SPECS: apache.spec - fix for a byterange handling bug that could c...

adamg adamg at pld-linux.org
Thu Aug 25 11:08:36 CEST 2005 

Author: adamg                        Date: Thu Aug 25 09:08:36 2005 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- fix for a byterange handling bug that could cause a DoS
- release 5

---- Files affected:
SPECS:
   apache.spec (1.404 -> 1.405) 

---- Diffs:

================================================================
Index: SPECS/apache.spec
diff -u SPECS/apache.spec:1.404 SPECS/apache.spec:1.405
--- SPECS/apache.spec:1.404	Thu Aug 25 08:09:20 2005
+++ SPECS/apache.spec	Thu Aug 25 11:08:30 2005
@@ -1,6 +1,5 @@
 # $Revision$, $Date$
 # TODO:
-# - security http://security.gentoo.org/glsa/glsa-200508-15.xml
 # - mod_case_filter
 # - mod_case_filter_in
 # - mod_optional_fn_{export,import}
@@ -37,7 +36,7 @@
 Summary(tr):	Lider WWW tarayýcý
 Name:		apache
 Version:	2.0.54
-Release:	4
+Release:	5
 License:	Apache Group License
 Group:		Networking/Daemons
 Source0:	http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
@@ -91,6 +90,8 @@
 Patch23:	%{name}-normalize-path.patch
 # http://issues.apache.org/bugzilla/attachment.cgi?id=13377 external pcre
 Patch24:	%{name}2-pcre-patch.diff
+# http://issues.apache.org/bugzilla/attachment.cgi?id=16102 DoS
+Patch25:	%{name}2-byterange.patch
 URL:		http://httpd.apache.org/
 BuildRequires:	automake
 BuildRequires:	apr-devel >= 1:1.0.0
@@ -775,6 +776,7 @@
 %patch22 -p1
 %patch23 -p1
 %{?with_external_pcre:%patch24 -p2}
+%patch25 -p0
 
 %{__perl} -pi -e "s@/usr/local/bin/perl@%{__perl}@" $(grep -rl "/usr/local/bin/perl" *)
 %{__perl} -pi -e "s at BUILD_SUBDIRS.*@BUILD_SUBDIRS =@g" srclib/Makefile.in
@@ -1829,6 +1831,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.405  2005/08/25 09:08:30  adamg
+- fix for a byterange handling bug that could cause a DoS
+- release 5
+
 Revision 1.404  2005/08/25 06:09:20  glen
 - todo security
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/apache.spec?r1=1.404&r2=1.405&f=u

More information about the pld-cvs-commit mailing list