rpms/mod_perl/F-7 mod_perl-2.0.2-CVE-2007-1349.patch, NONE, 1.1 mod_perl.spec, 1.48, 1.49
Joe Orton (jorton)
fedora-extras-commits at redhat.com
Fri Jun 8 18:05:10 UTC 2007
- Previous message (by thread): rpms/kernel/F-7 patch-2.6.21.4.bz2.sign, NONE, 1.1 .cvsignore, 1.622, 1.623 kernel-2.6.spec, 1.3220, 1.3221 sources, 1.585, 1.586 upstream, 1.509, 1.510 linux-2.6-alsa-toshiba-a100.patch, 1.1, NONE linux-2.6-prevent-idle-softirq.patch, 1.2, NONE linux-2.6-singlethread-freezable-workqueues.patch, 1.3, NONE linux-2.6-x86-dell-e520-shutdown.patch, 1.1, NONE linux-2.6-x86-fix-oprofile-fix.patch, 1.1, NONE linux-2.6-x86-fix-oprofile.patch, 1.2, NONE patch-2.6.21.2.bz2.sign, 1.1, NONE
- Next message (by thread): rpms/kernel/F-7 kernel-2.6.spec, 1.3221, 1.3222 stable-reverts.patch, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jorton
Update of /cvs/extras/rpms/mod_perl/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14433
Modified Files:
mod_perl.spec
Added Files:
mod_perl-2.0.2-CVE-2007-1349.patch
Log Message:
* Fri Jun 8 2007 Joe Orton <jorton at redhat.com> 2.0.3-9.1.fc7
- add security fix for CVE-2007-1349
mod_perl-2.0.2-CVE-2007-1349.patch:
--- NEW FILE mod_perl-2.0.2-CVE-2007-1349.patch ---
--- mod_perl-2.0.2/ModPerl-Registry/lib/ModPerl/RegistryCooker.pm.cve1349
+++ mod_perl-2.0.2/ModPerl-Registry/lib/ModPerl/RegistryCooker.pm
@@ -336,7 +336,7 @@
my $self = shift;
my $path_info = $self->{REQ}->path_info;
- my $script_name = $path_info && $self->{URI} =~ /$path_info$/
+ my $script_name = $path_info && $self->{URI} =~ /\Q$path_info\E$/
? substr($self->{URI}, 0, length($self->{URI}) - length($path_info))
: $self->{URI};
Index: mod_perl.spec
===================================================================
RCS file: /cvs/extras/rpms/mod_perl/F-7/mod_perl.spec,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- mod_perl.spec 20 Apr 2007 10:01:30 -0000 1.48
+++ mod_perl.spec 8 Jun 2007 18:04:31 -0000 1.49
@@ -2,7 +2,7 @@
Name: mod_perl
Version: 2.0.3
-Release: 9
+Release: 9.1%{?dist}
Summary: An embedded Perl interpreter for the Apache Web server
Group: System Environment/Daemons
@@ -13,6 +13,7 @@
Source2: filter-requires.sh
Source3: filter-provides.sh
Patch0: mod_perl-2.0.2-multilib.patch
+Patch1: mod_perl-2.0.2-CVE-2007-1349.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: perl >= 1:5.6.1, perl-devel
@@ -49,6 +50,7 @@
%prep
%setup -q -n %{name}-%{version}
%patch0 -p1
+%patch1 -p1
%build
CFLAGS="$RPM_OPT_FLAGS -fpic" %{__perl} Makefile.PL </dev/null \
@@ -127,6 +129,9 @@
%{_includedir}/httpd/*
%changelog
+* Fri Jun 8 2007 Joe Orton <jorton at redhat.com> 2.0.3-9.1.fc7
+- add security fix for CVE-2007-1349
+
* Fri Apr 20 2007 Joe Orton <jorton at redhat.com> 2.0.3-8
- filter provide of perl(warnings) (#228429)
- Previous message (by thread): rpms/kernel/F-7 patch-2.6.21.4.bz2.sign, NONE, 1.1 .cvsignore, 1.622, 1.623 kernel-2.6.spec, 1.3220, 1.3221 sources, 1.585, 1.586 upstream, 1.509, 1.510 linux-2.6-alsa-toshiba-a100.patch, 1.1, NONE linux-2.6-prevent-idle-softirq.patch, 1.2, NONE linux-2.6-singlethread-freezable-workqueues.patch, 1.3, NONE linux-2.6-x86-dell-e520-shutdown.patch, 1.1, NONE linux-2.6-x86-fix-oprofile-fix.patch, 1.1, NONE linux-2.6-x86-fix-oprofile.patch, 1.2, NONE patch-2.6.21.2.bz2.sign, 1.1, NONE
- Next message (by thread): rpms/kernel/F-7 kernel-2.6.spec, 1.3221, 1.3222 stable-reverts.patch, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list