From c1ee7a6e6d21447788c7512e7197d49ebfbc3096 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Tue, 7 Jul 2015 14:20:33 +0000 Subject: main/lighttpd: security fix for CVE-2015-3200 The upstream patch does not apply without applying lot other stuff so we simply apply all since 1.4.35 release. ref #4329 --- ...x-undefined-index-warning-in-sendfile.php.patch | 31 ++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 main/lighttpd/0025-tests-fix-undefined-index-warning-in-sendfile.php.patch (limited to 'main/lighttpd/0025-tests-fix-undefined-index-warning-in-sendfile.php.patch') diff --git a/main/lighttpd/0025-tests-fix-undefined-index-warning-in-sendfile.php.patch b/main/lighttpd/0025-tests-fix-undefined-index-warning-in-sendfile.php.patch new file mode 100644 index 0000000000..f37b98cdba --- /dev/null +++ b/main/lighttpd/0025-tests-fix-undefined-index-warning-in-sendfile.php.patch @@ -0,0 +1,31 @@ +From 673923daf839fda59e4dc1e5f95f5b265a65e802 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Stefan=20B=C3=BChler?= +Date: Sun, 8 Feb 2015 19:10:58 +0000 +Subject: [PATCH 25/29] [tests] fix undefined index warning in sendfile.php +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Stefan Bühler + +git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2985 152afb58-edef-0310-8abb-c4023f1b3aa9 +--- + tests/docroot/www/sendfile.php | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/docroot/www/sendfile.php b/tests/docroot/www/sendfile.php +index 0aa8786..e460220 100644 +--- a/tests/docroot/www/sendfile.php ++++ b/tests/docroot/www/sendfile.php +@@ -6,7 +6,7 @@ function pathencode($path) { + + $val = "X-Sendfile2: " . pathencode(getcwd() . "/index.txt") . " " . $_GET["range"]; + +-if ($_GET["range2"]) $val .= ", " . pathencode(getcwd() . "/index.txt") . " " . $_GET["range2"]; ++if (isset($_GET["range2"])) $val .= ", " . pathencode(getcwd() . "/index.txt") . " " . $_GET["range2"]; + + header($val); + +-- +2.4.5 + -- cgit v1.2.3