[Pkg-apache-commits] r1208 - in /trunk/apache2: changelog patches/00list patches/076_apxs2_a2enmod.dpatch patches/080_mod_reqtimeout_fixes.dpatch patches/081_apxs_perl_5.12.dpatch
sf at alioth.debian.org
sf at alioth.debian.org
Sat Jul 24 19:25:29 UTC 2010
Author: sf
Date: Sat Jul 24 19:25:28 2010
New Revision: 1208
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1208
Log:
New upstream
adjust patches
Removed:
trunk/apache2/patches/081_apxs_perl_5.12.dpatch
Modified:
trunk/apache2/changelog
trunk/apache2/patches/00list
trunk/apache2/patches/076_apxs2_a2enmod.dpatch
trunk/apache2/patches/080_mod_reqtimeout_fixes.dpatch
Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1208&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Sat Jul 24 19:25:28 2010
@@ -1,3 +1,14 @@
+apache2 (2.2.16-1) UNRELEASED; urgency=low
+
+ * New upstream release:
+ - CVE-2010-1452: mod_dav, mod_cache: Fix denial of service vulnerability
+ due to incorrect handling of requests without a path segment.
+ - mod_dir: add FallbackResource directive, to enable admin to specify
+ an action to happen when a URL maps to no file, without resorting
+ to ErrorDocument or mod_rewrite
+
+ -- Stefan Fritsch <sf at debian.org> Sat, 24 Jul 2010 21:00:10 +0200
+
apache2 (2.2.15-6) unstable; urgency=low
* Fix init script not correctly killing htcacheclean. Closes: #580971
Modified: trunk/apache2/patches/00list
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/00list?rev=1208&op=diff
==============================================================================
--- trunk/apache2/patches/00list (original)
+++ trunk/apache2/patches/00list Sat Jul 24 19:25:28 2010
@@ -24,7 +24,6 @@
077_CacheIgnoreURLSessionIdentifiers.dpatch
079_polish_translation.dpatch
080_mod_reqtimeout_fixes.dpatch
-081_apxs_perl_5.12.dpatch
082_ab_num_requests
099_config_guess_sub_update
200_cp_suexec.dpatch
Modified: trunk/apache2/patches/076_apxs2_a2enmod.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/076_apxs2_a2enmod.dpatch?rev=1208&op=diff
==============================================================================
--- trunk/apache2/patches/076_apxs2_a2enmod.dpatch (original)
+++ trunk/apache2/patches/076_apxs2_a2enmod.dpatch Sat Jul 24 19:25:28 2010
@@ -8,7 +8,7 @@
diff -urNad trunk~/support/apxs.in trunk/support/apxs.in
--- trunk~/support/apxs.in 2010-01-02 21:52:57.828866228 +0100
+++ trunk/support/apxs.in 2010-01-02 21:55:48.375597120 +0100
-@@ -522,7 +522,7 @@
+@@ -521,7 +521,7 @@
# $dir =~ s|^$CFG_PREFIX/?||;
$dir =~ s|(.)$|$1/|;
$t =~ s|\.la$|.so|;
@@ -17,15 +17,17 @@
}
# execute the commands
-@@ -530,105 +530,35 @@
+@@ -529,108 +529,35 @@
# activate module via LoadModule/AddModule directive
if ($opt_a or $opt_A) {
- if (not -f "$CFG_SYSCONFDIR/httpd.conf") {
- error("Config file $CFG_SYSCONFDIR/httpd.conf not found");
-- exit(1);
-- }
--
++ if (not -d "$CFG_SYSCONFDIR/mods-available") {
++ error("Config file $CFG_SYSCONFDIR/mods-available not found");
+ exit(1);
+ }
+
- open(FP, "<$CFG_SYSCONFDIR/httpd.conf") || die;
- my $content = join('', <FP>);
- close(FP);
@@ -33,17 +35,18 @@
- if ($content !~ m|\n#?\s*LoadModule\s+|) {
- error("Activation failed for custom $CFG_SYSCONFDIR/httpd.conf file.");
- error("At least one `LoadModule' directive already has to exist.");
-+ if (not -d "$CFG_SYSCONFDIR/mods-available") {
-+ error("Config file $CFG_SYSCONFDIR/mods-available not found");
- exit(1);
- }
-
+- exit(1);
+- }
+-
- my $lmd;
- my $c = '';
- $c = '#' if ($opt_A);
- foreach $lmd (@lmd) {
- my $what = $opt_A ? "preparing" : "activating";
-- if ($content !~ m|\n#?\s*$lmd|) {
+- my $lmd_re = $lmd;
+- $lmd_re =~ s/\s+/\\s+/g;
+-
+- if ($content !~ m|\n#?\s*$lmd_re|) {
- # check for open <containers>, so that the new LoadModule
- # directive always appears *outside* of an <container>.
-
@@ -63,15 +66,7 @@
- error('Configuration file is not valid. There are sections'
- . ' closed before opened.');
- exit(1);
-+ my $entry;
-+ foreach $entry (@lmd) {
-+ my ($name, $lmd) = @{$entry};
-+ my $filename = "$CFG_SYSCONFDIR/mods-available/$name.load";
-+ if (-f $filename) {
-+ my $cmd = "mv $filename $filename.bak~";
-+ if (system($cmd) != 0) {
-+ die "'$cmd' failed\n";
- }
+- }
- else {
- # put our cmd after the section containing the last
- # LoadModule.
@@ -102,31 +97,41 @@
- # be repeated $cntopen
- # times. That's it.
- # Simple, eh? ;-)
-+ }
-
+-
- ) # capture end
- !$1$c$lmd\n!mx;
-+ notice("[preparing module `$name' in $filename]");
-+ open(FP, ">$filename") || die;
-+ print FP "$lmd\n";
-+ close(FP);
-
+-
- unless ($found) {
- error('Configuration file is not valid. There are '
- . 'sections opened and not closed.');
- exit(1);
- }
-+ if ($opt_a) {
-+ my $cmd = "a2enmod $name";
++ my $entry;
++ foreach $entry (@lmd) {
++ my ($name, $lmd) = @{$entry};
++ my $filename = "$CFG_SYSCONFDIR/mods-available/$name.load";
++ if (-f $filename) {
++ my $cmd = "mv $filename $filename.bak~";
+ if (system($cmd) != 0) {
+ die "'$cmd' failed\n";
}
- } else {
- # replace already existing LoadModule line
-- $content =~ s|^(.*\n)#?\s*$lmd[^\n]*\n|$1$c$lmd\n|s;
-- }
+- $content =~ s|^(.*\n)#?\s*$lmd_re[^\n]*\n|$1$c$lmd\n|s;
+ }
- $lmd =~ m|LoadModule\s+(.+?)_module.*|;
- notice("[$what module `$1' in $CFG_SYSCONFDIR/httpd.conf]");
++
++ notice("[preparing module `$name' in $filename]");
++ open(FP, ">$filename") || die;
++ print FP "$lmd\n";
++ close(FP);
++
++ if ($opt_a) {
++ my $cmd = "a2enmod $name";
++ if (system($cmd) != 0) {
++ die "'$cmd' failed\n";
++ }
+ }
+
}
Modified: trunk/apache2/patches/080_mod_reqtimeout_fixes.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/080_mod_reqtimeout_fixes.dpatch?rev=1208&op=diff
==============================================================================
--- trunk/apache2/patches/080_mod_reqtimeout_fixes.dpatch (original)
+++ trunk/apache2/patches/080_mod_reqtimeout_fixes.dpatch Sat Jul 24 19:25:28 2010
@@ -240,7 +240,7 @@
+ apr_socket_timeout_set(ccfg->socket, saved_sock_timeout);
+out:
- if (rv == APR_TIMEUP) {
+ if (APR_STATUS_IS_TIMEUP(rv)) {
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c,
"Request %s read timeout", ccfg->type);
+ /*
More information about the Pkg-apache-commits
mailing list