pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www Avoid CVE-2016-4450 (NULL dereference while saving...
details: https://anonhg.NetBSD.org/pkgsrc/rev/975ef8d39c68
branches: trunk
changeset: 347845:975ef8d39c68
user: joerg <joerg%pkgsrc.org@localhost>
date: Tue May 31 19:44:47 2016 +0000
description:
Avoid CVE-2016-4450 (NULL dereference while saving client body to
temporary file). Bump revision.
diffstat:
www/nginx-devel/Makefile | 3 ++-
www/nginx-devel/distinfo | 3 ++-
www/nginx-devel/patches/patch-src_os_unix_ngx__files.c | 17 +++++++++++++++++
www/nginx/Makefile | 4 ++--
www/nginx/patches/patch-src_os_unix_ngx__files.c | 17 +++++++++++++++++
5 files changed, 40 insertions(+), 4 deletions(-)
diffs (81 lines):
diff -r 30cb60b98b1d -r 975ef8d39c68 www/nginx-devel/Makefile
--- a/www/nginx-devel/Makefile Tue May 31 19:35:54 2016 +0000
+++ b/www/nginx-devel/Makefile Tue May 31 19:44:47 2016 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.19 2016/01/26 17:59:13 joerg Exp $
+# $NetBSD: Makefile,v 1.20 2016/05/31 19:54:43 joerg Exp $
DISTNAME= nginx-1.9.10
+PKGREVISION= 1
MAINTAINER= imil%NetBSD.org@localhost
NGINX_HTTP_V2= yes
diff -r 30cb60b98b1d -r 975ef8d39c68 www/nginx-devel/distinfo
--- a/www/nginx-devel/distinfo Tue May 31 19:35:54 2016 +0000
+++ b/www/nginx-devel/distinfo Tue May 31 19:44:47 2016 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.19 2016/01/26 17:59:13 joerg Exp $
+$NetBSD: distinfo,v 1.20 2016/05/31 19:54:43 joerg Exp $
SHA1 (array-var-nginx-module-0.04.tar.gz) = 1fd3bdd05c2d1d7667ed6f7baa612ddf7f630df3
RMD160 (array-var-nginx-module-0.04.tar.gz) = a751a2ce87dcfb88d072779097b4df9f42a415e4
@@ -46,3 +46,4 @@
Size (set-misc-nginx-module-0.29.tar.gz) = 35495 bytes
SHA1 (patch-auto_install) = 723e2ae222146775ae66aed7815bf3f911dd1cd7
SHA1 (patch-conf_nginx.conf) = ee9fbc3838cc006f6e1cddddadf6603f4941d171
+SHA1 (patch-src_os_unix_ngx__files.c) = e6159893bbdf6b991dd3b3ee6fae32d304374995
diff -r 30cb60b98b1d -r 975ef8d39c68 www/nginx-devel/patches/patch-src_os_unix_ngx__files.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/nginx-devel/patches/patch-src_os_unix_ngx__files.c Tue May 31 19:44:47 2016 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-src_os_unix_ngx__files.c,v 1.1 2016/05/31 19:54:43 joerg Exp $
+
+--- src/os/unix/ngx_files.c.orig 2016-01-26 14:27:43.000000000 +0000
++++ src/os/unix/ngx_files.c
+@@ -313,6 +313,12 @@ ngx_write_chain_to_file(ngx_file_t *file
+ /* create the iovec and coalesce the neighbouring bufs */
+
+ while (cl && vec.nelts < IOV_MAX) {
++
++ if (ngx_buf_special(cl->buf)) {
++ cl = cl->next;
++ continue;
++ }
++
+ if (prev == cl->buf->pos) {
+ iov->iov_len += cl->buf->last - cl->buf->pos;
+
diff -r 30cb60b98b1d -r 975ef8d39c68 www/nginx/Makefile
--- a/www/nginx/Makefile Tue May 31 19:35:54 2016 +0000
+++ b/www/nginx/Makefile Tue May 31 19:44:47 2016 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.63 2016/03/05 11:29:38 jperkin Exp $
+# $NetBSD: Makefile,v 1.64 2016/05/31 19:44:47 joerg Exp $
DISTNAME= nginx-1.8.1
MAINTAINER= joerg%NetBSD.org@localhost
-PKGREVISION= 1
+PKGREVISION= 2
.include "../../www/nginx/Makefile.common"
diff -r 30cb60b98b1d -r 975ef8d39c68 www/nginx/patches/patch-src_os_unix_ngx__files.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/nginx/patches/patch-src_os_unix_ngx__files.c Tue May 31 19:44:47 2016 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-src_os_unix_ngx__files.c,v 1.1 2016/05/31 19:44:47 joerg Exp $
+
+--- src/os/unix/ngx_files.c.orig 2016-01-26 14:39:33.000000000 +0000
++++ src/os/unix/ngx_files.c
+@@ -292,6 +292,12 @@ ngx_write_chain_to_file(ngx_file_t *file
+ /* create the iovec and coalesce the neighbouring bufs */
+
+ while (cl && vec.nelts < IOV_MAX) {
++
++ if (ngx_buf_special(cl->buf)) {
++ cl = cl->next;
++ continue;
++ }
++
+ if (prev == cl->buf->pos) {
+ iov->iov_len += cl->buf->last - cl->buf->pos;
+
Home |
Main Index |
Thread Index |
Old Index