source: trunk/server/fedora/specs/httpd.spec.patch @ 1535

Last change on this file since 1535 was 1505, checked in by mitchb, 13 years ago
CVE-2010-0434: Putting the "Patch" in "Apache" since... well, 2010
File size: 2.1 KB

  • httpd.spec

    old new  
    77Summary: Apache HTTP Server
    88Name: httpd
    99Version: 2.2.14
    10 Release: 1%{?dist}
     10Release: 1.scripts.%{scriptsversion}%{?dist}
    1111URL: http://httpd.apache.org/
    1212Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
    1313Source1: index.html
     
    5757Conflicts: pcre < 4.0
    5858Requires: httpd-tools = %{version}-%{release}, apr-util-ldap
    5959
     60Provides: scripts-httpd
     61Patch1000: httpd-suexec-scripts.patch
     62Patch1003: httpd-2.2.x-mod_status-security.patch
     63Patch1004: httpd-2.2.x-304.patch
     64Patch1005: httpd-2.2.x-mod_ssl-sessioncaching.patch
     65Patch1006: httpd-suexec-cloexec.patch
     66Patch1007: httpd-2.2.x-CVE-2010-0434.patch
     67
    6068%description
    6169The Apache HTTP Server is a powerful, efficient, and extensible
    6270web server.
     
    104112Requires(post): openssl >= 0.9.7f-4, /bin/cat
    105113Requires(pre): httpd
    106114Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmn}
     115Provides: scripts-mod_ssl
    107116Obsoletes: stronghold-mod_ssl
    108117
    109118%description -n mod_ssl
     
    133142# Patch in vendor/release string
    134143sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
    135144
     145%patch1000 -p1 -b .scripts
     146%patch1003 -p1 -b .permitstatus
     147%patch1004 -p1 -b .scripts-304
     148%patch1005 -p1 -b .ssl-sessioncache
     149%patch1006 -p1 -b .cloexec
     150%patch1007 -p1 -b .cve-2010-0434
     151
    136152# Safety check: prevent build if defined MMN does not equal upstream MMN.
    137153vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
    138154if test "x${vmmn}" != "x%{mmn}"; then
     
    181197        --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
    182198        --enable-suexec --with-suexec \
    183199        --with-suexec-caller=%{suexec_caller} \
    184         --with-suexec-docroot=%{contentdir} \
     200        --with-suexec-docroot=/ \
     201        --with-suexec-userdir=web_scripts \
     202        --with-suexec-trusteddir=/usr/libexec/scripts-trusted \
    185203        --with-suexec-logfile=%{_localstatedir}/log/httpd/suexec.log \
    186204        --with-suexec-bin=%{_sbindir}/suexec \
    187         --with-suexec-uidmin=500 --with-suexec-gidmin=100 \
     205        --with-suexec-uidmin=50 --with-suexec-gidmin=50 \
    188206        --enable-pie \
    189207        --with-pcre \
    190208        $*
Note: See TracBrowser for help on using the repository browser.