OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 02-Sep-2005 23:14:52 Branch: OPENPKG_2_4_SOLID Handle: 2005090222145100 Added files: (Branch: OPENPKG_2_4_SOLID) openpkg-src/apache apache.patch.modssl Modified files: (Branch: OPENPKG_2_4_SOLID) openpkg-src/apache apache.spec Log: fix security issue (CAN-2005-2700) Summary: Revision Changes Path 1.1.12.1 +14 -0 openpkg-src/apache/apache.patch.modssl 1.297.2.2 +3 -1 openpkg-src/apache/apache.spec ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/apache/apache.patch.modssl ============================================================================ $ cvs diff -u -r0 -r1.1.12.1 apache.patch.modssl --- /dev/null 2005-09-02 23:14:24 +0200 +++ apache.patch.modssl 2005-09-02 23:14:51 +0200 @@ -0,0 +1,14 @@ +Index: pkg.sslmod/ssl_engine_kernel.c +--- pkg.sslmod/ssl_engine_kernel.c 6 Jul 2005 08:34:19 -0000 1.111 ++++ pkg.sslmod/ssl_engine_kernel.c 2 Sep 2005 20:57:47 -0000 1.112 +@@ -868,8 +868,8 @@ + && (nVerify != SSL_VERIFY_NONE)) + || ( !(nVerifyOld & SSL_VERIFY_PEER) + && (nVerify & SSL_VERIFY_PEER)) +- || ( !(nVerifyOld & (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) +- && (nVerify & (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)))) { ++ || ( !(nVerifyOld & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) ++ && (nVerify & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))) { + renegotiate = TRUE; + /* optimization */ + if ( dc->nOptions & SSL_OPT_OPTRENEGOTIATE @@ . patch -p0 <<'@@ .' Index: openpkg-src/apache/apache.spec ============================================================================ $ cvs diff -u -r1.297.2.1 -r1.297.2.2 apache.spec --- openpkg-src/apache/apache.spec 15 Jun 2005 18:58:39 -0000 1.297.2.1 +++ openpkg-src/apache/apache.spec 2 Sep 2005 21:14:51 -0000 1.297.2.2 @@ -65,7 +65,7 @@ Group: Web License: ASF Version: %{V_apache} -Release: 2.4.0 +Release: 2.4.1 # package options (suexec related) %option with_suexec yes @@ -211,6 +211,7 @@ Patch1: apache.patch.modowa Patch2: apache.patch.php Patch3: http://www.hardened-php.net/hardened-php-%{V_mod_php_hardened}.patch.gz +Patch4: apache.patch.modssl # build information Prefix: %{l_prefix} @@ -498,6 +499,7 @@ # unpack optional extension modules %if "%{with_mod_ssl}" == "yes" %setup -q -T -D -a 1 + %patch -p0 -d mod_ssl-%{V_mod_ssl} -P 4 %endif %if "%{with_mod_perl}" == "yes" %setup -q -T -D -a 2 @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org