aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLev A. Serebryakov <lev@FreeBSD.org>2006-01-03 17:31:56 +0000
committerLev A. Serebryakov <lev@FreeBSD.org>2006-01-03 17:31:56 +0000
commit8037e4bd2a4f975251832c37e2bd6d080c2d43ad (patch)
tree560cfb55ebb89a2d6b584cfa95f55e6954f9f1f1
parent92480f1db34288cbac02a5b0b0b28c6114e63951 (diff)
downloadports-8037e4bd2a4f975251832c37e2bd6d080c2d43ad.tar.gz
ports-8037e4bd2a4f975251832c37e2bd6d080c2d43ad.zip
Notes
-rw-r--r--russian/apache13-modssl/Makefile1
-rw-r--r--russian/apache13-modssl/files/patch-secfix-CAN-2005-335235
2 files changed, 36 insertions, 0 deletions
diff --git a/russian/apache13-modssl/Makefile b/russian/apache13-modssl/Makefile
index fd6f9dca2a26..40d2e8e25888 100644
--- a/russian/apache13-modssl/Makefile
+++ b/russian/apache13-modssl/Makefile
@@ -7,6 +7,7 @@
PORTNAME= apache+mod_ssl
PORTVERSION= ${VERSION_APACHE}+${VERSION_RA}+${VERSION_MODSSL}
+PORTREVISION?= 1
CATEGORIES= russian www security
MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} \
${MASTER_SITES_MODSSL:S/$/:modssl/} \
diff --git a/russian/apache13-modssl/files/patch-secfix-CAN-2005-3352 b/russian/apache13-modssl/files/patch-secfix-CAN-2005-3352
new file mode 100644
index 000000000000..8febc0e58935
--- /dev/null
+++ b/russian/apache13-modssl/files/patch-secfix-CAN-2005-3352
@@ -0,0 +1,35 @@
+--- src/main/util.c (original)
++++ src/main/util.c Mon Dec 12 08:36:54 2005
+@@ -1722,6 +1722,8 @@
+ j += 3;
+ else if (s[i] == '&')
+ j += 4;
++ else if (s[i] == '"')
++ j += 5;
+
+ if (j == 0)
+ return ap_pstrndup(p, s, i);
+@@ -1739,6 +1741,10 @@
+ else if (s[i] == '&') {
+ memcpy(&x[j], "&amp;", 5);
+ j += 4;
++ }
++ else if (s[i] == '"') {
++ memcpy(&x[j], "&quot;", 6);
++ j += 5;
+ }
+ else
+ x[j] = s[i];
+
+--- src/modules/standard/mod_imap.c (original)
++++ src/modules/standard/mod_imap.c Mon Dec 12 08:36:54 2005
+@@ -328,7 +328,7 @@
+ if (!strcasecmp(value, "referer")) {
+ referer = ap_table_get(r->headers_in, "Referer");
+ if (referer && *referer) {
+- return ap_pstrdup(r->pool, referer);
++ return ap_escape_html(r->pool, referer);
+ }
+ else {
+ /* XXX: This used to do *value = '\0'; ... which is totally bogus
+