pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/www/apache24
Module Name: pkgsrc
Committed By: taca
Date: Sun Dec 11 23:52:56 UTC 2016
Modified Files:
pkgsrc/www/apache24: Makefile distinfo
Added Files:
pkgsrc/www/apache24/patches: patch-CVE-2016-8740-2.4.23
Log Message:
Add patch for CVE-2016-8740.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/www/apache24/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/www/apache24/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/www/apache24/patches/patch-CVE-2016-8740-2.4.23
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/www/apache24/Makefile
diff -u pkgsrc/www/apache24/Makefile:1.49 pkgsrc/www/apache24/Makefile:1.50
--- pkgsrc/www/apache24/Makefile:1.49 Fri Oct 7 18:26:12 2016
+++ pkgsrc/www/apache24/Makefile Sun Dec 11 23:52:55 2016
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.49 2016/10/07 18:26:12 adam Exp $
+# $NetBSD: Makefile,v 1.50 2016/12/11 23:52:55 taca Exp $
#
# When updating this package, make sure that no strings like
# "PR 12345" are in the commit message. Upstream likes
@@ -7,7 +7,7 @@
DISTNAME= httpd-2.4.23
PKGNAME= ${DISTNAME:S/httpd/apache/}
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
http://archive.apache.org/dist/httpd/ \
Index: pkgsrc/www/apache24/distinfo
diff -u pkgsrc/www/apache24/distinfo:1.26 pkgsrc/www/apache24/distinfo:1.27
--- pkgsrc/www/apache24/distinfo:1.26 Fri Jul 29 11:11:24 2016
+++ pkgsrc/www/apache24/distinfo Sun Dec 11 23:52:55 2016
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.26 2016/07/29 11:11:24 wiz Exp $
+$NetBSD: distinfo,v 1.27 2016/12/11 23:52:55 taca Exp $
SHA1 (httpd-2.4.23.tar.bz2) = 5101be34ac4a509b245adb70a56690a84fcc4e7f
RMD160 (httpd-2.4.23.tar.bz2) = 01a485281ededaaf932c9478ad078879a63254bc
SHA512 (httpd-2.4.23.tar.bz2) = c520de5be748c0a785ef0dc77102749eb4f47e224968b8d4bed2ae644faa0964623a0e960b64486a0888446790d050b52a6ae34fe61717fab95b37384b4825b1
Size (httpd-2.4.23.tar.bz2) = 6351875 bytes
+SHA1 (patch-CVE-2016-8740-2.4.23) = 286afd11a07f4bb1acb0ca9b89086c79930ca562
SHA1 (patch-aa) = 2d92b1340aaae40289421f164346348c6d7fe839
SHA1 (patch-ab) = a3edcc20b7654e0446c7d442cda1510b23e5d324
SHA1 (patch-ac) = 9f86d845df30316d22bce677a4b176f51007ba0d
Added files:
Index: pkgsrc/www/apache24/patches/patch-CVE-2016-8740-2.4.23
diff -u /dev/null pkgsrc/www/apache24/patches/patch-CVE-2016-8740-2.4.23:1.1
--- /dev/null Sun Dec 11 23:52:56 2016
+++ pkgsrc/www/apache24/patches/patch-CVE-2016-8740-2.4.23 Sun Dec 11 23:52:55 2016
@@ -0,0 +1,36 @@
+$NetBSD: patch-CVE-2016-8740-2.4.23,v 1.1 2016/12/11 23:52:55 taca Exp $
+
+Patch for CVE-2016-8740.
+
+--- modules/http2/h2_stream.c.orig 2016-06-09 10:38:10.000000000 +0000
++++ modules/http2/h2_stream.c
+@@ -322,18 +322,18 @@ apr_status_t h2_stream_add_header(h2_str
+ HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
+ }
+ }
+- }
+-
+- if (h2_stream_is_scheduled(stream)) {
+- return h2_request_add_trailer(stream->request, stream->pool,
+- name, nlen, value, vlen);
+- }
+- else {
+- if (!input_open(stream)) {
+- return APR_ECONNRESET;
++
++ if (h2_stream_is_scheduled(stream)) {
++ return h2_request_add_trailer(stream->request, stream->pool,
++ name, nlen, value, vlen);
++ }
++ else {
++ if (!input_open(stream)) {
++ return APR_ECONNRESET;
++ }
++ return h2_request_add_header(stream->request, stream->pool,
++ name, nlen, value, vlen);
+ }
+- return h2_request_add_header(stream->request, stream->pool,
+- name, nlen, value, vlen);
+ }
+ }
+
Home |
Main Index |
Thread Index |
Old Index