Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 352658 Details for
Bug 466502
<www-servers/apache-2.2.25: mod_rewrite allows terminal escape sequences to be written to the log file (CVE-2013-1862)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
A modified ebuild of version 2.2.24 which applies files/mod_rewrite-CVE-2013-1862.patch
apache-2.2.24.ebuild (text/plain), 3.13 KB, created by
J.O. Aho
on 2013-07-05 05:42:01 UTC
(
hide
)
Description:
A modified ebuild of version 2.2.24 which applies files/mod_rewrite-CVE-2013-1862.patch
Filename:
MIME Type:
Creator:
J.O. Aho
Created:
2013-07-05 05:42:01 UTC
Size:
3.13 KB
patch
obsolete
># Copyright 1999-2013 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 ># $Header: /var/cvsroot/gentoo-x86/www-servers/apache/apache-2.2.24.ebuild,v 1.13 2013/04/11 09:24:14 polynomial-c Exp $ > >EAPI="2" > >WANT_AUTOMAKE="1.11" > ># latest gentoo apache files >GENTOO_PATCHSTAMP="20121012" >GENTOO_DEVELOPER="patrick" >GENTOO_PATCHNAME="gentoo-apache-2.2.23" > ># IUSE/USE_EXPAND magic >IUSE_MPMS_FORK="itk peruser prefork" >IUSE_MPMS_THREAD="event worker" > >IUSE_MODULES="actions alias asis auth_basic auth_digest authn_alias authn_anon >authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default >authz_groupfile authz_host authz_owner authz_user autoindex cache cern_meta >charset_lite cgi cgid dav dav_fs dav_lock dbd deflate dir disk_cache dumpio >env expires ext_filter file_cache filter headers ident imagemap include info >log_config log_forensic logio mem_cache mime mime_magic negotiation proxy >proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_http proxy_scgi rewrite >reqtimeout setenvif speling status substitute unique_id userdir usertrack >version vhost_alias" ># The following are also in the source as of this version, but are not available ># for user selection: ># bucketeer case_filter case_filter_in echo http isapi optional_fn_export ># optional_fn_import optional_hook_export optional_hook_import > ># inter-module dependencies ># TODO: this may still be incomplete >MODULE_DEPENDS=" > dav_fs:dav > dav_lock:dav > deflate:filter > disk_cache:cache > ext_filter:filter > file_cache:cache > log_forensic:log_config > logio:log_config > mem_cache:cache > mime_magic:mime > proxy_ajp:proxy > proxy_balancer:proxy > proxy_connect:proxy > proxy_ftp:proxy > proxy_http:proxy > proxy_scgi:proxy > substitute:filter >" > ># module<->define mappings >MODULE_DEFINES=" > auth_digest:AUTH_DIGEST > authnz_ldap:AUTHNZ_LDAP > cache:CACHE > dav:DAV > dav_fs:DAV > dav_lock:DAV > disk_cache:CACHE > file_cache:CACHE > info:INFO > ldap:LDAP > mem_cache:CACHE > proxy:PROXY > proxy_ajp:PROXY > proxy_balancer:PROXY > proxy_connect:PROXY > proxy_ftp:PROXY > proxy_http:PROXY > ssl:SSL > status:STATUS > suexec:SUEXEC > userdir:USERDIR >" > ># critical modules for the default config >MODULE_CRITICAL=" > authz_host > dir > mime >" > >inherit apache-2 > >DESCRIPTION="The Apache Web Server." >HOMEPAGE="http://httpd.apache.org/" > ># some helper scripts are Apache-1.1, thus both are here >LICENSE="Apache-2.0 Apache-1.1" >SLOT="2" >KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" >IUSE="" > >DEPEND="${DEPEND} > >=dev-libs/openssl-0.9.8m > apache2_modules_deflate? ( sys-libs/zlib )" > ># dependency on >=dev-libs/apr-1.4.5 for bug #368651 >RDEPEND="${RDEPEND} > >=dev-libs/apr-1.4.5 > >=dev-libs/openssl-0.9.8m > apache2_modules_mime? ( app-misc/mime-types )" > ># init script fixup - should be rolled into next tarball #389965 >src_prepare() { > apache-2_src_prepare > epatch "${FILESDIR}/mod_rewrite-CVE-2013-1862.patch" || die "Failed to patch mod_rewrite CVE-2013-1862" > sed -i -e 's/! test -f/test -f/' "${GENTOO_PATCHDIR}"/init/apache2.initd || die "Failed to fix init script" > cp "${FILESDIR}"/2.2.22-envvars-std.in "${S}"/support/envvars-std.in || die "Failed to apply LD_PRELOAD fix" >}
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 466502
: 352658