Changeset 1505 for trunk/server/fedora/specs

Timestamp:

Mar 11, 2010, 6:29:29 AM (14 years ago)

Author:

mitchb

Message:

CVE-2010-0434: Putting the "Patch" in "Apache" since... well, 2010

File:

• trunk/server/fedora/specs/httpd.spec.patch (modified) (5 diffs)

trunk/server/fedora/specs/httpd.spec.patch

@@ -1 +1 @@
 --- httpd.spec.orig     2010-02-28 05:01:55.000000000 -0500
-+++ httpd.spec  2010-02-28 05:03:44.000000000 -0500
++++ httpd.spec  2010-03-11 05:30:54.000000000 -0500
 @@ -7,7 +7,7 @@
  Summary: Apache HTTP Server
@@ -10 +10 @@
  Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
  Source1: index.html
-@@ -57,6 +57,13 @@
+@@ -57,6 +57,14 @@
  Conflicts: pcre < 4.0
  Requires: httpd-tools = %{version}-%{release}, apr-util-ldap
@@ -20 +20 @@
 +Patch1005: httpd-2.2.x-mod_ssl-sessioncaching.patch
 +Patch1006: httpd-suexec-cloexec.patch
++Patch1007: httpd-2.2.x-CVE-2010-0434.patch
 +
  %description
  The Apache HTTP Server is a powerful, efficient, and extensible
  web server.
-@@ -104,6 +111,7 @@
+@@ -104,6 +112,7 @@
  Requires(post): openssl >= 0.9.7f-4, /bin/cat
  Requires(pre): httpd
@@ -32 +33 @@
  
  %description -n mod_ssl
-@@ -133,6 +141,12 @@
+@@ -133,6 +142,13 @@
  # Patch in vendor/release string
  sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
@@ -41 +42 @@
 +%patch1005 -p1 -b .ssl-sessioncache
 +%patch1006 -p1 -b .cloexec
++%patch1007 -p1 -b .cve-2010-0434
 +
  # Safety check: prevent build if defined MMN does not equal upstream MMN.
  vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
  if test "x${vmmn}" != "x%{mmn}"; then
-@@ -181,10 +195,12 @@
+@@ -181,10 +197,12 @@
          --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
         --enable-suexec --with-suexec \