Ignore:
Timestamp:
Feb 13, 2012, 3:55:36 PM (12 years ago)
Author:
achernya
Message:
Patch httpd against some security vulnerabilities.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/fedora/specs/httpd.spec.patch

    r2066 r2134  
    1010 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
    1111 Source1: index.html
    12 @@ -54,6 +54,15 @@
     12@@ -54,6 +54,18 @@
    1313 Provides: httpd-mmn = %{mmn}, httpd-mmn = %{mmnisa}
    1414 Requires: httpd-tools = %{version}-%{release}, apr-util-ldap, systemd-units
     
    2222+Patch1007: httpd-fixup-vhost.patch
    2323+Patch1008: httpd-sysv-deps.patch
     24+Patch1009: httpd-2.2.x-CVE-2011-3607.patch
     25+Patch1010: httpd-2.2.x-CVE-2012-0053.patch
     26+Patch1011: httpd-2.2.x-CVE-2012-0031.patch
    2427+
    2528 %description
     
    5457 %patch1 -p1 -b .apctl
    5558 %patch2 -p1 -b .apxs
    56 @@ -128,6 +144,13 @@
     59@@ -128,6 +144,17 @@
    5760 # Patch in vendor/release string
    5861 sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
     
    6467+%patch1006 -p1 -b .cloexec
    6568+%patch1007 -p1 -b .fixup-vhost
     69+# Note that patch1008 is not here, as it patches the initscript elsewhere in this .spec
     70+%patch1009 -p4 -b .cve-2011-3607
     71+%patch1010 -p4 -b .cve-2012-0053
     72+%patch1011 -p4 -b .cve-2012-0031
    6673+
    6774 # Safety check: prevent build if defined MMN does not equal upstream MMN.
Note: See TracChangeset for help on using the changeset viewer.