diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2010-02-04 06:10:46 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2010-02-04 06:10:46 +0000 |
| commit | 59e271526a755dc318f7c3dcf97d06cf69ddf9ee (patch) | |
| tree | 6a34d41dabe8b1756a996cf8f16905ede496bbf5 | |
| parent | be214df06e27a22a48e32474194265515bb58231 (diff) | |
Notes
| -rw-r--r-- | www/apache13-modssl/Makefile | 4 | ||||
| -rw-r--r-- | www/apache13-modssl/files/CVE-2010-0010.patch | 33 | ||||
| -rw-r--r-- | www/apache13-modssl/files/logresolve.c.patch | 12 |
3 files changed, 48 insertions, 1 deletions
diff --git a/www/apache13-modssl/Makefile b/www/apache13-modssl/Makefile index a3dadbe4a670..f1e6fae883bb 100644 --- a/www/apache13-modssl/Makefile +++ b/www/apache13-modssl/Makefile @@ -7,7 +7,7 @@ PORTNAME= apache+mod_ssl PORTVERSION= ${VERSION_APACHE}+${VERSION_MODSSL} -PORTREVISION?= 1 +PORTREVISION?= 2 CATEGORIES?= www security MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} \ ${MASTER_SITES_MODSSL:S/$/:mod_ssl/} \ @@ -280,6 +280,8 @@ CONFIGURE_ARGS+= --enable-rule=INET6 PLIST_SUB+= WITHIPV6="" PLIST_FILES+= include/apache/sa_len.h \ include/apache/sockaddr_storage.h +.else +EXTRA_PATCHES+= ${FILESDIR}/logresolve.c.patch .endif .if defined(WITH_APACHE_LATESTLOG) diff --git a/www/apache13-modssl/files/CVE-2010-0010.patch b/www/apache13-modssl/files/CVE-2010-0010.patch new file mode 100644 index 000000000000..c9ea4382bcb2 --- /dev/null +++ b/www/apache13-modssl/files/CVE-2010-0010.patch @@ -0,0 +1,33 @@ +diff -urN apache_1.3.41/src/main/buff.c src/main/buff.c +--- apache_1.3.41/src/main/buff.c 2006-07-12 10:16:05.000000000 +0200 ++++ src/main/buff.c 2010-01-07 11:28:00.000000000 +0100 +@@ -737,7 +737,7 @@ + { + int i, nrd; + +- if (fb->flags & B_RDERR) ++ if (fb->flags & B_RDERR || nbyte < 0) + return -1; + if (nbyte == 0) + return 0; +@@ -1258,7 +1258,7 @@ + static int csize = 0; + #endif /*CHARSET_EBCDIC*/ + +- if (fb->flags & (B_WRERR | B_EOUT)) ++ if (fb->flags & (B_WRERR | B_EOUT) || nbyte < 0) + return -1; + if (nbyte == 0) + return 0; +diff -urN apache_1.3.41/src/modules/proxy/proxy_util.c src/modules/proxy/proxy_util.c +--- apache_1.3.41/src/modules/proxy/proxy_util.c 2007-10-30 20:17:03.000000000 +0100 ++++ src/modules/proxy/proxy_util.c 2010-01-07 11:28:00.000000000 +0100 +@@ -507,7 +507,7 @@ + + /* read the chunk */ + if (remaining > 0) { +- n = ap_bread(f, buf, MIN((int)buf_size, (int)remaining)); ++ n = ap_bread(f, buf, (int) MIN(buf_size, remaining)); + if (n > -1) { + remaining -= n; + end_of_chunk = (remaining == 0); diff --git a/www/apache13-modssl/files/logresolve.c.patch b/www/apache13-modssl/files/logresolve.c.patch new file mode 100644 index 000000000000..04aaf2e5526e --- /dev/null +++ b/www/apache13-modssl/files/logresolve.c.patch @@ -0,0 +1,12 @@ +diff -urN apache_1.3.41/src/support/logresolve.c src/support/logresolve.c +--- apache_1.3.41/src/support/logresolve.c 2006-07-12 10:16:05.000000000 +0200 ++++ src/support/logresolve.c 2008-10-06 16:29:12.000000000 +0200 +@@ -165,7 +165,7 @@ + + hostdata = gethostbyaddr((const char *) &ipnum, sizeof(struct in_addr), + AF_INET); +- if (hostdata == NULL) { ++ if (hostdata == NULL || !hostdata->h_name || !*hostdata->h_name) { + if (h_errno > MAX_ERR) + errors[UNKNOWN_ERR]++; + else |