[pkgsrc/trunk]: pkgsrc/www/apache2 CVE-2008-2939

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/apache2 CVE-2008-2939
From: kefren <kefren%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 06:27:14 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/9420a8162b95
branches:  trunk
changeset: 545669:9420a8162b95
user:      kefren <kefren%pkgsrc.org@localhost>
date:      Sat Aug 09 20:33:37 2008 +0000

description:
CVE-2008-2939
bump PKGREVISION

diffstat:

 www/apache2/Makefile         |   4 ++--
 www/apache2/distinfo         |   3 ++-
 www/apache2/patches/patch-aq |  11 +++++++++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diffs (44 lines):

diff -r fde040837d64 -r 9420a8162b95 www/apache2/Makefile
--- a/www/apache2/Makefile      Sat Aug 09 20:08:35 2008 +0000
+++ b/www/apache2/Makefile      Sat Aug 09 20:33:37 2008 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.125 2008/07/10 15:18:23 joerg Exp $
+# $NetBSD: Makefile,v 1.126 2008/08/09 20:33:37 kefren Exp $
 
 .include "Makefile.common"
 
 PKGNAME=       apache-${APACHE_VERSION}
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    www
 
 HOMEPAGE=      http://httpd.apache.org/
diff -r fde040837d64 -r 9420a8162b95 www/apache2/distinfo
--- a/www/apache2/distinfo      Sat Aug 09 20:08:35 2008 +0000
+++ b/www/apache2/distinfo      Sat Aug 09 20:33:37 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.53 2008/06/20 13:28:08 he Exp $
+$NetBSD: distinfo,v 1.54 2008/08/09 20:33:38 kefren Exp $
 
 SHA1 (httpd-2.0.63.tar.bz2) = 20e2b64944e38e96491af788a37cb709d2c5b755
 RMD160 (httpd-2.0.63.tar.bz2) = f6a7de59860f627ac40b245fcf742fb07e1b4870
@@ -14,3 +14,4 @@
 SHA1 (patch-am) = ab4a2f7e5a1a3064e908b61157e7fd349c0b0c08
 SHA1 (patch-ao) = c629a7563d0e555922526e26b266251144a14ff6
 SHA1 (patch-ap) = 260b9c88bbcb238a81319ff5bef523ec6d765a27
+SHA1 (patch-aq) = ef712b4f0573bb59185eba4143db6917daa7c8bc
diff -r fde040837d64 -r 9420a8162b95 www/apache2/patches/patch-aq
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/apache2/patches/patch-aq      Sat Aug 09 20:33:37 2008 +0000
@@ -0,0 +1,11 @@
+$NetBSD: patch-aq,v 1.5 2008/08/09 20:33:38 kefren Exp $
+--- modules/proxy/proxy_ftp.c.orig     2008-08-09 23:27:01.000000000 +0300
++++ modules/proxy/proxy_ftp.c  2008-08-09 23:27:30.000000000 +0300
+@@ -382,6 +382,7 @@
+                                                            c->bucket_alloc));
+         }
+         if (wildcard != NULL) {
++          wildcard = ap_escape_html(p, wildcard);
+             APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(wildcard,
+                                                            strlen(wildcard), p,
+                                                            c->bucket_alloc));

Prev by Date: [pkgsrc/trunk]: pkgsrc/lang/mono fix an cross site scripting vulnerability
Next by Date: [pkgsrc/trunk]: pkgsrc/doc + Added devel/libslang2 version 2.1.3 [bjs 2008-08...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/lang/mono fix an cross site scripting vulnerability
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc + Added devel/libslang2 version 2.1.3 [bjs 2008-08...
Indexes:

Home | Main Index | Thread Index | Old Index