[prev in list] [next in list] [prev in thread] [next in thread]
List: openpkg-cvs
Subject: [CVS] OpenPKG: openpkg-src/apache/ apache.patch apache.spec
From: "Ralf S. Engelschall" <rse () openpkg ! org>
Date: 2006-04-30 17:36:05
Message-ID: 20060430173605.325601B5055 () master ! openpkg ! org
[Download RAW message or body]
OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: rse@openpkg.org
Module: openpkg-src Date: 30-Apr-2006 19:36:05
Branch: HEAD Handle: 2006043018360400
Modified files:
openpkg-src/apache apache.patch apache.spec
Log:
upgrading package: apache 1.3.34 -> 1.3.35
Summary:
Revision Changes Path
1.21 +9 -50 openpkg-src/apache/apache.patch
1.324 +2 -2 openpkg-src/apache/apache.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/apache/apache.patch
============================================================================
$ cvs diff -u -r1.20 -r1.21 apache.patch
--- openpkg-src/apache/apache.patch 14 Dec 2005 20:11:02 -0000 1.20
+++ openpkg-src/apache/apache.patch 30 Apr 2006 17:36:04 -0000 1.21
@@ -1,6 +1,6 @@
-Index: apache_1.3.34/configure
---- apache_1.3.34/configure.orig 2004-02-20 23:40:50 +0100
-+++ apache_1.3.34/configure 2004-10-22 11:53:40 +0200
+Index: apache_1.3.35/configure
+--- apache_1.3.35/configure.orig 2006-04-21 20:40:11 +0200
++++ apache_1.3.35/configure 2006-04-30 19:30:09 +0200
@@ -1174,10 +1174,10 @@
## or we cannot support the case where the relative
## path is just the emtpy one, i.e. ""]
@@ -16,9 +16,9 @@
##
## check and debug
-Index: apache_1.3.34/src/Configure
---- apache_1.3.34/src/Configure.orig 2004-09-16 01:45:17 +0200
-+++ apache_1.3.34/src/Configure 2004-10-22 11:53:40 +0200
+Index: apache_1.3.35/src/Configure
+--- apache_1.3.35/src/Configure.orig 2005-10-14 01:36:04 +0200
++++ apache_1.3.35/src/Configure 2006-04-30 19:30:09 +0200
@@ -1157,14 +1157,20 @@
SHLIB_SUFFIX_DEPTH=0
;;
@@ -77,9 +77,9 @@
fi
####################################################################
-Index: apache_1.3.34/src/main/util_script.c
---- apache_1.3.34/src/main/util_script.c.orig 2004-02-16 23:29:33 +0100
-+++ apache_1.3.34/src/main/util_script.c 2004-10-22 11:53:40 +0200
+Index: apache_1.3.35/src/main/util_script.c
+--- apache_1.3.35/src/main/util_script.c.orig 2006-04-21 20:40:11 +0200
++++ apache_1.3.35/src/main/util_script.c 2006-04-30 19:30:09 +0200
@@ -203,6 +203,7 @@
}
}
@@ -88,44 +88,3 @@
if (!(env_path = ap_pstrdup(r->pool, getenv("PATH")))) {
env_path = DEFAULT_PATH;
}
-
------------------------------------------------------------------------------
-
-Security Fix (CVE-2005-3352)
-
-Index: apache_1.3.34/src/main/util.c
---- apache_1.3.34/src/main/util.c.orig 2004-11-24 20:10:19 +0100
-+++ apache_1.3.34/src/main/util.c 2005-12-14 21:06:57 +0100
-@@ -1722,6 +1722,8 @@
- j += 3;
- else if (s[i] == '&')
- j += 4;
-+ else if (s[i] == '"')
-+ j += 5;
-
- if (j == 0)
- return ap_pstrndup(p, s, i);
-@@ -1740,6 +1742,10 @@
- memcpy(&x[j], "&", 5);
- j += 4;
- }
-+ else if (s[i] == '"') {
-+ memcpy(&x[j], """, 6);
-+ j += 5;
-+ }
- else
- x[j] = s[i];
-
-Index: apache_1.3.34/src/modules/standard/mod_imap.c
---- apache_1.3.34/src/modules/standard/mod_imap.c.orig 2004-11-24 20:10:19 +0100
-+++ apache_1.3.34/src/modules/standard/mod_imap.c 2005-12-14 21:06:57 +0100
-@@ -328,7 +328,7 @@
- if (!strcasecmp(value, "referer")) {
- referer = ap_table_get(r->headers_in, "Referer");
- if (referer && *referer) {
-- return ap_pstrdup(r->pool, referer);
-+ return ap_escape_html(r->pool, referer);
- }
- else {
- /* XXX: This used to do *value = '\0'; ... which is totally bogus
-
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/apache/apache.spec
============================================================================
$ cvs diff -u -r1.323 -r1.324 apache.spec
--- openpkg-src/apache/apache.spec 21 Apr 2006 07:08:14 -0000 1.323
+++ openpkg-src/apache/apache.spec 30 Apr 2006 17:36:04 -0000 1.324
@@ -32,7 +32,7 @@
## go with the macro mechanism. But do not try to repeat this!
# package component versions
-%define V_apache 1.3.34
+%define V_apache 1.3.35
%define V_mod_ssl 2.8.25-1.3.34
%define V_mod_perl 1.29
%define V_mod_php 4.4.2
@@ -65,7 +65,7 @@
Group: Web
License: ASF
Version: %{V_apache}
-Release: 20060421
+Release: 20060430
# package options (suexec related)
%option with_suexec yes
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic