head 1.10;
access;
symbols
pkgsrc-2014Q1:1.9.0.38
pkgsrc-2014Q1-base:1.9
pkgsrc-2013Q4:1.9.0.36
pkgsrc-2013Q4-base:1.9
pkgsrc-2013Q3:1.9.0.34
pkgsrc-2013Q3-base:1.9
pkgsrc-2013Q2:1.9.0.32
pkgsrc-2013Q2-base:1.9
pkgsrc-2013Q1:1.9.0.30
pkgsrc-2013Q1-base:1.9
pkgsrc-2012Q4:1.9.0.28
pkgsrc-2012Q4-base:1.9
pkgsrc-2012Q3:1.9.0.26
pkgsrc-2012Q3-base:1.9
pkgsrc-2012Q2:1.9.0.24
pkgsrc-2012Q2-base:1.9
pkgsrc-2012Q1:1.9.0.22
pkgsrc-2012Q1-base:1.9
pkgsrc-2011Q4:1.9.0.20
pkgsrc-2011Q4-base:1.9
pkgsrc-2011Q3:1.9.0.18
pkgsrc-2011Q3-base:1.9
pkgsrc-2011Q2:1.9.0.16
pkgsrc-2011Q2-base:1.9
pkgsrc-2011Q1:1.9.0.14
pkgsrc-2011Q1-base:1.9
pkgsrc-2010Q4:1.9.0.12
pkgsrc-2010Q4-base:1.9
pkgsrc-2010Q3:1.9.0.10
pkgsrc-2010Q3-base:1.9
pkgsrc-2010Q2:1.9.0.8
pkgsrc-2010Q2-base:1.9
pkgsrc-2010Q1:1.9.0.6
pkgsrc-2010Q1-base:1.9
pkgsrc-2009Q4:1.9.0.4
pkgsrc-2009Q4-base:1.9
pkgsrc-2009Q3:1.9.0.2
pkgsrc-2009Q3-base:1.9
pkgsrc-2008Q4:1.8.0.10
pkgsrc-2008Q4-base:1.8
pkgsrc-2008Q3:1.8.0.8
pkgsrc-2008Q3-base:1.8
cube-native-xorg:1.8.0.6
cube-native-xorg-base:1.8
pkgsrc-2008Q2:1.8.0.4
pkgsrc-2008Q2-base:1.8
pkgsrc-2008Q1:1.8.0.2
pkgsrc-2008Q1-base:1.8
pkgsrc-2007Q4:1.7.0.6
pkgsrc-2007Q4-base:1.7
pkgsrc-2007Q3:1.7.0.4
pkgsrc-2007Q3-base:1.7
pkgsrc-2007Q2:1.7.0.2
pkgsrc-2007Q2-base:1.7
pkgsrc-2007Q1:1.4.0.24
pkgsrc-2007Q1-base:1.4
pkgsrc-2006Q4:1.4.0.22
pkgsrc-2006Q4-base:1.4
pkgsrc-2006Q3:1.4.0.20
pkgsrc-2006Q3-base:1.4
pkgsrc-2006Q2:1.4.0.18
pkgsrc-2006Q2-base:1.4
pkgsrc-2006Q1:1.4.0.16
pkgsrc-2006Q1-base:1.4
pkgsrc-2005Q4:1.4.0.14
pkgsrc-2005Q4-base:1.4
pkgsrc-2005Q3:1.4.0.12
pkgsrc-2005Q3-base:1.4
pkgsrc-2005Q2:1.4.0.10
pkgsrc-2005Q2-base:1.4
pkgsrc-2005Q1:1.4.0.8
pkgsrc-2005Q1-base:1.4
pkgsrc-2004Q4:1.4.0.6
pkgsrc-2004Q4-base:1.4
pkgsrc-2004Q3:1.4.0.4
pkgsrc-2004Q3-base:1.4
pkgsrc-2004Q2:1.4.0.2
pkgsrc-2004Q2-base:1.4
pkgsrc-2004Q1:1.2.0.4
pkgsrc-2004Q1-base:1.2
pkgsrc-2003Q4:1.2.0.2
pkgsrc-2003Q4-base:1.2;
locks; strict;
comment @# @;
1.10
date 2014.06.10.15.22.18; author joerg; state dead;
branches;
next 1.9;
commitid djgMkPoOrhNxnZDx;
1.9
date 2009.07.25.19.55.11; author roy; state Exp;
branches;
next 1.8;
1.8
date 2008.02.23.05.16.34; author obache; state dead;
branches;
next 1.7;
1.7
date 2007.06.28.01.24.39; author lkundrak; state Exp;
branches;
next 1.6;
1.6
date 2007.06.28.00.43.36; author lkundrak; state Exp;
branches;
next 1.5;
1.5
date 2007.06.28.00.38.01; author lkundrak; state Exp;
branches;
next 1.4;
1.4
date 2004.05.13.11.39.10; author taca; state dead;
branches;
next 1.3;
1.3
date 2004.04.26.20.06.58; author jlam; state Exp;
branches;
next 1.2;
1.2
date 2003.11.02.05.36.56; author grant; state dead;
branches;
next 1.1;
1.1
date 2003.10.29.10.44.28; author cube; state Exp;
branches;
next ;
desc
@@
1.10
log
@Retire Apache 1.3 and 2.0.
@
text
@$NetBSD: patch-as,v 1.9 2009/07/25 19:55:11 roy Exp $
Avoid collision with system getline(3).
--- src/support/htpasswd.c.orig 2009-07-25 20:50:15.000000000 +0100
+++ src/support/htpasswd.c 2009-07-25 20:50:27.000000000 +0100
@@@@ -98,7 +98,7 @@@@
* Get a line of input from the user, not including any terminating
* newline.
*/
-static int getline(char *s, int n, FILE *f)
+static int get_line(char *s, int n, FILE *f)
{
register int i = 0;
@@@@ -547,7 +547,7 @@@@
char scratch[MAX_STRING_LEN];
fpw = fopen(pwfilename, "r");
- while (! (getline(line, sizeof(line), fpw))) {
+ while (! (get_line(line, sizeof(line), fpw))) {
char *colon;
if ((line[0] == '#') || (line[0] == '\0')) {
@
1.9
log
@Avoid collision with system getline(3).
@
text
@d1 1
a1 1
$NetBSD$
@
1.8
log
@Update apache to 1.3.41.
Changes with Apache 1.3.41
*) SECURITY: CVE-2007-6388 (cve.mitre.org)
mod_status: Ensure refresh parameter is numeric to prevent
a possible XSS attack caused by redirecting to other URLs.
Reported by SecurityReason. [Mark Cox]
Changes with Apache 1.3.40 (not released)
*) SECURITY: CVE-2007-5000 (cve.mitre.org)
mod_imap: Fix cross-site scripting issue. Reported by JPCERT.
[Joe Orton]
*) SECURITY: CVE-2007-3847 (cve.mitre.org)
mod_proxy: Prevent reading past the end of a buffer when parsing
date-related headers. PR 41144.
With Apache 1.3, the denial of service vulnerability applies only
to the Windows and NetWare platforms.
[Jeff Trawick]
*) More efficient implementation of the CVE-2007-3304 PID table
patch. This fixes issues with excessive memory usage by the
parent process if long-running and with a high number of child
process forks during that timeframe. Also fixes bogus "Bad pid"
errors. [Jim Jagielski, Jeff Trawick]
Changes with Apache 1.3.39
*) SECURITY: CVE-2006-5752 (cve.mitre.org)
mod_status: Fix a possible XSS attack against a site with a public
server-status page and ExtendedStatus enabled, for browsers which
perform charset "detection". Reported by Stefan Esser. [Joe Orton]
*) SECURITY: CVE-2007-3304 (cve.mitre.org)
Ensure that the parent process cannot be forced to kill non-child
processes by checking scoreboard PID data with parent process
privately stored PID data. [Jim Jagielski]
*) mime.types: Many updates to sync with IANA registry and common
unregistered types that the owners refuse to register. Admins
are encouraged to update their installed mime.types file.
pr: 35550, 37798, 39317, 31483 [Roy T. Fielding]
There was no Apache 1.3.38
@
text
@d1 1
a1 1
$NetBSD: patch-as,v 1.7 2007/06/28 01:24:39 lkundrak Exp $
d3 1
a3 1
Fix for CVE-2006-5752 XSS in mod_status with ExtendedStatus on.
d5 10
a14 5
--- src/modules/standard/mod_status.c.orig 2007-06-28 02:39:31.000000000 +0200
+++ src/modules/standard/mod_status.c 2007-06-28 02:44:25.000000000 +0200
@@@@ -221,7 +221,7 @@@@ static int status_handler(request_rec *r
if (r->method_number != M_GET)
return DECLINED;
d16 2
a17 2
- r->content_type = "text/html";
+ r->content_type = "text/html; charset=ISO-8859-1";
d19 6
a24 37
/*
* Simple table-driven form data set parser that lets you alter the header
@@@@ -247,7 +247,7 @@@@ static int status_handler(request_rec *r
no_table_report = 1;
break;
case STAT_OPT_AUTO:
- r->content_type = "text/plain";
+ r->content_type = "text/plain; charset=ISO-8859-1";
short_report = 1;
break;
}
@@@@ -591,7 +591,7 @@@@ static int status_handler(request_rec *r
ap_rputs(")\n", r);
ap_rprintf(r, " %s {%s} [%s]
\n\n",
ap_escape_html(r->pool, score_record.client),
- ap_escape_html(r->pool, score_record.request),
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)),
vhost ? ap_escape_html(r->pool,
vhost->server_hostname) : "(unavailable)");
}
@@@@ -686,14 +686,14 @@@@ static int status_handler(request_rec *r
"\n\n",
score_record.client,
vhost ? vhost->server_hostname : "(unavailable)",
- ap_escape_html(r->pool, score_record.request));
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)));
#else
ap_rprintf(r,
"%s | %s | %s\n\n",
ap_escape_html(r->pool, score_record.client),
vhost ? ap_escape_html(r->pool,
vhost->server_hostname) : "(unavailable)",
- ap_escape_html(r->pool, score_record.request));
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)));
#endif
} /* no_table_report */
} /* !short_report */
@
1.7
log
@Description for one patch referred to incorrect issue, the other patch
lacked ending semicolons.
@
text
@d1 1
a1 1
$NetBSD: patch-as,v 1.6 2007/06/28 00:43:36 lkundrak Exp $
@
1.6
log
@Add some descriptions to security patches.
@
text
@d1 1
a1 1
$NetBSD: patch-as,v 1.5 2007/06/28 00:38:01 lkundrak Exp $
d39 1
a39 1
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)))
d47 1
a47 1
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)))
@
1.5
log
@Fixing two possible security vulnerabilities:
CVE-2006-5752 XSS in mod_status with ExtendedStatus on
CVE-2007-3304 Remote DoS if MPM and mod_cache enabled
bumping PKGREVISION
@
text
@d1 3
a3 1
$NetBSD$
@
1.4
log
@Update apache package to 1.3.31.
Apache 1.3.31 Major changes
Security vulnerabilities
* CAN-2003-0987 (cve.mitre.org)
In mod_digest, verify whether the nonce returned in the client
response is one we issued ourselves. This problem does not affect
mod_auth_digest.
* CAN-2003-0020 (cve.mitre.org)
Escape arbitrary data before writing into the errorlog.
* CAN-2004-0174 (cve.mitre.org)
Fix starvation issue on listening sockets where a short-lived
connection on a rarely-accessed listening socket will cause a
child to hold the accept mutex and block out new connections until
another connection arrives on that rarely-accessed listening socket.
* CAN-2003-0993 (cve.mitre.org)
Fix parsing of Allow/Deny rules using IP addresses without a
netmask; issue is only known to affect big-endian 64-bit
platforms
New features
New features that relate to specific platforms:
* Linux 2.4+: If Apache is started as root and you code
CoreDumpDirectory, core dumps are enabled via the prctl() syscall.
New features that relate to all platforms:
* Add mod_whatkilledus and mod_backtrace (experimental) for
reporting diagnostic information after a child process crash.
* Add fatal exception hook for running diagnostic code after a
crash.
* Forensic logging module added (mod_log_forensic)
* '%X' is now accepted as an alias for '%c' in the
LogFormat directive. This allows you to configure logging
to still log the connection status even with mod_ssl
Bugs fixed
The following noteworthy bugs were found in Apache 1.3.29 (or earlier)
and have been fixed in Apache 1.3.31:
* Fix memory corruption problem with ap_custom_response() function.
The core per-dir config would later point to request pool data
that would be reused for different purposes on different requests.
* mod_usertrack no longer inspects the Cookie2 header for
the cookie name. It also no longer overwrites other cookies.
* Fix bug causing core dump when using CookieTracking without
specifying a CookieName directly.
* UseCanonicalName off was ignoring the client provided
port information.
@
text
@d1 1
a1 1
$NetBSD: patch-as,v 1.3 2004/04/26 20:06:58 jlam Exp $
d3 5
a7 5
--- src/modules/standard/mod_auth_db.c.orig Mon Feb 3 12:13:27 2003
+++ src/modules/standard/mod_auth_db.c
@@@@ -170,7 +170,10 @@@@ static char *get_db_pw(request_rec *r, c
q.data = user;
q.size = strlen(q.data);
d9 40
a48 8
-#if defined(DB3) || defined(DB4)
+#if defined(DB4)
+ if ( db_create(&f, NULL, 0) != 0
+ || f->open(f, NULL, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664) != 0) {
+#elif defined(DB3)
if ( db_create(&f, NULL, 0) != 0
|| f->open(f, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664) != 0) {
#elif defined(DB2)
@
1.3
log
@Convert to use bdb.buildlink3.mk and fix sources so that we can use db4.
@
text
@d1 1
a1 1
$NetBSD$
@
1.2
log
@Updated apache to 1.3.29.
Major changes since 1.3.28:
Security vulnerabilities
* CAN-2003-0542 (cve.mitre.org)
Fix buffer overflows in mod_alias and mod_rewrite which occurred if
one configured a regular expression with more than 9 captures.
Bugs fixed
The following noteworthy bugs were found in Apache 1.3.28 (or earlier)
and have been fixed in Apache 1.3.29:
* Within ap_bclose(), ap_pclosesocket() is now called
* consistently
for sockets and ap_pclosef() for files. Also, closesocket()
is used consistenly to close socket fd's. The previous
confusion between socket and file fd's would cause problems
with some applications now that we proactively close fd's to
prevent leakage.
* Fixed mod_usertrack to not get false positive matches on the
user-tracking cookie's name.
* Prevent creation of subprocess Zombies when using CGI wrappers
such as suEXEC and cgiwrap.
@
text
@d1 1
a1 1
$NetBSD: patch-as,v 1.1 2003/10/29 10:44:28 cube Exp $
d3 5
a7 5
--- src/include/httpd.h.orig 2003-10-29 09:28:40.000000000 +0100
+++ src/include/httpd.h
@@@@ -291,6 +291,9 @@@@ extern "C" {
/* The size of the server's internal read-write buffers */
#define IOBUFSIZE 8192
d9 8
a16 6
+/* The max number of regex captures that can be expanded by ap_pregsub */
+#define AP_MAX_REG_MATCH 10
+
/* Number of servers to spawn off by default --- also, if fewer than
* this free when the caretaker checks, it will spawn more.
*/
@
1.1
log
@Import security fix from 1.3.29 distribution for a buffer overflow in
mod_rewrite and mod_alias, referenced CAN-2003-0542. Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@
|