packages: apache/apache.spec, apache/PR46949.diff (NEW), apache/TODO (NEW) ...

blues blues at pld-linux.org
Mon May 25 13:16:16 CEST 2009 

Author: blues                        Date: Mon May 25 11:16:16 2009 GMT
Module: packages                      Tag: HEAD
---- Log message:
- rel. 11 - official PR46949 patch added - fixes CVE-2009-1191

---- Files affected:
packages/apache:
   apache.spec (1.562 -> 1.563) , PR46949.diff (NONE -> 1.1)  (NEW), TODO (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/apache/apache.spec
diff -u packages/apache/apache.spec:1.562 packages/apache/apache.spec:1.563
--- packages/apache/apache.spec:1.562	Sun May  3 14:22:04 2009
+++ packages/apache/apache.spec	Mon May 25 13:16:11 2009
@@ -1,19 +1,4 @@
 # $Revision$, $Date$
-# TODO:
-# - config examples for mod_*
-# - --with-suexec-uidmin=500 or =1000 ?
-# - subpackages for MPMs
-# - !!!check if all modules (*.so) are exactly the same for different MPMs
-# - check those autn modules inner deps
-# - for external packages: don't use any apache module name in dep as they
-#   differ for apache 1.3/2.0/2.2!? any better ideas? rpm Suggests: tags?
-# - for mod_auth_* modules require each auth module to require virtual authn so at least *_default is chosen?
-# - same for mod_authz
-# - mod_auth_digest and mod_auth_basic R: apache(authn) ?
-# - drop mod_case_filter* or find summary and description for them
-# - build modules only once (not with each mpm)
-# - FYI: http://wiki.apache.org/httpd/InternalDummyConnection
-
 # Conditional build:
 %bcond_without	ssl		# build without SSL support
 %bcond_without	ldap		# build without LDAP support
@@ -35,7 +20,7 @@
 Summary(tr.UTF-8):	Lider WWW tarayıcı
 Name:		apache
 Version:	2.2.11
-Release:	10
+Release:	11
 License:	Apache v2.0
 Group:		Networking/Daemons/HTTP
 Source0:	http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
@@ -90,6 +75,9 @@
 Patch24:	%{name}-revert-bug-40463.patch
 Patch25:	%{name}-prefork-graceful-fix.patch
 Patch26:	%{name}-pollset-segv.patch
+# Official patches
+# http://www.apache.org/dist/httpd/patches/apply_to_2.2.11/
+Patch27:	PR46949.diff
 URL:		http://httpd.apache.org/
 BuildRequires:	apr-devel >= 1:1.2
 BuildRequires:	apr-util-devel >= 1:1.3
@@ -1744,6 +1732,7 @@
 %patch24 -p1
 %patch25 -p0
 %patch26 -p0
+%patch27 -p0
 
 # using system apr, apr-util and pcre
 rm -rf srclib/{apr,apr-util,pcre}
@@ -2722,6 +2711,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.563  2009/05/25 11:16:11  blues
+- rel. 11 - official PR46949 patch added - fixes CVE-2009-1191
+
 Revision 1.562  2009/05/03 12:22:04  arekm
 - rel 10; drop unmaintained/buggy peruser mpm
 

================================================================
Index: packages/apache/PR46949.diff
diff -u /dev/null packages/apache/PR46949.diff:1.1
--- /dev/null	Mon May 25 13:16:16 2009
+++ packages/apache/PR46949.diff	Mon May 25 13:16:11 2009
@@ -0,0 +1,37 @@
+Index: modules/proxy/mod_proxy_ajp.c
+===================================================================
+--- modules/proxy/mod_proxy_ajp.c	(Revision 763379)
++++ modules/proxy/mod_proxy_ajp.c	(Arbeitskopie)
+@@ -307,21 +307,17 @@
+                          "proxy: read zero bytes, expecting"
+                          " %" APR_OFF_T_FMT " bytes",
+                          content_length);
+-            status = ajp_send_data_msg(conn->sock, msg, 0);
+-            if (status != APR_SUCCESS) {
+-                /* We had a failure: Close connection to backend */
+-                conn->close++;
+-                ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
+-                            "proxy: send failed to %pI (%s)",
+-                            conn->worker->cp->addr,
+-                            conn->worker->hostname);
+-                return HTTP_INTERNAL_SERVER_ERROR;
+-            }
+-            else {
+-                /* Client send zero bytes with C-L > 0
+-                 */
+-                return HTTP_BAD_REQUEST;
+-            }
++            /*
++             * We can only get here if the client closed the connection
++             * to us without sending the body.
++             * Now the connection is in the wrong state on the backend.
++             * Sending an empty data msg doesn't help either as it does
++             * not move this connection to the correct state on the backend
++             * for later resusage by the next request again.
++             * Close it to clean things up.
++             */
++            conn->close++;
++            return HTTP_BAD_REQUEST;
+         }
+     }
+ 

================================================================
Index: packages/apache/TODO
diff -u /dev/null packages/apache/TODO:1.1
--- /dev/null	Mon May 25 13:16:17 2009
+++ packages/apache/TODO	Mon May 25 13:16:11 2009
@@ -0,0 +1,17 @@
+# TODO:
+- config examples for mod_*
+- --with-suexec-uidmin=500 or =1000 ?
+- subpackages for MPMs
+- !!!check if all modules (*.so) are exactly the same for different MPMs
+- check those autn modules inner deps
+- for external packages: don't use any apache module name in dep as they
+  differ for apache 1.3/2.0/2.2!? any better ideas? rpm Suggests: tags?
+- for mod_auth_* modules require each auth module to require virtual authn so at least *_default
+  is chosen?
+- same for mod_authz
+- mod_auth_digest and mod_auth_basic R: apache(authn) ?
+- drop mod_case_filter* or find summary and description for them
+- build modules only once (not with each mpm)
+- FYI: http://wiki.apache.org/httpd/InternalDummyConnection
+
+
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/apache/apache.spec?r1=1.562&r2=1.563&f=u

More information about the pld-cvs-commit mailing list