head 1.6; access; symbols pkgsrc-2013Q2:1.6.0.8 pkgsrc-2013Q2-base:1.6 pkgsrc-2012Q4:1.6.0.6 pkgsrc-2012Q4-base:1.6 pkgsrc-2011Q4:1.6.0.4 pkgsrc-2011Q4-base:1.6 pkgsrc-2011Q2:1.6.0.2 pkgsrc-2011Q2-base:1.6 pkgsrc-2011Q1:1.5.0.2 pkgsrc-2009Q4:1.4.0.20 pkgsrc-2009Q4-base:1.4 pkgsrc-2008Q4:1.4.0.18 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.16 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.14 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.12 pkgsrc-2008Q2-base:1.4 pkgsrc-2008Q1:1.4.0.10 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.4.0.8 pkgsrc-2007Q4-base:1.4 pkgsrc-2007Q3:1.4.0.6 pkgsrc-2007Q3-base:1.4 pkgsrc-2007Q2:1.4.0.4 pkgsrc-2007Q2-base:1.4 pkgsrc-2007Q1:1.4.0.2 pkgsrc-2007Q1-base:1.4 pkgsrc-2006Q4:1.3.0.12 pkgsrc-2006Q4-base:1.3 pkgsrc-2006Q3:1.3.0.10 pkgsrc-2006Q3-base:1.3 pkgsrc-2006Q2:1.3.0.8 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.3.0.6 pkgsrc-2006Q1-base:1.3 pkgsrc-2005Q4:1.3.0.4 pkgsrc-2005Q4-base:1.3 pkgsrc-2005Q3:1.3.0.2 pkgsrc-2005Q3-base:1.3 pkgsrc-2005Q2:1.2.0.8 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.6 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.4 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.2 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.1.0.6 pkgsrc-2004Q2-base:1.1 pkgsrc-2004Q1:1.1.0.4 pkgsrc-2004Q1-base:1.1 pkgsrc-2003Q4:1.1.0.2 pkgsrc-2003Q4-base:1.1; locks; strict; comment @# @; 1.6 date 2011.05.22.22.41.01; author tron; state dead; branches; next 1.5; 1.5 date 2011.05.20.09.23.15; author drochner; state Exp; branches 1.5.2.1; next 1.4; 1.4 date 2007.01.24.19.46.45; author epg; state dead; branches; next 1.3; 1.3 date 2005.09.21.00.01.01; author tv; state Exp; branches; next 1.2; 1.2 date 2004.09.20.17.13.06; author adrianp; state dead; branches; next 1.1; 1.1 date 2003.05.30.10.14.22; author epg; state Exp; branches; next ; 1.5.2.1 date 2011.05.20.09.23.15; author tron; state dead; branches; next 1.5.2.2; 1.5.2.2 date 2011.05.21.09.02.08; author tron; state Exp; branches; next ; desc @@ 1.6 log @Update "apr" package to version 1.4.5. Change since version 1.4.4: - Security: CVE-2011-1928 apr_fnmatch(): Fix high CPU loop. [William Rowe] - Fix top_builddir in installed apr_rules.mk. [Bojan Smojver] Please note the fix for CVE-2011-1928 was previously already integrated as a patch. @ text @$NetBSD: patch-aa,v 1.5 2011/05/20 09:23:15 drochner Exp $ --- strings/apr_fnmatch.c.orig 2011-05-03 04:51:24.000000000 +0000 +++ strings/apr_fnmatch.c @@@@ -196,7 +196,10 @@@@ APR_DECLARE(int) apr_fnmatch(const char const char *mismatch = NULL; int matchlen = 0; - while (*pattern) + if (*pattern == '*') + goto firstsegment; + + while (*pattern && *string) { /* Match balanced slashes, starting a new segment pattern */ @@@@ -207,6 +210,7 @@@@ APR_DECLARE(int) apr_fnmatch(const char ++string; } +firstsegment: /* At the beginning of each segment, validate leading period behavior. */ if ((flags & APR_FNM_PERIOD) && (*string == '.')) @@@@ -361,9 +365,9 @@@@ APR_DECLARE(int) apr_fnmatch(const char return APR_FNM_NOMATCH; } - /* pattern is at EOS; if string is also, declare success + /* Where both pattern and string are at EOS, declare success */ - if (!*string) + if (!*string && !*pattern) return 0; /* pattern didn't match to the end of string */ @ 1.5 log @add patch from upstream tp fix a regression in the last release which could cause hangs bump PKGREV @ text @d1 1 a1 1 $NetBSD$ @ 1.5.2.1 log @file patch-aa was added on branch pkgsrc-2011Q1 on 2011-05-21 09:02:08 +0000 @ text @d1 36 @ 1.5.2.2 log @Pullup ticket #3436 - requested by drochner devel/apr: security patch Revisions pulled up: - devel/apr/Makefile 1.63 - devel/apr/distinfo 1.31 - devel/apr/patches/patch-aa 1.5 --- Module Name: pkgsrc Committed By: drochner Date: Fri May 20 09:23:16 UTC 2011 Modified Files: pkgsrc/devel/apr: Makefile distinfo Added Files: pkgsrc/devel/apr/patches: patch-aa Log Message: add patch from upstream tp fix a regression in the last release which could cause hangs bump PKGREV @ text @a0 36 $NetBSD$ --- strings/apr_fnmatch.c.orig 2011-05-03 04:51:24.000000000 +0000 +++ strings/apr_fnmatch.c @@@@ -196,7 +196,10 @@@@ APR_DECLARE(int) apr_fnmatch(const char const char *mismatch = NULL; int matchlen = 0; - while (*pattern) + if (*pattern == '*') + goto firstsegment; + + while (*pattern && *string) { /* Match balanced slashes, starting a new segment pattern */ @@@@ -207,6 +210,7 @@@@ APR_DECLARE(int) apr_fnmatch(const char ++string; } +firstsegment: /* At the beginning of each segment, validate leading period behavior. */ if ((flags & APR_FNM_PERIOD) && (*string == '.')) @@@@ -361,9 +365,9 @@@@ APR_DECLARE(int) apr_fnmatch(const char return APR_FNM_NOMATCH; } - /* pattern is at EOS; if string is also, declare success + /* Where both pattern and string are at EOS, declare success */ - if (!*string) + if (!*string && !*pattern) return 0; /* pattern didn't match to the end of string */ @ 1.4 log @devel/apr: Update to 1.2.8 (formerly in devel/apr1), no longer build from the httpd distfile. devel/rapidsvn: devel/subversion-base: parallel/ganglia-monitor-core: security/hydra: www/apache2: Use devel/apr0. www/apache22: Use devel/apr and devel/apr-util. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.3 2005/09/21 00:01:01 tv Exp $ d3 5 a7 3 --- apr/threadproc/unix/signals.c.orig 2005-02-04 15:36:31.000000000 -0500 +++ apr/threadproc/unix/signals.c @@@@ -49,7 +49,7 @@@@ APR_DECLARE(apr_status_t) apr_proc_kill( d9 11 a19 1 #if APR_HAVE_SIGACTION d21 6 a26 7 -#ifdef DARWIN +#if defined(__NetBSD__) || defined(DARWIN) static void avoid_zombies(int signo) { int exit_status; @@@@ -85,7 +85,7 @@@@ APR_DECLARE(apr_sigfunc_t *) apr_signal( act.sa_flags |= SA_NOCLDWAIT; d28 9 a36 6 #endif -#ifdef DARWIN +#if defined(__NetBSD__) || defined(DARWIN) /* ignoring SIGCHLD or leaving the default disposition doesn't avoid zombies, * and there is no SA_NOCLDWAIT flag, so catch the signal and reap status in * the handler to avoid zombies @ 1.3 log @Extend the Darwin avoid_zombies() signal hack to NetBSD, which needs explicit waits as well. Eliminates the CGI zombie problem on NetBSD 2.0+ using the "worker" MPM in Apache 2. @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @- Update apr to 2.0.51 - Fix permissions on installed .h files - ok'ed snj@@, wiz@@ - Thanks to epg@@ for final check This version of Apache is principally a bug fix release. Of particular note is that 2.0.51 addresses five security vulnerabilities: An input validation issue in IPv6 literal address parsing which can result in a negative length parameter being passed to memcpy. [CAN-2004-0786] A buffer overflow in configuration file parsing could allow a local user to gain the privileges of a httpd child if the server can be forced to parse a carefully crafted .htaccess file. [CAN-2004-0747] A segfault in mod_ssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. [CAN-2004-0751] A potential infinite loop in mod_ssl which could be triggered given particular timing of a connection abort. [CAN-2004-0748] A segfault in mod_dav_fs which can be remotely triggered by an indirect lock refresh request. [CAN-2004-0809] For further details, see http://www.apache.org/dist/httpd/Announcement2.html and http://apache.rmplc.co.uk/httpd/CHANGES_2.0. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1 2003/05/30 10:14:22 epg Exp $ d3 3 a5 12 --- apr/apr-config.in.orig Mon Apr 21 09:21:59 2003 +++ apr/apr-config.in @@@@ -143,12 +143,17 @@@@ if test "$tmpbindir" = "$thisdir"; then location=installed elif test "$APR_SOURCE_DIR" = "$thisdir"; then location=source +elif echo "$thisdir" | grep buildlink > /dev/null 2>&1; then + location=buildlink + BUILDLINK_DIR="`dirname $thisdir`" else location=build fi d7 16 a22 34 if test "$location" = "installed"; then LA_FILE="$libdir/lib${APR_LIBNAME}.la" +elif test "$location" = "buildlink"; then + LA_FILE="$BUILDLINK_DIR/lib/lib${APR_LIBNAME}.la" else LA_FILE="$thisdir/lib${APR_LIBNAME}.la" fi @@@@ -180,6 +185,8 @@@@ while test $# -gt 0; do flags="$includedir" elif test "$location" = "source"; then flags="$APR_SOURCE_DIR/include" + elif test "$location" = "buildlink"; then + flags="$BUILDLINK_DIR/include/apr-${APR_MAJOR_VERSION}" else # this is for VPATH builds flags="$thisdir/include $APR_SOURCE_DIR/include" @@@@ -212,6 +219,8 @@@@ while test $# -gt 0; do flags="$flags -I$includedir $EXTRA_INCLUDES" elif test "$location" = "source"; then flags="$flags -I$APR_SOURCE_DIR/include $EXTRA_INCLUDES" + elif test "$location" = "buildlink"; then + flags="$flags -I$BUILDLINK_DIR/include/apr-${APR_MAJOR_VERSION} $EXTRA_INCLUDES" else # this is for VPATH builds flags="$flags -I$thisdir/include -I$APR_SOURCE_DIR/include $EXTRA_INCLUDES" @@@@ -222,7 +231,7 @@@@ while test $# -gt 0; do exit 0 ;; --installbuilddir) - if test "$location" = "installed"; then + if test "$location" = "installed" || test "$location" = "buildlink"; then echo "${installbuilddir}" elif test "$location" = "source"; then echo "$APR_SOURCE_DIR/build" @ 1.1 log @Fix apr-config and apu-config scripts when run from ${BUILDLINK_DIR}/bin. This may help fix ap2-perl, but won't help ap2-php4. @ text @d1 1 a1 1 $NetBSD$ @