diff options
| author |   Benedikt Boehm <hollow@gentoo.org> | 2007-12-15 14:38:32 +0000 |
|---|---|---|
| committer | Benedikt Boehm <hollow@gentoo.org> | 2007-12-15 14:38:32 +0000 |
| commit | 7291186b8e6790cb1af2d5a69eae4c2b1b1f6359 (patch) | |
| tree | e1e8cb6b073c96650d69b08de397b62bcba33db3 | |
| parent | fix vim modeline (diff) | |
| download | apache-7291186b8e6790cb1af2d5a69eae4c2b1b1f6359.tar.gz apache-7291186b8e6790cb1af2d5a69eae4c2b1b1f6359.tar.bz2 apache-7291186b8e6790cb1af2d5a69eae4c2b1b1f6359.zip | |
update for apache-2.2.6-r6; fix rolltarball.sh for apache-2.eclass
| -rw-r--r-- | 2.2/patches/05_all_CVE-2006-6203.patch | 32 | ||||
| -rw-r--r-- | 2.2/patches/06_all_CVE-2007-5000.patch | 25 | ||||
| -rwxr-xr-x | rolltarball.sh | 6 |
3 files changed, 60 insertions, 3 deletions
diff --git a/2.2/patches/05_all_CVE-2006-6203.patch b/2.2/patches/05_all_CVE-2006-6203.patch new file mode 100644 index 0000000..4f59287 --- /dev/null +++ b/2.2/patches/05_all_CVE-2006-6203.patch @@ -0,0 +1,32 @@ +Index: httpd-2.2.x/modules/http/http_protocol.c +=================================================================== +--- httpd-2.2.x/modules/http/http_protocol.c (revision 596677) ++++ httpd-2.2.x/modules/http/http_protocol.c (revision 604192) +@@ -913,7 +913,8 @@ + NULL)); + case HTTP_METHOD_NOT_ALLOWED: + return(apr_pstrcat(p, +- "<p>The requested method ", r->method, ++ "<p>The requested method ", ++ ap_escape_html(r->pool, r->method), + " is not allowed for the URL ", + ap_escape_html(r->pool, r->uri), + ".</p>\n", +@@ -931,7 +932,7 @@ + case HTTP_LENGTH_REQUIRED: + s1 = apr_pstrcat(p, + "<p>A request of the requested method ", +- r->method, ++ ap_escape_html(r->pool, r->method), + " requires a valid Content-length.<br />\n", + NULL); + return(add_optional_notes(r, s1, "error-notes", "</p>\n")); +@@ -978,7 +979,7 @@ + "The requested resource<br />", + ap_escape_html(r->pool, r->uri), "<br />\n", + "does not allow request data with ", +- r->method, ++ ap_escape_html(r->pool, r->method), + " requests, or the amount of data provided in\n" + "the request exceeds the capacity limit.\n", + NULL)); diff --git a/2.2/patches/06_all_CVE-2007-5000.patch b/2.2/patches/06_all_CVE-2007-5000.patch new file mode 100644 index 0000000..b329bb5 --- /dev/null +++ b/2.2/patches/06_all_CVE-2007-5000.patch @@ -0,0 +1,25 @@ +Index: httpd-2.2.x/modules/mappers/mod_imagemap.c +=================================================================== +--- httpd-2.2.x/modules/mappers/mod_imagemap.c (revision 603710) ++++ httpd-2.2.x/modules/mappers/mod_imagemap.c (revision 604312) +@@ -479,13 +479,16 @@ + + static void menu_header(request_rec *r, char *menu) + { +- ap_set_content_type(r, "text/html"); ++ ap_set_content_type(r, "text/html; charset=ISO-8859-1"); + +- ap_rvputs(r, DOCTYPE_HTML_3_2, "<html><head>\n<title>Menu for ", r->uri, +- "</title>\n</head><body>\n", NULL); ++ ap_rvputs(r, DOCTYPE_HTML_3_2, "<html><head>\n<title>Menu for ", ++ ap_escape_html(r->pool, r->uri), ++ "</title>\n</head><body>\n", NULL); + + if (!strcasecmp(menu, "formatted")) { +- ap_rvputs(r, "<h1>Menu for ", r->uri, "</h1>\n<hr />\n\n", NULL); ++ ap_rvputs(r, "<h1>Menu for ", ++ ap_escape_html(r->pool, r->uri), ++ "</h1>\n<hr />\n\n", NULL); + } + + return; diff --git a/rolltarball.sh b/rolltarball.sh index a1818f0..8c74c54 100755 --- a/rolltarball.sh +++ b/rolltarball.sh @@ -497,11 +497,11 @@ build_tarball() { then if [ -r ${EBUILD} ] then - pretend && einfo " Update GENTOO_PATCHSTAMP and GENTOO_DEVSPACE" + pretend && einfo " Update GENTOO_PATCHSTAMP and GENTOO_DEVELOPER" pretend || { - ebegin "Updating GENTOO_PATCHSTAMP and GENTOO_DEVSPACE" + ebegin "Updating GENTOO_PATCHSTAMP and GENTOO_DEVELOPER" sed -i -e "s/GENTOO_PATCHSTAMP=\".*\"/GENTOO_PATCHSTAMP=\"${DATESTAMP}\"/" ${EBUILD} && - sed -i -e "s/GENTOO_DEVSPACE=\".*\"/GENTOO_DEVSPACE=\"${G_USER}\"/" ${EBUILD} + sed -i -e "s/GENTOO_DEVELOPER=\".*\"/GENTOO_DEVELOPER=\"${G_USER}\"/" ${EBUILD} eend $? "Failed to modify ebuild" || { einfo "It's highly recommended that you delete the ebuild" einfo "and cvs up and then modify the ebuild manually." |