[apache2] 01/02: fix CVE-2013-1896 patch for 2.2
Stefan Fritsch
sf at moszumanska.debian.org
Tue Jan 28 22:12:55 UTC 2014
This is an automated email from the git hooks/post-receive script.
sf pushed a commit to branch squeeze
in repository apache2.
commit 563335693b34bb5632ceea8c8a53cd9d57b93ba1
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Tue Jan 28 22:47:54 2014 +0100
fix CVE-2013-1896 patch for 2.2
---
debian/patches/304_CVE-2013-1896.dpatch | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/debian/patches/304_CVE-2013-1896.dpatch b/debian/patches/304_CVE-2013-1896.dpatch
index 4efe9fd..0fd0c41 100755
--- a/debian/patches/304_CVE-2013-1896.dpatch
+++ b/debian/patches/304_CVE-2013-1896.dpatch
@@ -1,5 +1,7 @@
#! /bin/sh /usr/share/dpatch/dpatch-run
-##
+#
+## DP: http://svn.apache.org/r1497101
+## DP: http://svn.apache.org/r1497212
#
@DPATCH@
Index: apache2/modules/dav/main/mod_dav.c
@@ -11,7 +13,7 @@ Index: apache2/modules/dav/main/mod_dav.c
conf = ap_get_module_config(r->per_dir_config, &dav_module);
/* assert: conf->provider != NULL */
+ if (conf->provider == NULL) {
-+ return dav_new_error(r->pool, HTTP_METHOD_NOT_ALLOWED, 0, 0,
++ return dav_new_error(r->pool, HTTP_METHOD_NOT_ALLOWED, 0,
+ apr_psprintf(r->pool,
+ "DAV not enabled for %s",
+ ap_escape_html(r->pool, r->uri)));
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list