rpms/httpd/F-7 httpd-2.2.4-oldflush.patch, NONE, 1.1 httpd-2.2.6-ssllibver.patch, NONE, 1.1 .cvsignore, 1.19, 1.20 httpd.spec, 1.109, 1.110 sources, 1.15, 1.16 httpd-2.2.3-CVE-2006-5752.patch, 1.1, NONE httpd-2.2.3-CVE-2007-1863.patch, 1.1, NONE httpd-2.2.3-CVE-2007-3304.patch, 1.1, NONE httpd-2.2.4-CVE-2007-1862.patch, 1.1, NONE
Joe Orton (jorton)
fedora-extras-commits at redhat.com
Tue Sep 18 13:34:47 UTC 2007
Author: jorton
Update of /cvs/extras/rpms/httpd/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv792
Modified Files:
.cvsignore httpd.spec sources
Added Files:
httpd-2.2.4-oldflush.patch httpd-2.2.6-ssllibver.patch
Removed Files:
httpd-2.2.3-CVE-2006-5752.patch
httpd-2.2.3-CVE-2007-1863.patch
httpd-2.2.3-CVE-2007-3304.patch
httpd-2.2.4-CVE-2007-1862.patch
Log Message:
* Tue Sep 18 2007 Joe Orton <jorton at redhat.com> 2.2.6-1.fc7
- update to 2.2.6
- require /etc/mime.types (#249223)
httpd-2.2.4-oldflush.patch:
--- NEW FILE httpd-2.2.4-oldflush.patch ---
http://issues.apache.org/bugzilla/show_bug.cgi?id=36780
--- httpd-2.2.4/server/util_filter.c.oldflush
+++ httpd-2.2.4/server/util_filter.c
@@ -578,8 +578,18 @@ AP_DECLARE_NONSTD(apr_status_t) ap_filte
void *ctx)
{
ap_filter_t *f = ctx;
+ apr_status_t rv;
- return ap_pass_brigade(f, bb);
+ rv = ap_pass_brigade(f, bb);
+
+ /* apr_brigade_write* require that the flush function ensures that
+ * the brigade is empty upon return; otherwise the brigade may be
+ * left with a transient bucket whose contents have fallen out of
+ * scope. Call cleanup here unconditionally to avoid the issue in
+ * all cases. */
+ apr_brigade_cleanup(bb);
+
+ return rv;
}
AP_DECLARE(apr_status_t) ap_fflush(ap_filter_t *f, apr_bucket_brigade *bb)
httpd-2.2.6-ssllibver.patch:
--- NEW FILE httpd-2.2.6-ssllibver.patch ---
--- httpd-2.2.6/modules/ssl/mod_ssl.c.ssllibver
+++ httpd-2.2.6/modules/ssl/mod_ssl.c
@@ -500,7 +500,7 @@ static void ssl_register_hooks(apr_pool_
ap_hook_insert_filter (ssl_hook_Insert_Filter, NULL,NULL, APR_HOOK_MIDDLE);
/* ap_hook_handler (ssl_hook_Upgrade, NULL,NULL, APR_HOOK_MIDDLE); */
- ssl_var_register();
+ ssl_var_register(p);
APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable);
APR_REGISTER_OPTIONAL_FN(ssl_engine_disable);
--- httpd-2.2.6/modules/ssl/ssl_engine_vars.c.ssllibver
+++ httpd-2.2.6/modules/ssl/ssl_engine_vars.c
@@ -58,12 +58,32 @@ static int ssl_is_https(conn_rec *c)
return sslconn && sslconn->ssl;
}
-void ssl_var_register(void)
+static const char var_interface[] = "mod_ssl/" MOD_SSL_VERSION;
+static char var_library_interface[] = SSL_LIBRARY_TEXT;
+static char *var_library = NULL;
+
+void ssl_var_register(apr_pool_t *p)
{
+ char *cp, *cp2;
+
APR_REGISTER_OPTIONAL_FN(ssl_is_https);
APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
APR_REGISTER_OPTIONAL_FN(ssl_ext_lookup);
- return;
+
+ /* Perform once-per-process library version determination: */
+ var_library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT);
+
+ if ((cp = strchr(var_library, ' ')) != NULL) {
+ *cp = '/';
+ if ((cp2 = strchr(cp, ' ')) != NULL)
+ *cp2 = NUL;
+ }
+
+ if ((cp = strchr(var_library_interface, ' ')) != NULL) {
+ *cp = '/';
+ if ((cp2 = strchr(cp, ' ')) != NULL)
+ *cp2 = NUL;
+ }
}
/* This function must remain safe to use for a non-SSL connection. */
@@ -635,39 +655,17 @@ static void ssl_var_lookup_ssl_cipher_bi
static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var)
{
- static char interface[] = "mod_ssl/" MOD_SSL_VERSION;
- static char library_interface[] = SSL_LIBRARY_TEXT;
- static char *library = NULL;
- char *result;
-
- if (!library) {
- char *cp, *cp2;
- library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT);
- if ((cp = strchr(library, ' ')) != NULL) {
- *cp = '/';
- if ((cp2 = strchr(cp, ' ')) != NULL)
- *cp2 = NUL;
- }
- if ((cp = strchr(library_interface, ' ')) != NULL) {
- *cp = '/';
- if ((cp2 = strchr(cp, ' ')) != NULL)
- *cp2 = NUL;
- }
- }
-
if (strEQ(var, "INTERFACE")) {
- result = apr_pstrdup(p, interface);
+ return apr_pstrdup(p, var_interface);
}
else if (strEQ(var, "LIBRARY_INTERFACE")) {
- result = apr_pstrdup(p, library_interface);
+ return apr_pstrdup(p, var_library_interface);
}
else if (strEQ(var, "LIBRARY")) {
- result = apr_pstrdup(p, library);
- }
- else {
- result = NULL;
+ return apr_pstrdup(p, var_library);
}
- return result;
+
+ return NULL;
}
--- httpd-2.2.6/modules/ssl/ssl_private.h.ssllibver
+++ httpd-2.2.6/modules/ssl/ssl_private.h
@@ -648,7 +648,7 @@ void ssl_die(void);
void ssl_log_ssl_error(const char *, int, int, server_rec *);
/** Variables */
-void ssl_var_register(void);
+void ssl_var_register(apr_pool_t *p);
char *ssl_var_lookup(apr_pool_t *, server_rec *, conn_rec *, request_rec *, char *);
const char *ssl_ext_lookup(apr_pool_t *p, conn_rec *c, int peer, const char *oid);
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/httpd/F-7/.cvsignore,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- .cvsignore 26 Jun 2007 13:48:30 -0000 1.19
+++ .cvsignore 18 Sep 2007 13:34:14 -0000 1.20
@@ -1,2 +1,4 @@
httpd-2.2.4.tar.gz
httpd-2.2.4
+httpd-2.2.6
+clog
Index: httpd.spec
===================================================================
RCS file: /cvs/extras/rpms/httpd/F-7/httpd.spec,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -r1.109 -r1.110
--- httpd.spec 26 Jun 2007 13:48:30 -0000 1.109
+++ httpd.spec 18 Sep 2007 13:34:14 -0000 1.110
@@ -5,8 +5,8 @@
Summary: Apache HTTP Server
Name: httpd
-Version: 2.2.4
-Release: 4.1%{?dist}
+Version: 2.2.6
+Release: 1%{?dist}
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
Source1: index.html
@@ -36,18 +36,15 @@
Patch25: httpd-2.0.54-selinux.patch
# Bug fixes
Patch54: httpd-2.2.0-authnoprov.patch
-# Security fixes
-Patch70: httpd-2.2.3-CVE-2006-5752.patch
-Patch71: httpd-2.2.3-CVE-2007-1863.patch
-Patch72: httpd-2.2.3-CVE-2007-3304.patch
-Patch73: httpd-2.2.4-CVE-2007-1862.patch
+Patch55: httpd-2.2.4-oldflush.patch
+Patch56: httpd-2.2.6-ssllibver.patch
License: Apache Software License
Group: System Environment/Daemons
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: autoconf, perl, pkgconfig, findutils, ed
BuildRequires: db4-devel, expat-devel, zlib-devel, libselinux-devel
BuildRequires: apr-devel >= 1.2.0, apr-util-devel >= 1.2.0, pcre-devel >= 5.0
-Requires: initscripts >= 8.36
+Requires: initscripts >= 8.36, /etc/mime.types
Obsoletes: httpd-suexec
Requires(pre): /usr/sbin/useradd
Requires(post): chkconfig
@@ -117,11 +114,8 @@
%patch25 -p1 -b .selinux
%patch54 -p1 -b .authnoprov
-
-%patch70 -p1 -b .cve5752
-%patch71 -p1 -b .cve1863
-%patch72 -p1 -b .cve3304
-%patch73 -p1 -b .cve1862
+%patch55 -p1 -b .oldflush
+%patch56 -p1 -b .ssllibver
# Patch in vendor/release string
sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
@@ -471,6 +465,10 @@
%{_libdir}/httpd/build/*.sh
%changelog
+* Tue Sep 18 2007 Joe Orton <jorton at redhat.com> 2.2.6-1.fc7
+- update to 2.2.6
+- require /etc/mime.types (#249223)
+
* Tue Jun 26 2007 Joe Orton <jorton at redhat.com> 2.2.4-4.1.fc7
- add security fixes for CVE-2007-1863, CVE-2007-3304,
and CVE-2006-5752 (#244665)
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/httpd/F-7/sources,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- sources 12 Mar 2007 13:29:57 -0000 1.15
+++ sources 18 Sep 2007 13:34:14 -0000 1.16
@@ -1 +1 @@
-3add41e0b924d4bb53c2dee55a38c09e httpd-2.2.4.tar.gz
+d050a49bd7532ec21c6bb593b3473a5d httpd-2.2.6.tar.gz
--- httpd-2.2.3-CVE-2006-5752.patch DELETED ---
--- httpd-2.2.3-CVE-2007-1863.patch DELETED ---
--- httpd-2.2.3-CVE-2007-3304.patch DELETED ---
--- httpd-2.2.4-CVE-2007-1862.patch DELETED ---
More information about the fedora-extras-commits
mailing list