From 6164d3a4445a58197b45c1fa3ee7f979d1a3cc10 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Fri, 15 Nov 2013 10:47:13 +0000 Subject: main/lighttpd: various sec fixes (CVE-2013-4508,CVE-2013-4559,CVE-2013-4560) ref #2350 --- main/lighttpd/APKBUILD | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'main/lighttpd/APKBUILD') diff --git a/main/lighttpd/APKBUILD b/main/lighttpd/APKBUILD index 09a4c2892a..297becee88 100644 --- a/main/lighttpd/APKBUILD +++ b/main/lighttpd/APKBUILD @@ -2,7 +2,7 @@ pkgname=lighttpd pkgver=1.4.33 _streamver=2.2.0 -pkgrel=2 +pkgrel=3 pkgdesc="a secure, fast, compliant and very flexible web-server" url="http://www.lighttpd.net/" arch="all" @@ -15,6 +15,11 @@ makedepends="flex pcre-dev openssl-dev zlib-dev bzip2-dev lua-dev pkgconfig automake autoconf openldap-dev libxml2-dev sqlite-dev libev-dev" source="http://download.lighttpd.net/lighttpd/releases-1.4.x/$pkgname-$pkgver.tar.bz2 http://h264.code-shop.com/download/lighttpd-1.4.18_mod_h264_streaming-$_streamver.tar.gz + CVE-2013-4508.patch + CVE-2013-4508b.patch + CVE-2013-4559.patch + CVE-2013-4560.patch + $pkgname.initd $pkgname.confd $pkgname.logrotate @@ -141,6 +146,10 @@ mod_webdav() { md5sums="e66b8164e5fc5a6beec0823b697fbe1d lighttpd-1.4.33.tar.bz2 ac37885c881a058194405232e7737a7a lighttpd-1.4.18_mod_h264_streaming-2.2.0.tar.gz +a511605bb658386a09892c578dfc1edb CVE-2013-4508.patch +89dba7992857f6173b64305142c0a79d CVE-2013-4508b.patch +a17ed4614cdd6273d6cde40d48dbbf0e CVE-2013-4559.patch +f903d74285300a4323aafb9cd6e59aa0 CVE-2013-4560.patch aa1f130f66607615143b2b497c55b177 lighttpd.initd 0dede109282bfe685bdec6b35f0e4b6b lighttpd.confd ad091c9157134890499f26d170352c9f lighttpd.logrotate @@ -153,6 +162,10 @@ f3363e39832f1b6678468b482d121afb mod_fastcgi.conf aee5947a1abf380b0685a534ca384b42 mod_fastcgi_fpm.conf" sha256sums="2ff2324658c0f90e7d39afd40f08f11ca230903b9019c31a2bbecd8f087f235e lighttpd-1.4.33.tar.bz2 732cf98d823f2c7ddc96a3130a3c88d588b02ed20a0e7f8c9be25a265fbea2d6 lighttpd-1.4.18_mod_h264_streaming-2.2.0.tar.gz +08b2529e527a9810fd46fa2e33529a05f70b58e06b5d908a9c8126778a8f8284 CVE-2013-4508.patch +d5c3740de1322b52d13387a797b191f5fe61aa542c58dfa828e778cedf674580 CVE-2013-4508b.patch +82c2b19fcf807d4d32732aa72a62b7d31a0988290b227c98b0399cfa98da91a4 CVE-2013-4559.patch +d87655bbfc597216476c2674d9018aa556f7b6e592c9313c94c82e141b9bff2f CVE-2013-4560.patch 14a769551522d7c05319db2efd6b03962638413e4a3d58a0ee5f3f4760d33f16 lighttpd.initd 94f69a173dc26610a43532474230537b9bc31ec846fb9f94cb72765f125edf87 lighttpd.confd 503ee1cd454e2c0f9a212ef60dc8321893eda06ccf721ecbe94d189a09e0bc6c lighttpd.logrotate @@ -165,6 +178,10 @@ d1adc1358b5d9e85353caa2e706bfa231d145dd59c075cdcb3f818b3cb5d722e mod_fastcgi.co e7eb047360e09d1a2b693f08d4a912b99954090c5bdea706f46a33554e867043 mod_fastcgi_fpm.conf" sha512sums="f380adb20944846340b409290c43d54188f94e7992fe1e90121ab866f75048dfb7c2c1592b07b1df0af3b6d12b60d1d7e5d41de75c8684b8939b3df736f00762 lighttpd-1.4.33.tar.bz2 12e1b7c8146cccfa78678ce56cd2f704423559b23b90996dff00602634f110512146386086ac234293a3c28900a06c2bec1c97e680e7eed5173372f88177b351 lighttpd-1.4.18_mod_h264_streaming-2.2.0.tar.gz +2f0c876ee11e64cb4df5e1a59fe907c680b7825b8c6acc12d3697bc0ceaf0f3eee223702b04a7f14a9e7e5d55e027b6181b9837a3d5a7476b10f90a9b8b1238e CVE-2013-4508.patch +521e0828009b37d936d15564734568b0e0180b2261d40562d686f3abc10c4a8780524b404788f21d09fecefeabbd588c2cb8dce0c242f6dec693c2f664c296e2 CVE-2013-4508b.patch +63c200180d11658a3341061e3ac0d404504b9ef97927e8673ac78a2c41c8169b0e1c4e37d6da08de9d6c4fc390e452f256207dc850f85f8bdd761c6b4e3f58a7 CVE-2013-4559.patch +c7d699df342ad2822fddf6f20bddac9c069d3eeeaf20067781728ed341a36a9a1cc5c430ff2d5d1e1a422a31c3fcf7e8752bb034df69df15d8de3b179c757024 CVE-2013-4560.patch 3d92f1f2fab79d12570e445d0bfba1c3b53898c6eeb323ec2171a289417c01039746f722c5e00bac36ea7fc433e3e7422b64f8952ad780b3d68e010ef3d8bf61 lighttpd.initd 93a05dddab14ba6355a0345f1da2fe900c8b55fed8f98506295dc12d96c7cef803c4aca77f016b8acea7bbde485be1e09a57d31fdca6f91023fbeb4db9a90a8b lighttpd.confd e1284fe9ab4b9a53c21b40a5ac3e77e66343e187321b8a2f7464db64747f3a99f7e17a9e7c0e298db84a24fa1286cfe344dbff182eddd9de5c0605f5397a6972 lighttpd.logrotate -- cgit v1.2.3