apache-php4.patch.modperl apac...

Christoph Schug Thu, 29 Mar 2007 06:43:21 -0800

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________


  Server: cvs.openpkg.org                  Name:   Christoph Schug
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   29-Mar-2007 16:43:51
  Branch: HEAD                             Handle: 2007032915434902

  Added files:
    openpkg-src/apache      apache.patch.modperl
    openpkg-src/apache-php4 apache-php4.patch.modperl
  Modified files:
    openpkg-src/apache      apache.spec
    openpkg-src/apache-php4 apache-php4.spec

  Log:
    Security Fix (CVE-2007-1349)

  Summary:
    Revision    Changes     Path
    1.1         +17 -0      openpkg-src/apache-php4/apache-php4.patch.modperl
    1.13        +3  -1      openpkg-src/apache-php4/apache-php4.spec
    1.1         +17 -0      openpkg-src/apache/apache.patch.modperl
    1.389       +3  -1      openpkg-src/apache/apache.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/apache-php4/apache-php4.patch.modperl
  ============================================================================
  $ cvs diff -u -r0 -r1.1 apache-php4.patch.modperl
  --- /dev/null 2007-03-29 16:43:27 +0200
  +++ apache-php4.patch.modperl 2007-03-29 16:43:51 +0200
  @@ -0,0 +1,17 @@
  +Security Fix (CVE-2007-1349)
  +Fix unescaped variable interpolation in regular expression
  +http://svn.apache.org/viewvc?view=rev&revision=521582
  +http://secunia.com/advisories/24678/
  +
  +Index: lib/Apache/PerlRun.pm
  +--- lib/Apache/PerlRun.pm.orig       2003-03-08 05:11:09 +0100
  ++++ lib/Apache/PerlRun.pm    2007-03-29 16:23:47 +0200
  +@@ -168,7 +168,7 @@
  +               $uri) if $Debug && $Debug & 4;
  + 
  +     my $path_info = $r->path_info;
  +-    my $script_name = $path_info && $uri =~ /$path_info$/ ?
  ++    my $script_name = $path_info && $uri =~ /\Q$path_info\E$/ ?
  +     substr($uri, 0, length($uri)-length($path_info)) :
  +     $uri;
  + 
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/apache-php4/apache-php4.spec
  ============================================================================
  $ cvs diff -u -r1.12 -r1.13 apache-php4.spec
  --- openpkg-src/apache-php4/apache-php4.spec  24 Mar 2007 09:08:36 -0000      
1.12
  +++ openpkg-src/apache-php4/apache-php4.spec  29 Mar 2007 14:43:51 -0000      
1.13
  @@ -68,7 +68,7 @@
   Group:        Web
   License:      ASF
   Version:      %{V_apache}
  -Release:      20070324
  +Release:      20070329
   
   #   package options (suexec related)
   %option       with_suexec               yes
  @@ -235,6 +235,7 @@
   Patch6:       apache-php4.patch.modauthkerb
   Patch7:       apache-php4.patch.modauthradius
   Patch8:       apache-php4.patch.modssl
  +Patch9:       apache-php4.patch.modperl
   
   #   build information
   Prefix:       %{l_prefix}
  @@ -561,6 +562,7 @@
   %endif
   %if "%{with_mod_perl}" == "yes"
       %setup -q -T -D -a 2
  +    %patch -p0 -d mod_perl-%{V_mod_perl} -P 9
   %endif
   %if "%{with_mod_php}" == "yes"
       %setup -q -T -D -a 3
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/apache/apache.patch.modperl
  ============================================================================
  $ cvs diff -u -r0 -r1.1 apache.patch.modperl
  --- /dev/null 2007-03-29 16:43:27 +0200
  +++ apache.patch.modperl      2007-03-29 16:43:50 +0200
  @@ -0,0 +1,17 @@
  +Security Fix (CVE-2007-1349)
  +Fix unescaped variable interpolation in regular expression
  +http://svn.apache.org/viewvc?view=rev&revision=521582
  +http://secunia.com/advisories/24678/
  +
  +Index: lib/Apache/PerlRun.pm
  +--- lib/Apache/PerlRun.pm.orig       2003-03-08 05:11:09 +0100
  ++++ lib/Apache/PerlRun.pm    2007-03-29 16:23:47 +0200
  +@@ -168,7 +168,7 @@
  +               $uri) if $Debug && $Debug & 4;
  + 
  +     my $path_info = $r->path_info;
  +-    my $script_name = $path_info && $uri =~ /$path_info$/ ?
  ++    my $script_name = $path_info && $uri =~ /\Q$path_info\E$/ ?
  +     substr($uri, 0, length($uri)-length($path_info)) :
  +     $uri;
  + 
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/apache/apache.spec
  ============================================================================
  $ cvs diff -u -r1.388 -r1.389 apache.spec
  --- openpkg-src/apache/apache.spec    24 Mar 2007 09:06:25 -0000      1.388
  +++ openpkg-src/apache/apache.spec    29 Mar 2007 14:43:50 -0000      1.389
  @@ -68,7 +68,7 @@
   Group:        Web
   License:      ASF
   Version:      %{V_apache}
  -Release:      20070324
  +Release:      20070329
   
   #   package options (suexec related)
   %option       with_suexec               yes
  @@ -238,6 +238,7 @@
   Patch5:       apache.patch.modauthkerb
   Patch6:       apache.patch.modauthradius
   Patch7:       apache.patch.modssl
  +Patch8:       apache.patch.modperl
   
   #   build information
   Prefix:       %{l_prefix}
  @@ -562,6 +563,7 @@
   %endif
   %if "%{with_mod_perl}" == "yes"
       %setup -q -T -D -a 2
  +    %patch -p0 -d mod_perl-%{V_mod_perl} -P 8
   %endif
   %if "%{with_mod_php}" == "yes"
       %setup -q -T -D -a 3
  @@ .
______________________________________________________________________
OpenPKG                                             http://openpkg.org
CVS Repository Commit List                     [email protected]

[CVS] OpenPKG: openpkg-src/apache-php4/ apache-php4.patch.modperl apac...

Reply via email to