- mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)

- add security fix for byterange filter DoS (CVE-2005-2728) - add security fix for C-L vs T-E handling (CVE-2005-2088) - mod_ssl: add security fix for CRL overflow (CVE-2005-1268) - mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc) - add fix for dummy connection handling (#167425) - mod_auth_digest: fix hostinfo comparison in CONNECT requests - mod_include: fix variable corruption in nested includes (upstream #12655) - mod_ssl: add fix for handling non-blocking reads - mod_ssl: fix to enable output buffering (upstream #35279) - mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)
2005-10-20 11:25:12 +00:00 · 2005-10-20 11:25:12 +00:00 · 2a6347c8db
commit 2a6347c8db
parent 0f8eb18ad2
1 changed files with 37 additions and 1 deletions
--- a/httpd.spec
+++ b/httpd.spec
@ -7,7 +7,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.0.54
-Release: 13
+Release: 14
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
 Source1: index.html
@ -50,6 +50,12 @@ Patch32: httpd-2.0.54-userdir.patch
 Patch33: httpd-2.0.54-ldapconn.patch
 Patch34: httpd-2.0.52-pipedlog1.patch
 Patch35: httpd-2.0.52-pipedlog2.patch
 Patch36: httpd-2.0.52-sslbuff.patch
 Patch37: httpd-2.0.54-include.patch
 Patch38: httpd-2.0.54-digest.patch
 Patch39: httpd-2.0.54-ldap.patch
 Patch40: httpd-2.0.54-sslnbio.patch
 Patch41: httpd-2.0.54-sslreneg.patch
 # Features/functional changes
 Patch70: httpd-2.0.48-release.patch
 Patch71: httpd-2.0.40-xfsz.patch
@ -69,6 +75,11 @@ Patch89: httpd-2.0.49-headerssl.patch
 Patch90: httpd-2.0.49-workerstack.patch
 Patch91: httpd-2.0.46-testhook.patch
 Patch92: httpd-2.0.46-dumpcerts.patch
 # Security fixes
 Patch110: httpd-2.0.52-CAN-2005-1268.patch
 Patch111: httpd-2.0.52-CAN-2005-2088.patch
 Patch112: httpd-2.0.52-CAN-2005-2700.patch
 Patch113: httpd-2.0.52-CAN-2005-2728.patch
 License: Apache Software License
 Group: System Environment/Daemons
 BuildRoot: %{_tmppath}/%{name}-root
@ -158,6 +169,11 @@ Security (TLS) protocols.
 %patch33 -p1 -b .ldapconn
 %patch34 -p1 -b .pipedlog1
 %patch35 -p1 -b .pipedlog2
 %patch36 -p1 -b .sslbuff
 %patch37 -p1 -b .include
 %patch38 -p1 -b .digest
 %patch39 -p1 -b .ldap
 %patch40 -p1 -b .sslnbio
 %patch71 -p0 -b .xfsz
 %patch72 -p1 -b .pod
@ -177,6 +193,13 @@ Security (TLS) protocols.
 %patch91 -p1 -b .testhook
 %patch92 -p1 -b .dumpcerts
 %patch41 -p1 -b .sslreneg
 %patch110 -p1 -b .can1268
 %patch111 -p1 -b .can2088
 %patch112 -p1 -b .can2700
 %patch113 -p1 -b .can2728
 # Patch in vendor/release string
 sed "s/@RELEASE@/%{vstring}/" < %{PATCH70} | patch -p1
@ -542,6 +565,19 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/httpd/build/libtool
 %changelog
 * Thu Oct 20 2005 Joe Orton <jorton@redhat.com> 2.0.54-14
 - mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)
 - add security fix for byterange filter DoS (CVE-2005-2728)
 - add security fix for C-L vs T-E handling (CVE-2005-2088)
 - mod_ssl: add security fix for CRL overflow (CVE-2005-1268)
 - mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
 - add fix for dummy connection handling (#167425)
 - mod_auth_digest: fix hostinfo comparison in CONNECT requests
 - mod_include: fix variable corruption in nested includes (upstream #12655)
 - mod_ssl: add fix for handling non-blocking reads
 - mod_ssl: fix to enable output buffering (upstream #35279)
 - mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)
 * Sat Aug 13 2005 Joe Orton <jorton@redhat.com> 2.0.54-13
 - don't load by default: mod_cern_meta, mod_asis
 - do load by default: mod_ext_filter (#165893)