rpms/httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- mod_ssl: add security fix for CVE-2005-3357 (#177914)

Browse Source 
- mod_imagemap: add security fix for CVE-2005-3352 (#177913)
- add fix for AP_INIT_* designated initializers with C++ compilers
- httpd.conf: enable HTMLTable in default IndexOptions
- httpd.conf: add more "redirect-carefully" matches for DAV clients
This commit is contained in:
jorton 2006-02-03 10:06:08 +00:00
parent ab67633ccf
commit 73a46bb6e8
2 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
httpd.conf
View File

@ -588,7 +588,7 @@ ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
# IndexOptions: Controls the appearance of server-generated directory # IndexOptions: Controls the appearance of server-generated directory
# listings. # listings.
# #
IndexOptions FancyIndexing VersionSort NameWidth=* IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
# #
# AddIcon* directives tell the server which icon to show for different # AddIcon* directives tell the server which icon to show for different
@ -887,9 +887,12 @@ BrowserMatch "JDK/1\.0" force-response-1.0
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
# #
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
# #
# Allow server status reports generated by mod_status, # Allow server status reports generated by mod_status,

19
httpd.spec
View File

@ -7,7 +7,7 @@
Summary: Apache HTTP Server Summary: Apache HTTP Server
Name: httpd Name: httpd
Version: 2.2.0 Version: 2.2.0
Release: 4 Release: 5
URL: http://httpd.apache.org/ URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
Source1: index.html Source1: index.html
@ -41,7 +41,11 @@ Patch25: httpd-2.0.54-selinux.patch
# Bug fixes # Bug fixes
Patch50: httpd-2.0.45-encode.patch Patch50: httpd-2.0.45-encode.patch
Patch51: httpd-2.2.0-headclength.patch Patch51: httpd-2.2.0-headclength.patch
patch52: httpd-2.2.0-ajpcookie.patch Patch52: httpd-2.2.0-ajpcookie.patch
Patch53: httpd-2.2.0-cppheader.patch
# Security fixes
Patch200: httpd-2.2.0-CVE-2005-3352.patch
Patch201: httpd-2.2.0-CVE-2005-3357.patch
License: Apache Software License License: Apache Software License
Group: System Environment/Daemons Group: System Environment/Daemons
BuildRoot: %{_tmppath}/%{name}-root BuildRoot: %{_tmppath}/%{name}-root
@ -121,6 +125,10 @@ Security (TLS) protocols.
%patch50 -p1 %patch50 -p1
%patch51 -p1 -b .headclength %patch51 -p1 -b .headclength
%patch52 -p1 -b .ajpcookie %patch52 -p1 -b .ajpcookie
%patch53 -p1 -b .cppheader
%patch200 -p1 -b .cve3352
%patch201 -p1 -b .cve3352
# Patch in vendor/release string # Patch in vendor/release string
sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1 sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
@ -481,6 +489,13 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/httpd/build/*.sh %{_libdir}/httpd/build/*.sh
%changelog %changelog
* Fri Feb 3 2006 Joe Orton <jorton@redhat.com> 2.2.0-5
- mod_ssl: add security fix for CVE-2005-3357 (#177914)
- mod_imagemap: add security fix for CVE-2005-3352 (#177913)
- add fix for AP_INIT_* designated initializers with C++ compilers
- httpd.conf: enable HTMLTable in default IndexOptions
- httpd.conf: add more "redirect-carefully" matches for DAV clients
* Thu Jan 5 2006 Joe Orton <jorton@redhat.com> 2.2.0-4 * Thu Jan 5 2006 Joe Orton <jorton@redhat.com> 2.2.0-4
- mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769) - mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)