forked from pool/apache2
This commit is contained in:
OBS User unknown
Git OBS Bridge
parent
0ce478ec5d
commit
3d46fee338
@ -1,3 +1,12 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 19 16:18:39 CEST 2008 - skh@suse.de
|
||||
|
||||
- add httpd-2.x.x-logresolve.patch again [bnc#210904]
|
||||
- add httpd-2.2.x-CVE-2008-2939.patch [bnc#415061]:
|
||||
mod_proxy_ftp: Prevent XSS attacks when using wildcards in
|
||||
the path of the FTP URL. Discovered by Marc Bevand of Rapid7.
|
||||
[Ruediger Pluem]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 26 22:59:55 CEST 2008 - poeml@suse.de
|
||||
|
||||
|
||||
12
apache2.spec
12
apache2.spec
@ -63,7 +63,7 @@ License: The Apache Software License
|
||||
Group: Productivity/Networking/Web/Servers
|
||||
%define realver 2.2.9
|
||||
Version: 2.2.9
|
||||
Release: 1
|
||||
Release: 4
|
||||
#Source0: http://www.apache.org/dist/httpd-%{version}.tar.bz2
|
||||
Source0: http://httpd.apache.org/dev/dist/httpd-%{realver}.tar.bz2
|
||||
Source10: SUSE-NOTICE
|
||||
@ -115,6 +115,8 @@ Patch23: httpd-2.1.9-apachectl.dif
|
||||
Patch65: httpd-2.0.49-log_server_status.dif
|
||||
Patch66: httpd-2.0.54-envvars.dif
|
||||
Patch67: httpd-2.2.0-apxs-a2enmod.dif
|
||||
Patch68: httpd-2.x.x-logresolve.patch
|
||||
Patch69: httpd-2.2.x-CVE-2008-2939.patch
|
||||
Url: http://httpd.apache.org/
|
||||
Icon: Apache.xpm
|
||||
Summary: The Apache Web Server Version 2.0
|
||||
@ -332,6 +334,8 @@ Authors:
|
||||
%patch65 -p1
|
||||
%patch66 -p1
|
||||
%patch67 -p1
|
||||
%patch68 -p1
|
||||
%patch69 -p4
|
||||
#
|
||||
cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
|
||||
#
|
||||
@ -1021,6 +1025,12 @@ if ! test -f /.buildenv; then
|
||||
fi
|
||||
|
||||
%changelog
|
||||
* Fri Sep 19 2008 skh@suse.de
|
||||
- add httpd-2.x.x-logresolve.patch again [bnc#210904]
|
||||
- add httpd-2.2.x-CVE-2008-2939.patch [bnc#415061]:
|
||||
mod_proxy_ftp: Prevent XSS attacks when using wildcards in
|
||||
the path of the FTP URL. Discovered by Marc Bevand of Rapid7.
|
||||
[Ruediger Pluem]
|
||||
* Wed Aug 27 2008 poeml@suse.de
|
||||
- drop rc.config handling (was removed in or after SuSE Linux 8.0)
|
||||
- don't use fillup_insserv options which have been removed lately
|
||||
|
||||
13
httpd-2.2.x-CVE-2008-2939.patch
Normal file
13
httpd-2.2.x-CVE-2008-2939.patch
Normal file
@ -0,0 +1,13 @@
|
||||
Taken from: http://svn.apache.org/viewvc?view=rev&revision=682870
|
||||
|
||||
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c 2008/08/05 19:00:05 682869
|
||||
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c 2008/08/05 19:01:50 682870
|
||||
@@ -383,6 +383,7 @@
|
||||
c->bucket_alloc));
|
||||
}
|
||||
if (wildcard != NULL) {
|
||||
+ wildcard = ap_escape_html(p, wildcard);
|
||||
APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(wildcard,
|
||||
strlen(wildcard), p,
|
||||
c->bucket_alloc));
|
||||
|
||||
57
httpd-2.x.x-logresolve.patch
Normal file
57
httpd-2.x.x-logresolve.patch
Normal file
@ -0,0 +1,57 @@
|
||||
diff -Naur ../httpd-2.2.4.orig/support/logresolve.pl.in ./support/logresolve.pl.in
|
||||
--- ../httpd-2.2.4.orig/support/logresolve.pl.in 2006-07-12 05:38:44.000000000 +0200
|
||||
+++ ./support/logresolve.pl.in 2007-10-23 13:59:27.000000000 +0200
|
||||
@@ -57,6 +57,7 @@
|
||||
|
||||
use FileHandle;
|
||||
use Socket;
|
||||
+use File::Temp;
|
||||
|
||||
use strict;
|
||||
no strict 'refs';
|
||||
@@ -71,11 +72,13 @@
|
||||
my %hash = ();
|
||||
my $parent = $$;
|
||||
|
||||
+my $tempdir = File::Temp::tempdir("logresolve.pl2.sockets.XXXXXX", CLEANUP => 1);
|
||||
+
|
||||
my @children = ();
|
||||
for (my $child = 1; $child <=$CHILDREN; $child++) {
|
||||
my $f = fork();
|
||||
if (!$f) {
|
||||
- $filename = "./.socket.$parent.$child";
|
||||
+ $filename = "$tempdir/socket.$parent.$child";
|
||||
if (-e $filename) { unlink($filename) || warn "$filename .. $!\n";}
|
||||
&child($child);
|
||||
exit(0);
|
||||
@@ -91,9 +94,9 @@
|
||||
# die kiddies, die
|
||||
kill(15, @children);
|
||||
for (my $child = 1; $child <=$CHILDREN; $child++) {
|
||||
- if (-e "./.socket.$parent.$child") {
|
||||
- unlink("./.socket.$parent.$child")
|
||||
- || warn ".socket.$parent.$child $!";
|
||||
+ if (-e "$tempdir/socket.$parent.$child") {
|
||||
+ unlink("$tempdir/socket.$parent.$child")
|
||||
+ || warn "$tempdir/socket.$parent.$child $!";
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -113,7 +116,7 @@
|
||||
if (!socket($CHILDSOCK{$child}, AF_UNIX, SOCK_STREAM, $PROTOCOL)) {
|
||||
warn "parent socket to child failed $!";
|
||||
}
|
||||
- $filename = "./.socket.$parent.$child";
|
||||
+ $filename = "$tempdir/socket.$parent.$child";
|
||||
my $response;
|
||||
do {
|
||||
$response = connect($CHILDSOCK{$child}, sockaddr_un($filename));
|
||||
@@ -176,7 +179,7 @@
|
||||
# create a socket to communicate with parent
|
||||
socket(INBOUND, AF_UNIX, SOCK_STREAM, $PROTOCOL)
|
||||
|| die "Error with Socket: !$\n";
|
||||
- $filename = "./.socket.$parent.$me";
|
||||
+ $filename = "$tempdir/socket.$parent.$me";
|
||||
bind(INBOUND, sockaddr_un($filename))
|
||||
|| die "Error Binding $filename: $!\n";
|
||||
listen(INBOUND, 5) || die "Error Listening: $!\n";
|
||||
Loading…
Reference in New Issue
Block a user