[Pkg-apache-commits] r1160 - in /branches/lenny-apache2: changelog patches/00list patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch
sf at alioth.debian.org
sf at alioth.debian.org
Tue Mar 2 20:42:01 UTC 2010
Author: sf
Date: Tue Mar 2 20:42:00 2010
New Revision: 1160
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1160
Log:
fix CVE-2010-0408
Added:
branches/lenny-apache2/patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch (with props)
Modified:
branches/lenny-apache2/changelog
branches/lenny-apache2/patches/00list
Modified: branches/lenny-apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/branches/lenny-apache2/changelog?rev=1160&op=diff
==============================================================================
--- branches/lenny-apache2/changelog (original)
+++ branches/lenny-apache2/changelog Tue Mar 2 20:42:00 2010
@@ -1,5 +1,7 @@
apache2 (2.2.9-10+lenny7) UNRELEASED; urgency=low
+ * Security: CVE-2010-0408: Fix denial of service vulnerability in
+ mod_proxy_ajp.
* Add missing psmisc dependency for killall used in the init script.
Closes: #568542
Modified: branches/lenny-apache2/patches/00list
URL: http://svn.debian.org/wsvn/pkg-apache/branches/lenny-apache2/patches/00list?rev=1160&op=diff
==============================================================================
--- branches/lenny-apache2/patches/00list (original)
+++ branches/lenny-apache2/patches/00list Tue Mar 2 20:42:00 2010
@@ -35,6 +35,7 @@
074_CVE-2009-3094.dpatch
075_CVE-2009-3095.dpatch
076_CVE-2009-3555.dpatch
+077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch
099_config_guess_sub_update
200_cp_suexec.dpatch
201_build_suexec-custom.dpatch
Added: branches/lenny-apache2/patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/branches/lenny-apache2/patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch?rev=1160&op=file
==============================================================================
--- branches/lenny-apache2/patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch (added)
+++ branches/lenny-apache2/patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch Tue Mar 2 20:42:00 2010
@@ -1,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: http://svn.apache.org/viewvc?rev=917876&view=rev
+
+ at DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' lenny-apache2~/modules/proxy/mod_proxy_ajp.c lenny-apache2/modules/proxy/mod_proxy_ajp.c
+--- a/modules/proxy/mod_proxy_ajp.c
++++ a/modules/proxy/mod_proxy_ajp.c
+@@ -231,7 +231,7 @@
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+ "proxy: ap_get_brigade failed");
+ apr_brigade_destroy(input_brigade);
+- return HTTP_INTERNAL_SERVER_ERROR;
++ return HTTP_BAD_REQUEST;
+ }
+
+ /* have something */
Propchange: branches/lenny-apache2/patches/077_CVE-2010-0408_mod_proxy_ajp_DoS.dpatch
------------------------------------------------------------------------------
svn:executable = *
More information about the Pkg-apache-commits
mailing list