diff options
author | Lev A. Serebryakov <lev@FreeBSD.org> | 2006-01-03 17:31:56 +0000 |
---|---|---|
committer | Lev A. Serebryakov <lev@FreeBSD.org> | 2006-01-03 17:31:56 +0000 |
commit | 8037e4bd2a4f975251832c37e2bd6d080c2d43ad (patch) | |
tree | 560cfb55ebb89a2d6b584cfa95f55e6954f9f1f1 | |
parent | 92480f1db34288cbac02a5b0b0b28c6114e63951 (diff) | |
download | ports-8037e4bd2a4f975251832c37e2bd6d080c2d43ad.tar.gz ports-8037e4bd2a4f975251832c37e2bd6d080c2d43ad.zip |
Notes
-rw-r--r-- | russian/apache13-modssl/Makefile | 1 | ||||
-rw-r--r-- | russian/apache13-modssl/files/patch-secfix-CAN-2005-3352 | 35 |
2 files changed, 36 insertions, 0 deletions
diff --git a/russian/apache13-modssl/Makefile b/russian/apache13-modssl/Makefile index fd6f9dca2a26..40d2e8e25888 100644 --- a/russian/apache13-modssl/Makefile +++ b/russian/apache13-modssl/Makefile @@ -7,6 +7,7 @@ PORTNAME= apache+mod_ssl PORTVERSION= ${VERSION_APACHE}+${VERSION_RA}+${VERSION_MODSSL} +PORTREVISION?= 1 CATEGORIES= russian www security MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} \ ${MASTER_SITES_MODSSL:S/$/:modssl/} \ diff --git a/russian/apache13-modssl/files/patch-secfix-CAN-2005-3352 b/russian/apache13-modssl/files/patch-secfix-CAN-2005-3352 new file mode 100644 index 000000000000..8febc0e58935 --- /dev/null +++ b/russian/apache13-modssl/files/patch-secfix-CAN-2005-3352 @@ -0,0 +1,35 @@ +--- src/main/util.c (original) ++++ src/main/util.c Mon Dec 12 08:36:54 2005 +@@ -1722,6 +1722,8 @@ + j += 3; + else if (s[i] == '&') + j += 4; ++ else if (s[i] == '"') ++ j += 5; + + if (j == 0) + return ap_pstrndup(p, s, i); +@@ -1739,6 +1741,10 @@ + else if (s[i] == '&') { + memcpy(&x[j], "&", 5); + j += 4; ++ } ++ else if (s[i] == '"') { ++ memcpy(&x[j], """, 6); ++ j += 5; + } + else + x[j] = s[i]; + +--- src/modules/standard/mod_imap.c (original) ++++ src/modules/standard/mod_imap.c Mon Dec 12 08:36:54 2005 +@@ -328,7 +328,7 @@ + if (!strcasecmp(value, "referer")) { + referer = ap_table_get(r->headers_in, "Referer"); + if (referer && *referer) { +- return ap_pstrdup(r->pool, referer); ++ return ap_escape_html(r->pool, referer); + } + else { + /* XXX: This used to do *value = '\0'; ... which is totally bogus + |