[Frugalware-git] frugalware-0.8: apache-2.2.8-2kalgan2-i686

Tue, 26 Aug 2008 08:33:23 -0700 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-0.8.git;a=commitdiff;h=0440167e58f731710bf757370cfe9348a4882a12

commit 0440167e58f731710bf757370cfe9348a4882a12
Author: Miklos Vajna <[EMAIL PROTECTED]>
Date:   Tue Aug 26 17:33:07 2008 +0200

apache-2.2.8-2kalgan2-i686
- add CVE-2008-2939.patch
- closes #3307

diff --git a/source/network/apache/CVE-2008-2939.patch 
b/source/network/apache/CVE-2008-2939.patch
new file mode 100644
index 0000000..ddf5c6a
--- /dev/null
+++ b/source/network/apache/CVE-2008-2939.patch
@@ -0,0 +1,10 @@
+--- 2.2.x/modules/proxy/mod_proxy_ftp.c        2008/08/05 19:00:05     682869
++++ 2.2.x/modules/proxy/mod_proxy_ftp.c        2008/08/05 19:01:50     682870
+@@ -383,6 +383,7 @@
+                                                            c->bucket_alloc));
+         }
+         if (wildcard != NULL) {
++            wildcard = ap_escape_html(p, wildcard);
+             APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(wildcard,
+                                                            strlen(wildcard), 
p,
+                                                            c->bucket_alloc));
diff --git a/source/network/apache/FrugalBuild 
b/source/network/apache/FrugalBuild
index 3247385..a2d8c1b 100644
--- a/source/network/apache/FrugalBuild
+++ b/source/network/apache/FrugalBuild
@@ -4,7 +4,7 @@

pkgname=apache
pkgver=2.2.8
-pkgrel=2kalgan1
+pkgrel=2kalgan2
pkgdesc="A high performance Unix-based HTTP server (with SSL)"
url="http://httpd.apache.org/";
backup=(etc/httpd/conf/{httpd.conf,ssl.conf,ssl.crt/server.crt,ssl.csr/server.csr,ssl.key/server.key}
 \
@@ -19,8 +19,8 @@ 
source=(http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2 \
http://ftp.frugalware.org/pub/other/sources/apache/mkcert.tar.gz \
rc.httpd rc.httpd-hu.po httpd.conf ssl.conf \
README.Frugalware index.html http://frugalware.org/images/frugalware.png \
-       CVE-2008-2364.patch)
-signatures=($source.asc '' '' '' '' '' '' '' '' '')
+       CVE-2008-2364.patch CVE-2008-2939.patch)
+signatures=($source.asc '' '' '' '' '' '' '' '' '' '')

# svn web interface:
# http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to