Pullup ticket #3653 - requested by spz www/apache22: security patch Revisions pulled up: - www/apache22/Makefile 1.77 - www/apache22/distinfo 1.48 - www/apache22/patches/patch-server_scoreboard.c 1.1 - www/apache22/patches/patch-server_util.c 1.2 --- Module Name: pkgsrc Committed By: spz Date: Tue Jan 17 20:48:29 UTC 2012 Modified Files: pkgsrc/www/apache22: Makefile distinfo pkgsrc/www/apache22/patches: patch-server_util.c Added Files: pkgsrc/www/apache22/patches: patch-server_scoreboard.c Log Message: add patch for CVE-2012-0031 taken from Revision 1231058 of http://svn.apache.org/ update patch for http://secunia.com/advisories/45793/diff -r1.76 -r1.76.2.1 pkgsrc/www/apache22/Makefile
(tron)
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | # $NetBSD: Makefile,v 1.76 2011/12/13 15:37:56 spz Exp $ | 1 | # $NetBSD: Makefile,v 1.76.2.1 2012/01/18 19:54:36 tron Exp $ | |
2 | 2 | |||
3 | DISTNAME= httpd-2.2.21 | 3 | DISTNAME= httpd-2.2.21 | |
4 | 4 | |||
5 | PKGNAME= ${DISTNAME:S/httpd/apache/} | 5 | PKGNAME= ${DISTNAME:S/httpd/apache/} | |
6 | PKGREVISION= 5 | 6 | PKGREVISION= 6 | |
7 | CATEGORIES= www | 7 | CATEGORIES= www | |
8 | MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ | 8 | MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ | |
9 | http://archive.apache.org/dist/httpd/ \ | 9 | http://archive.apache.org/dist/httpd/ \ | |
10 | http://archive.eu.apache.org/dist/httpd/ | 10 | http://archive.eu.apache.org/dist/httpd/ | |
11 | EXTRACT_SUFX= .tar.bz2 | 11 | EXTRACT_SUFX= .tar.bz2 | |
12 | 12 | |||
13 | MAINTAINER= tron@NetBSD.org | 13 | MAINTAINER= tron@NetBSD.org | |
14 | HOMEPAGE= http://httpd.apache.org/ | 14 | HOMEPAGE= http://httpd.apache.org/ | |
15 | COMMENT= Apache HTTP (Web) server, version 2.2 | 15 | COMMENT= Apache HTTP (Web) server, version 2.2 | |
16 | LICENSE= apache-2.0 | 16 | LICENSE= apache-2.0 | |
17 | 17 | |||
18 | PKG_DESTDIR_SUPPORT= user-destdir | 18 | PKG_DESTDIR_SUPPORT= user-destdir | |
19 | 19 |
@@ -1,22 +1,23 @@ | @@ -1,22 +1,23 @@ | |||
1 | $NetBSD: distinfo,v 1.47 2011/12/13 15:37:56 spz Exp $ | 1 | $NetBSD: distinfo,v 1.47.2.1 2012/01/18 19:54:36 tron Exp $ | |
2 | 2 | |||
3 | SHA1 (httpd-2.2.21.tar.bz2) = c02f9b05da9a7e316ff37d9053dc76a57ba51cb4 | 3 | SHA1 (httpd-2.2.21.tar.bz2) = c02f9b05da9a7e316ff37d9053dc76a57ba51cb4 | |
4 | RMD160 (httpd-2.2.21.tar.bz2) = 6464a03d78ab858b1288ea9eef4cd5f73b60a9f1 | 4 | RMD160 (httpd-2.2.21.tar.bz2) = 6464a03d78ab858b1288ea9eef4cd5f73b60a9f1 | |
5 | Size (httpd-2.2.21.tar.bz2) = 5324905 bytes | 5 | Size (httpd-2.2.21.tar.bz2) = 5324905 bytes | |
6 | SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7 | 6 | SHA1 (patch-aa) = e0bfdf6bc9cb034bea46a390a12a5508e363c9a7 | |
7 | SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 | 7 | SHA1 (patch-ab) = 365cc3b0ac2d9d68ccb94f5699fe168a1c9b0150 | |
8 | SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad | 8 | SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad | |
9 | SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 | 9 | SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 | |
10 | SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 | 10 | SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 | |
11 | SHA1 (patch-af) = 312d3bce5e1bf6e747b5f0f313d89bf5b4636392 | 11 | SHA1 (patch-af) = 312d3bce5e1bf6e747b5f0f313d89bf5b4636392 | |
12 | SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 | 12 | SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01 | |
13 | SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 | 13 | SHA1 (patch-ai) = 4ebc3bd580a298973928eb6d13d2ce745eac0312 | |
14 | SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 | 14 | SHA1 (patch-al) = 56b9f5c2f6fd01fe5067f9210e328cbf674c68f1 | |
15 | SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 | 15 | SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08 | |
16 | SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 | 16 | SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4 | |
17 | SHA1 (patch-lock.c) = 770ca03f1cb4421879bd5baa5a7c30cc91acb6e1 | 17 | SHA1 (patch-lock.c) = 770ca03f1cb4421879bd5baa5a7c30cc91acb6e1 | |
18 | SHA1 (patch-modules_mappers_mod_rewrite.c) = de7bbdf02dda38e2542e4967ee6f22745ec0f118 | 18 | SHA1 (patch-modules_mappers_mod_rewrite.c) = de7bbdf02dda38e2542e4967ee6f22745ec0f118 | |
19 | SHA1 (patch-modules_proxy_mod_proxy.c) = bab58b70eee22d7c08be9a4a9ada3fad886fa796 | 19 | SHA1 (patch-modules_proxy_mod_proxy.c) = bab58b70eee22d7c08be9a4a9ada3fad886fa796 | |
20 | SHA1 (patch-repos.c) = 0e0361b91d4b0fe6c7c55a12fdfd2e6aacc710e1 | 20 | SHA1 (patch-repos.c) = 0e0361b91d4b0fe6c7c55a12fdfd2e6aacc710e1 | |
21 | SHA1 (patch-server_protocol.c) = 2be3e4fc08da717fa55b058eb32e398f6546d457 | 21 | SHA1 (patch-server_protocol.c) = 2be3e4fc08da717fa55b058eb32e398f6546d457 | |
22 | SHA1 (patch-server_util.c) = b63f73e2a482facd188eecb0864fc612d1b7b3a5 | 22 | SHA1 (patch-server_scoreboard.c) = 8d1e007f8d1d6a6db827a41d82369749e603a2b3 | |
23 | SHA1 (patch-server_util.c) = 37e9c357618a9645222cd981f0ccb04c7987fe15 |
$NetBSD: patch-server_scoreboard.c,v 1.1.2.2 2012/01/18 19:54:36 tron Exp $
patch for CVE-2012-0031 taken from Revision 1231058 of http://svn.apache.org/
--- server/scoreboard.c.orig 2010-10-07 16:56:54.000000000 +0000
+++ server/scoreboard.c
@@ -42,6 +42,8 @@ AP_DECLARE_DATA const char *ap_scoreboar
AP_DECLARE_DATA int ap_extended_status = 0;
AP_DECLARE_DATA int ap_mod_status_reqtail = 0;
+static ap_scoreboard_e scoreboard_type;
+
#if APR_HAS_SHARED_MEMORY
#include "apr_shm.h"
@@ -250,7 +252,7 @@ apr_status_t ap_cleanup_scoreboard(void
if (ap_scoreboard_image == NULL) {
return APR_SUCCESS;
}
- if (ap_scoreboard_image->global->sb_type == SB_SHARED) {
+ if (scoreboard_type == SB_SHARED) {
ap_cleanup_shared_mem(NULL);
}
else {
@@ -312,7 +314,7 @@ int ap_create_scoreboard(apr_pool_t *p,
ap_init_scoreboard(sb_mem);
}
- ap_scoreboard_image->global->sb_type = sb_type;
+ ap_scoreboard_image->global->sb_type = scoreboard_type = sb_type;
ap_scoreboard_image->global->running_generation = 0;
ap_scoreboard_image->global->restart_time = apr_time_now();
@@ -1,17 +1,26 @@ | @@ -1,17 +1,26 @@ | |||
1 | $NetBSD: patch-server_util.c,v 1.1 2011/11/11 07:58:03 spz Exp $ | 1 | $NetBSD: patch-server_util.c,v 1.1.4.1 2012/01/18 19:54:36 tron Exp $ | |
2 | 2 | |||
3 | fix for http://secunia.com/advisories/45793/ | 3 | fix for http://secunia.com/advisories/45793/ | |
4 | snarfed (with adjustment regarding location) from | 4 | http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/util.c?r1=1124515&r2=1227280 | |
5 | http://svn.apache.org/viewvc/httpd/httpd/trunk/server/util.c?r1=1198940&r2=1198939&pathrev=1198940 | 5 | modulo we have apr 1.3 and can use APR_SIZE_MAX and APR_ENOMEM | |
6 | 6 | |||
7 | --- server/util.c.orig 2011-05-19 02:17:37.000000000 +0000 | 7 | --- server/util.c.orig 2011-05-19 02:17:37.000000000 +0000 | |
8 | +++ server/util.c | 8 | +++ server/util.c | |
9 | @@ -366,7 +366,7 @@ AP_DECLARE(char *) ap_pregsub(apr_pool_t | |||
10 | char *dest, *dst; | |||
11 | char c; | |||
12 | size_t no; | |||
13 | - int len; | |||
14 | + apr_size_t len; | |||
15 | ||||
16 | if (!source) | |||
17 | return NULL; | |||
9 | @@ -391,6 +391,8 @@ AP_DECLARE(char *) ap_pregsub(apr_pool_t | 18 | @@ -391,6 +391,8 @@ AP_DECLARE(char *) ap_pregsub(apr_pool_t | |
10 | len++; | 19 | len++; | |
11 | } | 20 | } | |
12 | else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) { | 21 | else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) { | |
13 | + if (APR_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so) | 22 | + if (APR_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so) | |
14 | + return APR_ENOMEM; | 23 | + return APR_ENOMEM; | |
15 | len += pmatch[no].rm_eo - pmatch[no].rm_so; | 24 | len += pmatch[no].rm_eo - pmatch[no].rm_so; | |
16 | } | 25 | } | |
17 | 26 |