[CVS] OpenPKG: OPENPKG_1_3_SOLID: openpkg-src/apache/ apache.patch apa...

Tue, 28 Oct 2003 07:31:10 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src openpkg-web          Date:   28-Oct-2003 15:26:44
  Branch: OPENPKG_1_3_SOLID HEAD           Handle: 2003102814264102

  Modified files:
    openpkg-web             news.txt
  Modified files:           (Branch: OPENPKG_1_3_SOLID)
    openpkg-src/apache      apache.patch apache.spec

  Log:
    Security Bugfix (CAN-2003-0542, OpenPKG-SA-2003.046-apache)

  Summary:
    Revision    Changes     Path
    1.1.6.2.2.1 +114 -0     openpkg-src/apache/apache.patch
    1.106.2.6.2.2+1  -1      openpkg-src/apache/apache.spec
    1.7202      +1  -0      openpkg-web/news.txt
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/apache/apache.patch
  ============================================================================
  $ cvs diff -u -r1.1.6.2 -r1.1.6.2.2.1 apache.patch
  --- openpkg-src/apache/apache.patch   29 Jul 2003 14:32:19 -0000      1.1.6.2
  +++ openpkg-src/apache/apache.patch   28 Oct 2003 14:26:43 -0000      1.1.6.2.2.1
  @@ -75,3 +75,117 @@
        if (!(env_path = ap_pstrdup(r->pool, getenv("PATH")))) {
        env_path = DEFAULT_PATH;
        }
  +
  +
  +-----------------------------------------------------------------------------
  +
  +Security Bugfix (CAN-2003-0542, OpenPKG-SA-2003.046-apache):
  +
  +Index: apache_1.3.28/src/include/httpd.h
  +--- apache_1.3.28/src/include/httpd.h.orig   2003-07-16 22:20:26.000000000 +0200
  ++++ apache_1.3.28/src/include/httpd.h        2003-10-28 14:10:48.000000000 +0100
  +@@ -274,6 +274,9 @@
  + /* The size of the server's internal read-write buffers */
  + #define IOBUFSIZE 8192
  + 
  ++/* The max number of regex captures that can be expanded by ap_pregsub */
  ++#define AP_MAX_REG_MATCH 10
  ++
  + /* Number of servers to spawn off by default --- also, if fewer than
  +  * this free when the caretaker checks, it will spawn more.
  +  */
  +Index: apache_1.3.28/src/modules/standard/mod_alias.c
  +--- apache_1.3.28/src/modules/standard/mod_alias.c.orig      2003-04-24 
18:08:21.000000000 +0200
  ++++ apache_1.3.28/src/modules/standard/mod_alias.c   2003-10-28 14:10:48.000000000 
+0100
  +@@ -299,7 +299,7 @@
  + static char *try_alias_list(request_rec *r, array_header *aliases, int doesc, int 
*status)
  + {
  +     alias_entry *entries = (alias_entry *) aliases->elts;
  +-    regmatch_t regm[10];
  ++    regmatch_t regm[AP_MAX_REG_MATCH];
  +     char *found = NULL;
  +     int i;
  + 
  +@@ -308,10 +308,10 @@
  +     int l;
  + 
  +     if (p->regexp) {
  +-        if (!ap_regexec(p->regexp, r->uri, p->regexp->re_nsub + 1, regm, 0)) {
  ++        if (!ap_regexec(p->regexp, r->uri, AP_MAX_REG_MATCH, regm, 0)) {
  +             if (p->real) {
  +                 found = ap_pregsub(r->pool, p->real, r->uri,
  +-                                p->regexp->re_nsub + 1, regm);
  ++                                       AP_MAX_REG_MATCH, regm);
  +                 if (found && doesc) {
  +                     found = ap_escape_uri(r->pool, found);
  +                 }
  +Index: apache_1.3.28/src/modules/standard/mod_rewrite.c
  +--- apache_1.3.28/src/modules/standard/mod_rewrite.c.orig    2003-05-19 
04:35:31.000000000 +0200
  ++++ apache_1.3.28/src/modules/standard/mod_rewrite.c 2003-10-28 14:10:48.000000000 
+0100
  +@@ -1834,7 +1834,7 @@
  +     const char *vary;
  +     char newuri[MAX_STRING_LEN];
  +     regex_t *regexp;
  +-    regmatch_t regmatch[MAX_NMATCH];
  ++    regmatch_t regmatch[AP_MAX_REG_MATCH];
  +     backrefinfo *briRR = NULL;
  +     backrefinfo *briRC = NULL;
  +     int prefixstrip;
  +@@ -1891,7 +1891,7 @@
  +         rewritelog(r, 3, "[per-dir %s] applying pattern '%s' to uri '%s'",
  +                    perdir, p->pattern, uri);
  +     }
  +-    rc = (ap_regexec(regexp, uri, regexp->re_nsub+1, regmatch, 0) == 0);
  ++    rc = (ap_regexec(regexp, uri, AP_MAX_REG_MATCH, regmatch, 0) == 0);
  +     if (! (( rc && !(p->flags & RULEFLAG_NOTMATCH)) ||
  +            (!rc &&  (p->flags & RULEFLAG_NOTMATCH))   ) ) {
  +         return 0;
  +@@ -2179,7 +2179,7 @@
  +     char input[MAX_STRING_LEN];
  +     struct stat sb;
  +     request_rec *rsub;
  +-    regmatch_t regmatch[MAX_NMATCH];
  ++    regmatch_t regmatch[AP_MAX_REG_MATCH];
  +     int rc;
  + 
  +     /*
  +@@ -2283,8 +2283,7 @@
  +     }
  +     else {
  +         /* it is really a regexp pattern, so apply it */
  +-        rc = (ap_regexec(p->regexp, input,
  +-                         p->regexp->re_nsub+1, regmatch,0) == 0);
  ++        rc = (ap_regexec(p->regexp, input, AP_MAX_REG_MATCH, regmatch,0) == 0);
  + 
  +         /* if it isn't a negated pattern and really matched
  +            we update the passed-through regex subst info structure */
  +@@ -2442,7 +2441,7 @@
  +             bri = briRC;
  +         }
  +         /* see ap_pregsub() in src/main/util.c */
  +-            if (bri && n <= bri->nsub &&
  ++            if (bri && n < AP_MAX_REG_MATCH &&
  +             bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) {
  +             span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so;
  +             if (span > space) {
  +Index: apache_1.3.28/src/modules/standard/mod_rewrite.h
  +--- apache_1.3.28/src/modules/standard/mod_rewrite.h.orig    2003-05-19 
04:35:31.000000000 +0200
  ++++ apache_1.3.28/src/modules/standard/mod_rewrite.h 2003-10-28 14:10:48.000000000 
+0100
  +@@ -253,8 +253,6 @@
  + 
  + #define MAX_ENV_FLAGS 15
  + 
  +-#define MAX_NMATCH    10
  +-
  + /* default maximum number of internal redirects */
  + #define REWRITE_REDIRECT_LIMIT 10
  + 
  +@@ -368,7 +366,7 @@
  + typedef struct backrefinfo {
  +     char *source;
  +     int nsub;
  +-    regmatch_t regmatch[10];
  ++    regmatch_t regmatch[AP_MAX_REG_MATCH];
  + } backrefinfo;
  + 
  + 
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/apache/apache.spec
  ============================================================================
  $ cvs diff -u -r1.106.2.6.2.1 -r1.106.2.6.2.2 apache.spec
  --- openpkg-src/apache/apache.spec    29 Jul 2003 14:58:13 -0000      1.106.2.6.2.1
  +++ openpkg-src/apache/apache.spec    28 Oct 2003 14:26:43 -0000      1.106.2.6.2.2
  @@ -60,7 +60,7 @@
   Group:        Web
   License:      ASF
   Version:      %{V_apache}
  -Release:      1.3.0
  +Release:      1.3.1
   
   #   package options (suexec related)
   %option       with_suexec               yes
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-web/news.txt
  ============================================================================
  $ cvs diff -u -r1.7201 -r1.7202 news.txt
  --- openpkg-web/news.txt      28 Oct 2003 11:07:28 -0000      1.7201
  +++ openpkg-web/news.txt      28 Oct 2003 14:26:41 -0000      1.7202
  @@ -1,3 +1,4 @@
  +28-Oct-2003: Upgraded package: P<apache-1.3.28-1.3.1>
   28-Oct-2003: Upgraded package: P<apache2-2.0.48-20031028>
   28-Oct-2003: Upgraded package: P<apache-1.3.29-20031028>
   28-Oct-2003: Upgraded package: P<postfix-2.0.16-20031028>
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to