bh: server/apache cve-2006-3747.patch, NONE, 1.1.2.1 kolab.patch, 1.5.2.4, 1.5.2.5 Makefile, 1.16.2.5, 1.16.2.6
cvs at kolab.org
cvs at kolab.org
Fri Aug 11 18:10:10 CEST 2006
Author: bh
Update of /kolabrepository/server/apache
In directory doto:/tmp/cvs-serv10765/apache
Modified Files:
Tag: kolab_2_0_branch
kolab.patch Makefile
Added Files:
Tag: kolab_2_0_branch
cve-2006-3747.patch
Log Message:
Add a patch with a security fix (CVE-2006-3747).
New apache package version
--- NEW FILE: cve-2006-3747.patch ---
Index: apache_1.3.33/src/modules/standard/mod_rewrite.c
--- apache_1.3.33/src/modules/standard/mod_rewrite.c.orig 2004-10-27 16:23:04 +0200
+++ apache_1.3.33/src/modules/standard/mod_rewrite.c 2006-07-27 19:28:17 +0200
@@ -2735,7 +2735,7 @@
int c = 0;
token[0] = cp = ap_pstrdup(p, cp);
- while (*cp && c < 5) {
+ while (*cp && c < 4) {
if (*cp == '?') {
token[++c] = cp + 1;
*cp = '\0';
Index: kolab.patch
===================================================================
RCS file: /kolabrepository/server/apache/kolab.patch,v
retrieving revision 1.5.2.4
retrieving revision 1.5.2.5
diff -u -d -r1.5.2.4 -r1.5.2.5
--- kolab.patch 6 Jan 2006 14:58:36 -0000 1.5.2.4
+++ kolab.patch 11 Aug 2006 16:10:08 -0000 1.5.2.5
@@ -1,15 +1,15 @@
---- ../apache.orig/apache.spec 2005-12-03 18:51:46.000000000 +0100
-+++ apache.spec 2005-12-19 13:50:36.000000000 +0100
-@@ -65,7 +65,7 @@ Class: BASE
+--- apache.spec.orig 2006-08-11 14:46:27.797248675 +0200
++++ apache.spec 2006-08-11 14:48:06.187439457 +0200
+@@ -65,7 +65,7 @@
Group: Web
License: ASF
Version: %{V_apache}
-Release: 2.4.5
-+Release: 2.4.5_kolab
++Release: 2.4.5_kolab2
# package options (suexec related)
%option with_suexec yes
-@@ -215,6 +215,10 @@ Patch2: apache.patch.php
+@@ -215,6 +215,11 @@
Patch3: http://www.hardened-php.net/hardened-php-%{V_mod_php_hardened}.patch.gz
Patch4: apache.patch.modssl
Patch5: apache.patch.suphp
@@ -17,10 +17,19 @@
+Patch7: php-getacl-backport.patch
+Patch8: php-imap-annotation.patch
+Patch9: php-imap-status-current.patch
++Patch10: cve-2006-3747.patch
# build information
Prefix: %{l_prefix}
-@@ -529,6 +533,9 @@ AutoReqProv: no
+@@ -495,6 +500,7 @@
+ # unpack Apache distribution
+ %setup -q -c
+ %patch -p0
++ %patch -p0 -P 10
+ %{l_shtool} subst \
+ -e 's;"Unix";"%{l_openpkg_release -F "OpenPKG/%%s"}";g' \
+ apache_%{V_apache}/src/os/unix/os.h
+@@ -529,6 +535,9 @@
%if "%{with_mod_php_hardened}" == "yes"
%patch -p1 -P 3
%endif
@@ -30,7 +39,7 @@
) || exit $?
%endif
%if "%{with_mod_dav}" == "yes"
-@@ -563,6 +570,7 @@ AutoReqProv: no
+@@ -563,6 +572,7 @@
%endif
%if "%{with_mod_auth_ldap}" == "yes"
%setup -q -T -D -a 14
Index: Makefile
===================================================================
RCS file: /kolabrepository/server/apache/Makefile,v
retrieving revision 1.16.2.5
retrieving revision 1.16.2.6
diff -u -d -r1.16.2.5 -r1.16.2.6
--- Makefile 11 Jan 2006 04:42:40 -0000 1.16.2.5
+++ Makefile 11 Aug 2006 16:10:08 -0000 1.16.2.6
@@ -11,7 +11,7 @@
PACKAGE=apache
VERSION=1.3.33
RELEASE=2.4.5
-KOLABRELEASE=2.4.5_kolab
+KOLABRELEASE=2.4.5_kolab2
RPM=/kolab/bin/openpkg rpm
KOLABPKGURI:=`/kolab/bin/openpkg register -R $(KOLABPKGURI)`
@@ -20,6 +20,7 @@
$(RPM) -ihv $(PACKAGE)-$(VERSION)-$(RELEASE).src.rpm
cp $(KOLABCVSDIR)/mod_auth_ldap.patch $(KOLABRPMSRC)/$(PACKAGE)/
+ cp $(KOLABCVSDIR)/cve-2006-3747.patch $(KOLABRPMSRC)/$(PACKAGE)/
cp $(KOLABCVSDIR)/../php/php-getacl-backport.patch $(KOLABRPMSRC)/$(PACKAGE)/
cp $(KOLABCVSDIR)/../php/php-imap-annotation.patch $(KOLABRPMSRC)/$(PACKAGE)/
cp $(KOLABCVSDIR)/../php/php-imap-status-current.patch $(KOLABRPMSRC)/$(PACKAGE)/
More information about the commits
mailing list