diff options
| author | Ryan Steinmetz <zi@FreeBSD.org> | 2017-09-19 12:21:17 +0000 |
|---|---|---|
| committer | Ryan Steinmetz <zi@FreeBSD.org> | 2017-09-19 12:21:17 +0000 |
| commit | 7a2f0c11825cc7ba5864a099bdd33f3290d4d75a (patch) | |
| tree | e076a108c2686c3d13f65529029e9073f13d560c /www/apache24 | |
| parent | 3bc72e930fc9cef9a20c3d0d791ab70061078504 (diff) | |
| download | ports-7a2f0c11825cc7ba5864a099bdd33f3290d4d75a.tar.gz ports-7a2f0c11825cc7ba5864a099bdd33f3290d4d75a.zip | |
- Add upstream commit for CVE-2017-9798
- Bump PORTREVISION
Security: 76b085e2-9d33-11e7-9260-000c292ee6b8
Notes
Notes:
svn path=/head/; revision=450116
Diffstat (limited to 'www/apache24')
| -rw-r--r-- | www/apache24/Makefile | 1 | ||||
| -rw-r--r-- | www/apache24/files/patch-CVE-2017-9798 | 15 |
2 files changed, 16 insertions, 0 deletions
diff --git a/www/apache24/Makefile b/www/apache24/Makefile index 67cc6658c6ee..557d8028bf89 100644 --- a/www/apache24/Makefile +++ b/www/apache24/Makefile @@ -2,6 +2,7 @@ PORTNAME= apache24 PORTVERSION= 2.4.27 +PORTREVISION= 1 CATEGORIES= www ipv6 MASTER_SITES= APACHE_HTTPD DISTNAME= httpd-${PORTVERSION} diff --git a/www/apache24/files/patch-CVE-2017-9798 b/www/apache24/files/patch-CVE-2017-9798 new file mode 100644 index 000000000000..260012f7277f --- /dev/null +++ b/www/apache24/files/patch-CVE-2017-9798 @@ -0,0 +1,15 @@ +--- server/core.c 2017/08/16 16:50:29 1805223 ++++ server/core.c 2017/09/08 13:13:11 1807754 +@@ -2266,6 +2266,12 @@ + /* method has not been registered yet, but resource restriction + * is always checked before method handling, so register it. + */ ++ if (cmd->pool == cmd->temp_pool) { ++ /* In .htaccess, we can't globally register new methods. */ ++ return apr_psprintf(cmd->pool, "Could not register method '%s' " ++ "for %s from .htaccess configuration", ++ method, cmd->cmd->name); ++ } + methnum = ap_method_register(cmd->pool, + apr_pstrdup(cmd->pool, method)); + } |