pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/ap2-perl Update from version 2.04nb4 to 2.04nb5.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/9efd415f02e8
branches:  trunk
changeset: 560642:9efd415f02e8
user:      he <he%pkgsrc.org@localhost>
date:      Mon Jun 15 17:38:21 2009 +0000

description:
Update from version 2.04nb4 to 2.04nb5.

Pkgsrc changes:
 o Apply fix from svn repository to fix an XSS bug in Apache2::Status,
   ref. CVE-2009-0796.

diffstat:

 www/ap2-perl/Makefile         |   6 ++--
 www/ap2-perl/distinfo         |   3 +-
 www/ap2-perl/patches/patch-aa |  53 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 58 insertions(+), 4 deletions(-)

diffs (90 lines):

diff -r b547454d333e -r 9efd415f02e8 www/ap2-perl/Makefile
--- a/www/ap2-perl/Makefile     Mon Jun 15 17:02:14 2009 +0000
+++ b/www/ap2-perl/Makefile     Mon Jun 15 17:38:21 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.33 2009/06/12 20:54:22 spz Exp $
+# $NetBSD: Makefile,v 1.34 2009/06/15 17:38:21 he Exp $
 
 DISTNAME=      mod_perl-2.0.4
-PKGREVISION=   4
+PKGREVISION=   5
 PKGNAME=       ${APACHE_PKG_PREFIX}-${DISTNAME:S/mod_//}
 CATEGORIES=    www perl5
 MASTER_SITES=  http://perl.apache.org/dist/
@@ -16,7 +16,7 @@
 
 PKG_APACHE_ACCEPTED=   apache2 apache22
 
-APACHE_MODULE=         # defined
+APACHE_MODULE=         # empty
 PERL5_PACKLIST=                auto/mod_perl2/.packlist
 
 MAKE_PARAMS+=          MP_APXS=${APXS}
diff -r b547454d333e -r 9efd415f02e8 www/ap2-perl/distinfo
--- a/www/ap2-perl/distinfo     Mon Jun 15 17:02:14 2009 +0000
+++ b/www/ap2-perl/distinfo     Mon Jun 15 17:38:21 2009 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.12 2009/06/12 20:54:22 spz Exp $
+$NetBSD: distinfo,v 1.13 2009/06/15 17:38:21 he Exp $
 
 SHA1 (mod_perl-2.0.4.tar.gz) = 65299a16ec414a690a48a2bbe63acaa3c6bb897b
 RMD160 (mod_perl-2.0.4.tar.gz) = 111b8f33e2dcc43ef7a0a7d557ceb467f0c55c6d
 Size (mod_perl-2.0.4.tar.gz) = 3727717 bytes
+SHA1 (patch-aa) = 1aba55afc0adfc3a1fe7a694099e09584d2979b0
diff -r b547454d333e -r 9efd415f02e8 www/ap2-perl/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/ap2-perl/patches/patch-aa     Mon Jun 15 17:38:21 2009 +0000
@@ -0,0 +1,53 @@
+$NetBSD: patch-aa,v 1.3 2009/06/15 17:38:21 he Exp $
+
+This is revision 760926 from modperl's svn repository:
+http://svn.apache.org/viewvc/perl/modperl/trunk/lib/Apache2/Status.pm?view=log&pathrev=761081
+Fix an XSS bug in Apache2::Status, ref. CVE-2009-0796.
+
+--- lib/Apache2/Status.pm.orig 2007/12/31 08:05:11     607697
++++ lib/Apache2/Status.pm      2009/04/01 15:39:56     760926
+@@ -29,7 +29,7 @@
+ 
+ use Apache2::Const -compile => qw(OK);
+ 
+-$Apache2::Status::VERSION = '4.00'; # mod_perl 2.0
++$Apache2::Status::VERSION = '4.01'; # mod_perl 2.0
+ 
+ use constant IS_WIN32 => ($^O eq "MSWin32");
+ 
+@@ -126,7 +126,7 @@
+         $r->print(symdump($r, $qs));
+     }
+     else {
+-        my $uri = $r->uri;
++        my $uri = $r->location;
+         $r->print('<p>');
+         $r->print(
+             map { qq[<a href="$uri?$_">$status{$_}</a><br />\n] } sort { lc $a cmp lc $b } keys %status
+@@ -198,7 +198,7 @@
+ sub status_inc {
+     my ($r) = @_;
+ 
+-    my $uri = $r->uri;
++    my $uri = $r->location;
+     my @retval = (
+         '<table border="1">',
+         "<tr>",
+@@ -289,7 +289,7 @@
+     my ($r) = @_;
+ 
+     local $_;
+-    my $uri = $r->uri;
++    my $uri = $r->location;
+     my $cache = __PACKAGE__->registry_cache;
+ 
+     my @retval = "<h2>Compiled registry scripts grouped by their handler</h2>";
+@@ -765,7 +765,7 @@
+     my ($self, $package, $r) = @_;
+ 
+     my @m = qw(<table>);
+-    my $uri = $r->uri;
++    my $uri = $r->location;
+     my $is_main = $package eq "main";
+ 
+     my $do_dump = has($r, "dumper");



Home | Main Index | Thread Index | Old Index