pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/apache22 Remove duplicate error check from securit...
details: https://anonhg.NetBSD.org/pkgsrc/rev/dabcfae70f38
branches: trunk
changeset: 596703:dabcfae70f38
user: tron <tron%pkgsrc.org@localhost>
date: Mon Dec 12 18:43:14 2011 +0000
description:
Remove duplicate error check from security patch. No revision bump as
there is no functional change.
Problem pointed out by S.P. Zeidler.
diffstat:
www/apache22/distinfo | 4 ++--
www/apache22/patches/patch-server_protocol.c | 25 +++----------------------
2 files changed, 5 insertions(+), 24 deletions(-)
diffs (62 lines):
diff -r fd8ee7782d58 -r dabcfae70f38 www/apache22/distinfo
--- a/www/apache22/distinfo Mon Dec 12 17:41:37 2011 +0000
+++ b/www/apache22/distinfo Mon Dec 12 18:43:14 2011 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.45 2011/12/07 22:58:12 tron Exp $
+$NetBSD: distinfo,v 1.46 2011/12/12 18:43:14 tron Exp $
SHA1 (httpd-2.2.21.tar.bz2) = c02f9b05da9a7e316ff37d9053dc76a57ba51cb4
RMD160 (httpd-2.2.21.tar.bz2) = 6464a03d78ab858b1288ea9eef4cd5f73b60a9f1
@@ -16,5 +16,5 @@
SHA1 (patch-aw) = ca53d67beeb2c2c4d9adb04d3d79e24a8c427fd4
SHA1 (patch-lock.c) = 770ca03f1cb4421879bd5baa5a7c30cc91acb6e1
SHA1 (patch-repos.c) = 0e0361b91d4b0fe6c7c55a12fdfd2e6aacc710e1
-SHA1 (patch-server_protocol.c) = fc77c3293f6f2f73a40e88098ba1483d3e605b66
+SHA1 (patch-server_protocol.c) = 2be3e4fc08da717fa55b058eb32e398f6546d457
SHA1 (patch-server_util.c) = b63f73e2a482facd188eecb0864fc612d1b7b3a5
diff -r fd8ee7782d58 -r dabcfae70f38 www/apache22/patches/patch-server_protocol.c
--- a/www/apache22/patches/patch-server_protocol.c Mon Dec 12 17:41:37 2011 +0000
+++ b/www/apache22/patches/patch-server_protocol.c Mon Dec 12 18:43:14 2011 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-server_protocol.c,v 1.2 2011/12/07 22:58:12 tron Exp $
+$NetBSD: patch-server_protocol.c,v 1.3 2011/12/12 18:43:14 tron Exp $
revision 1179239 from http://svn.apache.org/:
SECURITY (CVE-2011-3368): Prevent unintended pattern expansion
@@ -13,8 +13,8 @@
the input string for RewriteRule et al really is an absolute path.
--- server/protocol.c.orig 2011-05-07 12:39:29.000000000 +0100
-+++ server/protocol.c 2011-12-07 22:48:17.000000000 +0000
-@@ -640,6 +640,44 @@
++++ server/protocol.c 2011-12-12 18:37:04.000000000 +0000
+@@ -640,6 +640,25 @@
ap_parse_uri(r, uri);
@@ -37,25 +37,6 @@
+ r->uri = apr_pstrdup(r->pool, uri);
+ }
+
-+ /* RFC 2616:
-+ * Request-URI = "*" | absoluteURI | abs_path | authority
-+ *
-+ * authority is a special case for CONNECT. If the request is not
-+ * using CONNECT, and the parsed URI does not have scheme, and
-+ * it does not begin with '/', and it is not '*', then, fail
-+ * and give a 400 response. */
-+ if (r->method_number != M_CONNECT
-+ && !r->parsed_uri.scheme
-+ && uri[0] != '/'
-+ && !(uri[0] == '*' && uri[1] == '\0')) {
-+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
-+ "invalid request-URI %s", uri);
-+ r->args = NULL;
-+ r->hostname = NULL;
-+ r->status = HTTP_BAD_REQUEST;
-+ r->uri = apr_pstrdup(r->pool, uri);
-+ }
-+
if (ll[0]) {
r->assbackwards = 0;
pro = ll;
Home |
Main Index |
Thread Index |
Old Index