pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/apache22 update to 2.2.14; 2.2.13 is gone.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f8719111e194
branches:  trunk
changeset: 400957:f8719111e194
user:      christos <christos%pkgsrc.org@localhost>
date:      Fri Oct 30 21:08:55 2009 +0000

description:
update to 2.2.14; 2.2.13 is gone.

diffstat:

 www/apache22/Makefile         |    6 +-
 www/apache22/PLIST            |    6 +-
 www/apache22/distinfo         |    9 +-
 www/apache22/patches/patch-ab |  116 ------------------------------------------
 4 files changed, 12 insertions(+), 125 deletions(-)

diffs (184 lines):

diff -r 954d757cba2a -r f8719111e194 www/apache22/Makefile
--- a/www/apache22/Makefile     Fri Oct 30 20:34:43 2009 +0000
+++ b/www/apache22/Makefile     Fri Oct 30 21:08:55 2009 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.52 2009/10/04 12:21:34 tron Exp $
+# $NetBSD: Makefile,v 1.53 2009/10/30 21:08:55 christos Exp $
 
-DISTNAME=      httpd-2.2.13
+DISTNAME=      httpd-2.2.14
 PKGNAME=       ${DISTNAME:S/httpd/apache/}
-PKGREVISION=   3
+#PKGREVISION=  3
 CATEGORIES=    www
 MASTER_SITES=  ${MASTER_SITE_APACHE:=httpd/} \
                ${MASTER_SITE_APACHE:=httpd/old/}
diff -r 954d757cba2a -r f8719111e194 www/apache22/PLIST
--- a/www/apache22/PLIST        Fri Oct 30 20:34:43 2009 +0000
+++ b/www/apache22/PLIST        Fri Oct 30 21:08:55 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.13 2009/08/06 07:07:23 tron Exp $
+@comment $NetBSD: PLIST,v 1.14 2009/10/30 21:08:55 christos Exp $
 ${PLIST.suexec}sbin/suexec
 include/httpd/ap_compat.h
 include/httpd/ap_config.h
@@ -517,6 +517,7 @@
 share/httpd/manual/howto/auth.html.en
 share/httpd/manual/howto/auth.html.ja.utf8
 share/httpd/manual/howto/auth.html.ko.euc-kr
+share/httpd/manual/howto/auth.html.tr.utf8
 share/httpd/manual/howto/cgi.html
 share/httpd/manual/howto/cgi.html.en
 share/httpd/manual/howto/cgi.html.ja.utf8
@@ -866,6 +867,8 @@
 share/httpd/manual/mod/mod_proxy_ftp.html.en
 share/httpd/manual/mod/mod_proxy_http.html
 share/httpd/manual/mod/mod_proxy_http.html.en
+share/httpd/manual/mod/mod_proxy_scgi.html
+share/httpd/manual/mod/mod_proxy_scgi.html.en
 share/httpd/manual/mod/mod_rewrite.html
 share/httpd/manual/mod/mod_rewrite.html.en
 share/httpd/manual/mod/mod_setenvif.html
@@ -1181,3 +1184,4 @@
 @pkgdir share/httpd/manual/style/xsl/util
 @pkgdir share/httpd/manual/style/xsl
 @pkgdir share/httpd/manual/style/lang
+
diff -r 954d757cba2a -r f8719111e194 www/apache22/distinfo
--- a/www/apache22/distinfo     Fri Oct 30 20:34:43 2009 +0000
+++ b/www/apache22/distinfo     Fri Oct 30 21:08:55 2009 +0000
@@ -1,10 +1,9 @@
-$NetBSD: distinfo,v 1.27 2009/10/04 12:21:34 tron Exp $
+$NetBSD: distinfo,v 1.28 2009/10/30 21:08:55 christos Exp $
 
-SHA1 (httpd-2.2.13.tar.bz2) = 44d85da1b8e6c579d4514cfefbea00b284717b69
-RMD160 (httpd-2.2.13.tar.bz2) = 4a6a2247cc118175a9a36f1e14344ee71da24627
-Size (httpd-2.2.13.tar.bz2) = 5300199 bytes
+SHA1 (httpd-2.2.14.tar.bz2) = eacd04c87b489231ae708c84a77dc8e9ee176fd2
+RMD160 (httpd-2.2.14.tar.bz2) = ff5077e444ba995475202bb3b9be733384c809d1
+Size (httpd-2.2.14.tar.bz2) = 5147171 bytes
 SHA1 (patch-aa) = 40f5f687a1217b8d6684dc610d3d4c430f635cbf
-SHA1 (patch-ab) = 6aec00f6dc38eee2e8648b4e95df3dbf166ac548
 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
 SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
diff -r 954d757cba2a -r f8719111e194 www/apache22/patches/patch-ab
--- a/www/apache22/patches/patch-ab     Fri Oct 30 20:34:43 2009 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,116 +0,0 @@
-$NetBSD: patch-ab,v 1.14 2009/10/04 12:21:35 tron Exp $
-
-Fixes for CVE-2009-3094 and CVE-2009-3095 taken from the Apache SVN repository:
-
-http://svn.apache.org/viewvc?view=rev&revision=814844
-http://svn.apache.org/viewvc?view=rev&revision=814847
-
---- modules/proxy/mod_proxy_ftp.c.orig 2008-11-11 20:04:34.000000000 +0000
-+++ modules/proxy/mod_proxy_ftp.c      2009-10-04 12:49:43.000000000 +0100
-@@ -604,6 +604,31 @@
-     return APR_SUCCESS;
- }
- 
-+/* Parse EPSV reply and return port, or zero on error.  Modifies
-+ * 'reply'. */
-+static apr_port_t parse_epsv_reply(char *reply)
-+{
-+    char *p, *ep;
-+    long port;
-+
-+    /* Reply syntax per RFC 2428: "229 blah blah (|||port|)" where '|'
-+     * can be any character in ASCII from 33-126, obscurely.  Verify
-+     * the syntax. */
-+    p = ap_strchr(reply, '(');
-+    if (p == NULL || !p[0] || !p[1] || p[1] != p[2] || p[1] != p[3]
-+        || p[4] == p[1]) {
-+        return 0;
-+    }
-+
-+    errno = 0;
-+    port = strtol(p + 4, &ep, 10);
-+    if (errno || port < 1 || port > 65535 || ep[0] != p[1] || ep[1] != ')') {
-+        return 0;
-+    }
-+
-+    return (apr_port_t)port;
-+}
-+
- /*
-  * Generic "send FTP command to server" routine, using the control socket.
-  * Returns the FTP returncode (3 digit code)
-@@ -887,6 +912,11 @@
-     if ((password = apr_table_get(r->headers_in, "Authorization")) != NULL
-         && strcasecmp(ap_getword(r->pool, &password, ' '), "Basic") == 0
-         && (password = ap_pbase64decode(r->pool, password))[0] != ':') {
-+        /* Check the decoded string for special characters. */
-+        if (!ftp_check_string(password)) {
-+            return ap_proxyerror(r, HTTP_BAD_REQUEST, 
-+                                 "user credentials contained invalid character");
-+        } 
-         /*
-          * Note that this allocation has to be made from r->connection->pool
-          * because it has the lifetime of the connection.  The other
-@@ -1210,26 +1240,11 @@
-             return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, ftpmessage);
-         }
-         else if (rc == 229) {
--            char *pstr;
--            char *tok_cntx;
-+            /* Parse the port out of the EPSV reply. */
-+            data_port = parse_epsv_reply(ftpmessage);
- 
--            pstr = ftpmessage;
--            pstr = apr_strtok(pstr, " ", &tok_cntx);    /* separate result code */
--            if (pstr != NULL) {
--                if (*(pstr + strlen(pstr) + 1) == '=') {
--                    pstr += strlen(pstr) + 2;
--                }
--                else {
--                    pstr = apr_strtok(NULL, "(", &tok_cntx);    /* separate address &
--                                                                 * port params */
--                    if (pstr != NULL)
--                        pstr = apr_strtok(NULL, ")", &tok_cntx);
--                }
--            }
--
--            if (pstr) {
-+            if (data_port) {
-                 apr_sockaddr_t *epsv_addr;
--                data_port = atoi(pstr + 3);
- 
-                 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
-                        "proxy: FTP: EPSV contacting remote host on port %d",
-@@ -1272,10 +1287,6 @@
-                     connect = 1;
-                 }
-             }
--            else {
--                /* and try the regular way */
--                apr_socket_close(data_sock);
--            }
-         }
-     }
- 
-@@ -1364,10 +1375,6 @@
-                     connect = 1;
-                 }
-             }
--            else {
--                /* and try the regular way */
--                apr_socket_close(data_sock);
--            }
-         }
-     }
- /*bypass:*/
-@@ -1851,7 +1858,9 @@
-                  * for a slow client to eat these bytes
-                  */
-                 ap_flush_conn(data);
--                apr_socket_close(data_sock);
-+                if (data_sock) {
-+                    apr_socket_close(data_sock);
-+                }
-                 data_sock = NULL;
-                 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
-                              "proxy: FTP: data connection closed");



Home | Main Index | Thread Index | Old Index