[apache2] 01/04: Fix -D[efined] or <Define>[d] variables lifetime accross restarts
Stefan Fritsch
sf at moszumanska.debian.org
Tue Mar 31 20:34:42 UTC 2015
This is an automated email from the git hooks/post-receive script.
sf pushed a commit to branch master
in repository apache2.
commit 8a37b29f76db8100c67c7e4fe39e8a5d33288780
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Tue Mar 31 22:05:20 2015 +0200
Fix -D[efined] or <Define>[d] variables lifetime accross restarts
PR 56008
PR 57328
---
debian/changelog | 7 +++++++
debian/patches/define_restarts.diff | 24 ++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 32 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 60338a9..8ce3e5f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+apache2 (2.4.10-11) UNRELEASED; urgency=medium
+
+ * core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
+ This could cause all kinds of strange behavior. PR 56008. PR 57328
+
+ -- Stefan Fritsch <sf at debian.org> Tue, 31 Mar 2015 22:02:14 +0200
+
apache2 (2.4.10-10) unstable; urgency=medium
* CVE-2015-0228: mod_lua: Fix denial of service vulnerability in
diff --git a/debian/patches/define_restarts.diff b/debian/patches/define_restarts.diff
new file mode 100644
index 0000000..ceedbdc
--- /dev/null
+++ b/debian/patches/define_restarts.diff
@@ -0,0 +1,24 @@
+# https://svn.apache.org/r1651083
+# https://bz.apache.org/bugzilla/show_bug.cgi?id=57268
+# https://bz.apache.org/bugzilla/show_bug.cgi?id=56008
+#
+# Merge r1643825 from trunk:
+#
+# * core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
+# PR 57328.
+#
+# Submitted-by: Armin Abfalterer <a.abfalterer gmail.com>
+# Reviewed/Committed-by: ylavic
+#
+# Submitted by: ylavic
+# Reviewed/backported by: jim
+--- apache2.orig/server/core.c
++++ apache2/server/core.c
+@@ -1271,6 +1271,7 @@ AP_DECLARE(const char *) ap_resolve_env(
+ static int reset_config_defines(void *dummy)
+ {
+ ap_server_config_defines = saved_server_config_defines;
++ saved_server_config_defines = NULL;
+ server_config_defined_vars = NULL;
+ return OK;
+ }
diff --git a/debian/patches/series b/debian/patches/series
index f871db9..171c9c0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@ mod_ssl_memleak.diff
mod_ssl-oscp_stapling_crash.diff
CVE-2014-8109_mod_lua.diff
CVE-2015-0228_mod_lua.diff
+define_restarts.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list