00:02 2008 +0000
@@ -0,0 +1,83 @@
+$NetBSD: patch-ab,v 1.5.2.1 2008/06/16 09:00:02 ghen Exp $
+
+Patch for CVE-2008-2364, taken from here:
+
+http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154
+
+--- modules/proxy/mod_proxy_http.c.orig 2007-12-08 14:01:47.000000000 +0000
++++ modules/proxy/mod_proxy_http.c 2008-06-12 14:44:10.000000000 +0100
+@@ -1309,6 +1309,16 @@
+ return rv;
+ }
+
++/*
++ * Limit the number of interim respones we sent back to the client. Otherwise
++ * we suffer from a memory build up. Besides there is NO sense in sending back
++ * an unlimited number of interim responses to the client. Thus if we cross
++ * this limit send back a 502 (Bad Gateway).
++ */
++#ifndef AP_MAX_INTERIM_RESPONSES
++#define AP_MAX_INTERIM_RESPONSES 10
++#endif
++
+ static
+ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r,
+ proxy_conn_rec *backend,
+@@ -1323,8 +1333,8 @@
+ apr_bucket *e;
+ apr_bucket_brigade *bb, *tmp_bb;
+ int len, backasswards;
+- int interim_response; /* non-zero whilst interim 1xx responses
+- * are being read. */
++ int interim_response = 0; /* non-zero whilst interim 1xx responses
++ * are being read. */
+ int pread_len = 0;
+ apr_table_t *save_table;
+ int backend_broke = 0;
+@@ -1339,6 +1349,7 @@
+ */
+
+ rp = ap_proxy_make_fake_req(origin, r);
++ ap_proxy_pre_http_request(origin, rp);
+ /* In case anyone needs to know, this is a fake request that is really a
+ * response.
+ */
+@@ -1469,7 +1480,6 @@
+ if ((buf = apr_table_get(r->headers_out, "Content-Type"))) {
+ ap_set_content_type(r, apr_pstrdup(p, buf));
+ }
+- ap_proxy_pre_http_request(origin,rp);
+
+ /* Clear hop-by-hop headers */
+ for (i=0; hop_by_hop_hdrs[i]; ++i) {
+@@ -1518,7 +1528,12 @@
+ backend->close += 1;
+ }
+
+- interim_response = ap_is_HTTP_INFO(r->status);
++ if (ap_is_HTTP_INFO(r->status)) {
++ interim_response++;
++ }
++ else {
++ interim_response = 0;
++ }
+ if (interim_response) {
+ /* RFC2616 tells us to forward this.
+ *
+@@ -1711,7 +1726,15 @@
+
+ apr_brigade_cleanup(bb);
+ }
+- } while (interim_response);
++ } while (interim_response && (interim_response < AP_MAX_INTERIM_RESPONSES));
++
++ /* See define of AP_MAX_INTERIM_RESPONSES for why */
++ if (interim_response >= AP_MAX_INTERIM_RESPONSES) {
++ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
++ apr_psprintf(p,
++ "Too many (%d) interim responses from origin server",
++ interim_response));
++ }
+
+ /* If our connection with the client is to be aborted, return DONE. */
+ if (c->aborted || backend_broke) {
Home |
Main Index |
Thread Index |
Old Index