[pkgsrc/trunk]: pkgsrc/www/apache22 Add patch for CVE-2008-2364 from the Apac...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/apache22 Add patch for CVE-2008-2364 from the Apac...
From: tron <tron%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 06:13:47 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/f6344201e342
branches:  trunk
changeset: 543281:f6344201e342
user:      tron <tron%pkgsrc.org@localhost>
date:      Thu Jun 12 14:12:19 2008 +0000

description:
Add patch for CVE-2008-2364 from the Apache SVN repository.

diffstat:

 www/apache22/Makefile         |   4 +-
 www/apache22/distinfo         |   3 +-
 www/apache22/patches/patch-ab |  83 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 87 insertions(+), 3 deletions(-)

diffs (117 lines):

diff -r 70cd9a29aaa8 -r f6344201e342 www/apache22/Makefile
--- a/www/apache22/Makefile     Thu Jun 12 13:37:19 2008 +0000
+++ b/www/apache22/Makefile     Thu Jun 12 14:12:19 2008 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.25 2008/05/26 02:13:25 joerg Exp $
+# $NetBSD: Makefile,v 1.26 2008/06/12 14:12:19 tron Exp $
 
 .include "Makefile.common"
 
 PKGNAME=       apache-${APACHE_VERSION}
-#PKGREVISION=  1
+PKGREVISION=   1
 CATEGORIES=    www
 
 HOMEPAGE=      http://httpd.apache.org/
diff -r 70cd9a29aaa8 -r f6344201e342 www/apache22/distinfo
--- a/www/apache22/distinfo     Thu Jun 12 13:37:19 2008 +0000
+++ b/www/apache22/distinfo     Thu Jun 12 14:12:19 2008 +0000
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.9 2008/01/21 15:07:11 xtraeme Exp $
+$NetBSD: distinfo,v 1.10 2008/06/12 14:12:19 tron Exp $
 
 SHA1 (httpd-2.2.8.tar.bz2) = 5074904435d3d942ce2dc96c44b07294b8eaca77
 RMD160 (httpd-2.2.8.tar.bz2) = 0736ea9617bafaa1c8cd34ce4fc1c7a659afea57
 Size (httpd-2.2.8.tar.bz2) = 4799055 bytes
 SHA1 (patch-aa) = ae5b34058fc6455cfa9e3d52a50829155ce2eb11
+SHA1 (patch-ab) = 55f4dac616fbe47fea7be0aecd1b7be679b9b0e7
 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
 SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913
diff -r 70cd9a29aaa8 -r f6344201e342 www/apache22/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/apache22/patches/patch-ab     Thu Jun 12 14:12:19 2008 +0000
@@ -0,0 +1,83 @@
+$NetBSD: patch-ab,v 1.6 2008/06/12 14:12:19 tron Exp $
+
+Patch for CVE-2008-2364, taken from here:
+
+http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154
+
+--- modules/proxy/mod_proxy_http.c.orig        2007-12-08 14:01:47.000000000 +0000
++++ modules/proxy/mod_proxy_http.c     2008-06-12 14:44:10.000000000 +0100
+@@ -1309,6 +1309,16 @@
+     return rv;
+ }
+ 
++/*
++ * Limit the number of interim respones we sent back to the client. Otherwise
++ * we suffer from a memory build up. Besides there is NO sense in sending back
++ * an unlimited number of interim responses to the client. Thus if we cross
++ * this limit send back a 502 (Bad Gateway).
++ */
++#ifndef AP_MAX_INTERIM_RESPONSES
++#define AP_MAX_INTERIM_RESPONSES 10
++#endif
++
+ static
+ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r,
+                                             proxy_conn_rec *backend,
+@@ -1323,8 +1333,8 @@
+     apr_bucket *e;
+     apr_bucket_brigade *bb, *tmp_bb;
+     int len, backasswards;
+-    int interim_response; /* non-zero whilst interim 1xx responses
+-                           * are being read. */
++    int interim_response = 0; /* non-zero whilst interim 1xx responses
++                               * are being read. */
+     int pread_len = 0;
+     apr_table_t *save_table;
+     int backend_broke = 0;
+@@ -1339,6 +1349,7 @@
+      */
+ 
+     rp = ap_proxy_make_fake_req(origin, r);
++    ap_proxy_pre_http_request(origin, rp);
+     /* In case anyone needs to know, this is a fake request that is really a
+      * response.
+      */
+@@ -1469,7 +1480,6 @@
+             if ((buf = apr_table_get(r->headers_out, "Content-Type"))) {
+                 ap_set_content_type(r, apr_pstrdup(p, buf));
+             }
+-            ap_proxy_pre_http_request(origin,rp);
+ 
+             /* Clear hop-by-hop headers */
+             for (i=0; hop_by_hop_hdrs[i]; ++i) {
+@@ -1518,7 +1528,12 @@
+             backend->close += 1;
+         }
+ 
+-        interim_response = ap_is_HTTP_INFO(r->status);
++        if (ap_is_HTTP_INFO(r->status)) {
++            interim_response++;
++        }
++        else {
++            interim_response = 0;
++        }
+         if (interim_response) {
+             /* RFC2616 tells us to forward this.
+              *
+@@ -1711,7 +1726,15 @@
+ 
+             apr_brigade_cleanup(bb);
+         }
+-    } while (interim_response);
++    } while (interim_response && (interim_response < AP_MAX_INTERIM_RESPONSES));
++
++    /* See define of AP_MAX_INTERIM_RESPONSES for why */
++    if (interim_response >= AP_MAX_INTERIM_RESPONSES) {
++        return ap_proxyerror(r, HTTP_BAD_GATEWAY,
++                             apr_psprintf(p, 
++                             "Too many (%d) interim responses from origin server",
++                             interim_response));
++    }
+ 
+     /* If our connection with the client is to be aborted, return DONE. */
+     if (c->aborted || backend_broke) {

Prev by Date: [pkgsrc/trunk]: pkgsrc fixup DESTDIR - bump pkgrevision
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Updated mail/pine-pgp-filters to 1.6
Previous by Thread: [pkgsrc/trunk]: pkgsrc fixup DESTDIR - bump pkgrevision
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated mail/pine-pgp-filters to 1.6
Indexes:

Home | Main Index | Thread Index | Old Index