aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-02-01 07:25:24 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-02-01 07:39:22 +0000
commit400a302e8bca4ad2bbef3bb38737680ef8fb53cd (patch)
tree352beca024ccd94c91b9766c3027fa1a74e1afef /main
parentb82ce814e1f58fb47be7b2d815fb7bce926aa429 (diff)
downloadaports-400a302e8bca4ad2bbef3bb38737680ef8fb53cd.tar.bz2
aports-400a302e8bca4ad2bbef3bb38737680ef8fb53cd.tar.xz
main/apache2: security upgrade to 2.2.22 (CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2011-3368)
low: mod_log_config crash CVE-2012-0021 low: scoreboard parent DoS CVE-2012-0031 moderate: error responses can expose cookies CVE-2012-0053 moderate: mod_proxy reverse proxy exposure CVE-2011-3368 This release also include the previosly patched: low: mod_setenvif .htaccess privilege escalation CVE-2011-3607 moderate: mod_proxy reverse proxy exposure CVE-2011-4317 fixes #982
Diffstat (limited to 'main')
-rw-r--r--main/apache2/APKBUILD5
-rw-r--r--main/apache2/CVE-2011-3607.patch32
-rw-r--r--main/apache2/CVE-2011-4317.patch36
3 files changed, 2 insertions, 71 deletions
diff --git a/main/apache2/APKBUILD b/main/apache2/APKBUILD
index 21d97b956b..4241daa1c6 100644
--- a/main/apache2/APKBUILD
+++ b/main/apache2/APKBUILD
@@ -33,7 +33,7 @@ source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2
ssl.conf
ldap.conf
alpine.layout
- CVE-2011-4317.patch"
+ "
prepare() {
cd "$srcdir"/httpd-$pkgver
@@ -252,5 +252,4 @@ e322b5211e49511cac6e40c86af1b1da apache2.confd
749faf0b2916d85d1240bc34f700e5d9 httpd.conf
5d0d024ca43571b863874ab871b2c109 ssl.conf
b70fe826486043e3953cfe21f9e6fa16 ldap.conf
-c66ff5f70260d5266e6803a59b39bd7f alpine.layout
-4c9b33458e4c8dea1be39f811da39be3 CVE-2011-4317.patch"
+c66ff5f70260d5266e6803a59b39bd7f alpine.layout"
diff --git a/main/apache2/CVE-2011-3607.patch b/main/apache2/CVE-2011-3607.patch
deleted file mode 100644
index 3ccbfbc481..0000000000
--- a/main/apache2/CVE-2011-3607.patch
+++ /dev/null
@@ -1,32 +0,0 @@
---- 2.2.x/server/util.c 2012/01/04 19:42:04 1227279
-+++ 2.2.x/server/util.c 2012/01/04 19:45:22 1227280
-@@ -82,6 +82,8 @@
- #define IS_SLASH(s) (s == '/')
- #endif
-
-+/* same as APR_SIZE_MAX which doesn't appear until APR 1.3 */
-+#define UTIL_SIZE_MAX (~((apr_size_t)0))
-
- /*
- * Examine a field value (such as a media-/content-type) string and return
-@@ -366,7 +368,7 @@
- char *dest, *dst;
- char c;
- size_t no;
-- int len;
-+ apr_size_t len;
-
- if (!source)
- return NULL;
-@@ -391,6 +393,11 @@
- len++;
- }
- else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) {
-+ if (UTIL_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so) {
-+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL,
-+ "integer overflow or out of memory condition." );
-+ return NULL;
-+ }
- len += pmatch[no].rm_eo - pmatch[no].rm_so;
- }
-
diff --git a/main/apache2/CVE-2011-4317.patch b/main/apache2/CVE-2011-4317.patch
deleted file mode 100644
index 698b2eb7ab..0000000000
--- a/main/apache2/CVE-2011-4317.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Index: modules/proxy/mod_proxy.c
-===================================================================
---- httpd-2.2.21/modules/proxy/mod_proxy.c (revision 1179633)
-+++ httpd-2.2.21/modules/proxy/mod_proxy.c (working copy)
-@@ -566,6 +566,13 @@
- return OK;
- }
-
-+ /* Check that the URI is valid. */
-+ if (!r->uri || r->uri[0] != '/') {
-+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
-+ "Invalid URI in request %s", r->the_request);
-+ return HTTP_BAD_REQUEST;
-+ }
-+
- /* XXX: since r->uri has been manipulated already we're not really
- * compliant with RFC1945 at this point. But this probably isn't
- * an issue because this is a hybrid proxy/origin server.
-Index: modules/mappers/mod_rewrite.c
-===================================================================
---- httpd-2.2.21/modules/mappers/mod_rewrite.c (revision 1179633)
-+++ httpd-2.2.21/modules/mappers/mod_rewrite.c (working copy)
-@@ -4266,6 +4266,13 @@
- return DECLINED;
- }
-
-+ /* Check that the URI is valid. */
-+ if (!r->uri || r->uri[0] != '/') {
-+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
-+ "Invalid URI in request %s", r->the_request);
-+ return HTTP_BAD_REQUEST;
-+ }
-+
- /*
- * add the SCRIPT_URL variable to the env. this is a bit complicated
- * due to the fact that apache uses subrequests and internal redirects