From a52696df5e0cabaab71247e92a0f8910fe867884 Mon Sep 17 00:00:00 2001 From: jorton Date: Fri, 15 Oct 2004 15:36:49 +0000 Subject: [PATCH] - add dummy connection address fixes from HEAD - mod_ssl: add security fix for CAN-2004-0885 --- httpd.conf | 2 +- httpd.spec | 5 +++++ mkstatus.sh | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/httpd.conf b/httpd.conf index cabf318..4c9a03f 100644 --- a/httpd.conf +++ b/httpd.conf @@ -723,7 +723,7 @@ ForceLanguagePriority Prefer Fallback # of your web site, should you ever want it. Specifying it as # a default does little harm; as the standard dictates that a page # is in iso-8859-1 (latin1) unless specified otherwise i.e. you -# are merely stating the obvious. There are also some security +# are merely stating the obvious. There are also some security # reasons in browsers, related to javascript and URL parsing # which encourage you to always set a default char set. # diff --git a/httpd.spec b/httpd.spec index e451590..335c76b 100644 --- a/httpd.spec +++ b/httpd.spec @@ -68,6 +68,8 @@ Patch89: httpd-2.0.49-headerssl.patch Patch90: httpd-2.0.49-workerstack.patch Patch91: httpd-2.0.46-testhook.patch Patch92: httpd-2.0.46-dumpcerts.patch +# Security fixes +Patch120: httpd-2.0.52-CAN-2004-0885.patch License: Apache Software License Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-root @@ -178,6 +180,8 @@ executed by SSI pages) as a user other than the 'apache' user. %patch91 -p1 -b .testhook %patch92 -p1 -b .dumpcerts +%patch120 -p1 -b .can0885 + # Patch in vendor/release string sed "s/@RELEASE@/%{vstring}/" < %{PATCH70} | patch -p1 @@ -577,6 +581,7 @@ rm -rf $RPM_BUILD_ROOT %changelog * Thu Sep 28 2004 Joe Orton 2.0.52-3 - add dummy connection address fixes from HEAD +- mod_ssl: add security fix for CAN-2004-0885 * Tue Sep 28 2004 Joe Orton 2.0.52-2 - update to 2.0.52 diff --git a/mkstatus.sh b/mkstatus.sh index 5bd0cf4..242a7d8 100755 --- a/mkstatus.sh +++ b/mkstatus.sh @@ -2,7 +2,7 @@ echo '' echo '' for f in $*; do - n=${f//httpd-[0-9.]*-/} + n=${f//httpd-2\.0\.[0-9]*-/} n=${n//.patch/} s_HEAD=`grep ^Upstream-HEAD $f | sed 's/Upstream-HEAD: //'` s_20=`grep ^Upstream-2.0: $f | sed 's/Upstream-2.0: //'`