From 4daf2ccd25d7e09488a326b04e37ee6c00643e09 Mon Sep 17 00:00:00 2001 From: steven Date: Wed, 19 Sep 2007 05:47:36 +0000 Subject: [PATCH] SECURITY update to 2.2.6 fixes various vulnerabilities: CVE-2007-3847, CVE-2007-1863, CVE-2007-3304, CVE-2006-5752, CVE-2007-1862 more details can be found at: http://www.apache.org/dist/httpd/CHANGES_2.2.6 ok merdely@ --- www/apache-httpd/Makefile | 6 ++--- www/apache-httpd/distinfo | 10 +++---- www/apache-httpd/patches/patch-configure | 8 +++--- .../patches/patch-docs_man_htdigest_1 | 10 +++---- .../patches/patch-docs_man_htpasswd_1 | 14 +++++----- .../patches/patch-docs_man_httpd_8 | 10 +++---- .../patches/patch-server_mpm_common_c | 14 +++++----- www/apache-httpd/pkg/PLIST | 27 ++++++------------- 8 files changed, 44 insertions(+), 55 deletions(-) diff --git a/www/apache-httpd/Makefile b/www/apache-httpd/Makefile index 2ef817864e3..afab5ef515a 100644 --- a/www/apache-httpd/Makefile +++ b/www/apache-httpd/Makefile @@ -1,9 +1,9 @@ -# $OpenBSD: Makefile,v 1.15 2007/09/06 07:33:53 merdely Exp $ +# $OpenBSD: Makefile,v 1.16 2007/09/19 05:47:36 steven Exp $ COMMENT= apache HTTP server -V= 2.2.4 -PKGNAME= apache-httpd-${V}p0 +V= 2.2.6 +PKGNAME= apache-httpd-${V} DISTNAME= httpd-${V} CATEGORIES= www net diff --git a/www/apache-httpd/distinfo b/www/apache-httpd/distinfo index c59e0402848..b633bd0f838 100644 --- a/www/apache-httpd/distinfo +++ b/www/apache-httpd/distinfo @@ -1,5 +1,5 @@ -MD5 (httpd-2.2.4.tar.gz) = Ot1B4Lkk1LtTwt7lWjjAng== -RMD160 (httpd-2.2.4.tar.gz) = UGqvwpURIsyHHcxKDycEoaYSeFc= -SHA1 (httpd-2.2.4.tar.gz) = fCj8npb2Uj9NLp2ui757h+0MGoo= -SHA256 (httpd-2.2.4.tar.gz) = 2soTebRW4BOc0V75DIdu2SY4zYYgeZ8BHTYQZXYdqXo= -SIZE (httpd-2.2.4.tar.gz) = 6365535 +MD5 (httpd-2.2.6.tar.gz) = 0FCkm9dTLsIca7WTs0c6XQ== +RMD160 (httpd-2.2.6.tar.gz) = N5Ab20wQN+ah0qdfZgZHfw5yYno= +SHA1 (httpd-2.2.6.tar.gz) = D+vIhMt5D7FDEXh+Q/BLtZKWWwk= +SHA256 (httpd-2.2.6.tar.gz) = PnZEFTkS1Ax8VDsUkZVEKWpP2MHZDl1xg/ftfZNwLyU= +SIZE (httpd-2.2.6.tar.gz) = 6028951 diff --git a/www/apache-httpd/patches/patch-configure b/www/apache-httpd/patches/patch-configure index 9c5d639ba81..bf6a78b7b6a 100644 --- a/www/apache-httpd/patches/patch-configure +++ b/www/apache-httpd/patches/patch-configure @@ -1,7 +1,7 @@ -$OpenBSD: patch-configure,v 1.2 2007/03/25 17:40:55 deanna Exp $ ---- configure.orig Sat Jan 6 01:40:00 2007 -+++ configure Sun Mar 25 13:21:03 2007 -@@ -1983,7 +1983,7 @@ do +$OpenBSD: patch-configure,v 1.3 2007/09/19 05:47:36 steven Exp $ +--- configure.orig Tue Sep 4 22:09:24 2007 ++++ configure Tue Sep 18 17:00:40 2007 +@@ -2583,7 +2583,7 @@ do ap_last="${ap_cur}" ap_cur=`eval "echo ${ap_cur}"` done diff --git a/www/apache-httpd/patches/patch-docs_man_htdigest_1 b/www/apache-httpd/patches/patch-docs_man_htdigest_1 index 7e851d1f96f..8ea8d2d76ac 100644 --- a/www/apache-httpd/patches/patch-docs_man_htdigest_1 +++ b/www/apache-httpd/patches/patch-docs_man_htdigest_1 @@ -1,12 +1,12 @@ -$OpenBSD: patch-docs_man_htdigest_1,v 1.1 2007/01/16 01:12:26 deanna Exp $ ---- docs/man/htdigest.1.orig Sun Jan 14 19:01:44 2007 -+++ docs/man/htdigest.1 Sun Jan 14 19:14:21 2007 +$OpenBSD: patch-docs_man_htdigest_1,v 1.2 2007/09/19 05:47:36 steven Exp $ +--- docs/man/htdigest.1.orig Tue Apr 24 18:18:39 2007 ++++ docs/man/htdigest.1 Tue Sep 18 17:02:08 2007 @@ -19,24 +19,24 @@ .el .ne 3 .IP "\\$1" \\$2 .. --.TH "HTDIGEST" 1 "2003-11-25" "Apache HTTP Server" "htdigest" -+.TH "HTDIGEST2" 1 "2003-11-25" "Apache HTTP Server" "htdigest2" +-.TH "HTDIGEST" 1 "2007-04-24" "Apache HTTP Server" "htdigest" ++.TH "HTDIGEST2" 1 "2007-04-24" "Apache HTTP Server" "htdigest2" .SH NAME -htdigest \- manage user files for digest authentication diff --git a/www/apache-httpd/patches/patch-docs_man_htpasswd_1 b/www/apache-httpd/patches/patch-docs_man_htpasswd_1 index 0a059c1ab0d..c74b14928a8 100644 --- a/www/apache-httpd/patches/patch-docs_man_htpasswd_1 +++ b/www/apache-httpd/patches/patch-docs_man_htpasswd_1 @@ -1,12 +1,12 @@ -$OpenBSD: patch-docs_man_htpasswd_1,v 1.2 2007/03/25 17:40:55 deanna Exp $ ---- docs/man/htpasswd.1.orig Sat Nov 20 15:16:24 2004 -+++ docs/man/htpasswd.1 Sun Mar 25 13:21:04 2007 +$OpenBSD: patch-docs_man_htpasswd_1,v 1.3 2007/09/19 05:47:36 steven Exp $ +--- docs/man/htpasswd.1.orig Tue Apr 24 18:18:39 2007 ++++ docs/man/htpasswd.1 Tue Sep 18 17:07:46 2007 @@ -19,39 +19,39 @@ .el .ne 3 .IP "\\$1" \\$2 .. --.TH "HTPASSWD" 1 "2003-11-25" "Apache HTTP Server" "htpasswd" -+.TH "HTPASSWD2" 1 "2003-11-25" "Apache HTTP Server" "htpasswd2" +-.TH "HTPASSWD" 1 "2007-04-24" "Apache HTTP Server" "htpasswd" ++.TH "HTPASSWD2" 1 "2007-04-24" "Apache HTTP Server" "htpasswd2" .SH NAME -htpasswd \- Manage user files for basic authentication @@ -117,8 +117,8 @@ $OpenBSD: patch-docs_man_htpasswd_1,v 1.2 2007/03/25 17:40:55 deanna Exp $ +Web password files such as those managed by htpasswd2 should \fInot\fR be within the Web server's URI space -- that is, they should not be fetchable with a browser\&. .PP - The use of the -b option is discouraged, since when it is used the unencrypted password appears on the command line\&. -@@ -136,10 +136,10 @@ The use of the -b option is discouraged, since when it + This program is not safe as a setuid executable\&. Do \fInot\fR make it setuid\&. +@@ -145,10 +145,10 @@ The SHA encryption format does not use salting: for a .SH "RESTRICTIONS" .PP diff --git a/www/apache-httpd/patches/patch-docs_man_httpd_8 b/www/apache-httpd/patches/patch-docs_man_httpd_8 index 9c8d65bd739..49a46de0953 100644 --- a/www/apache-httpd/patches/patch-docs_man_httpd_8 +++ b/www/apache-httpd/patches/patch-docs_man_httpd_8 @@ -1,12 +1,12 @@ -$OpenBSD: patch-docs_man_httpd_8,v 1.2 2007/03/25 17:40:55 deanna Exp $ ---- docs/man/httpd.8.orig Tue Sep 20 10:54:17 2005 -+++ docs/man/httpd.8 Sun Mar 25 13:21:04 2007 +$OpenBSD: patch-docs_man_httpd_8,v 1.3 2007/09/19 05:47:36 steven Exp $ +--- docs/man/httpd.8.orig Wed Aug 1 16:05:01 2007 ++++ docs/man/httpd.8 Tue Sep 18 17:03:33 2007 @@ -19,30 +19,30 @@ .el .ne 3 .IP "\\$1" \\$2 .. --.TH "HTTPD" 8 "2005-09-20" "Apache HTTP Server" "httpd" -+.TH "HTTPD2" 8 "2005-09-20" "Apache HTTP Server" "httpd2" +-.TH "HTTPD" 8 "2007-08-01" "Apache HTTP Server" "httpd" ++.TH "HTTPD2" 8 "2007-08-01" "Apache HTTP Server" "httpd2" .SH NAME -httpd \- Apache Hypertext Transfer Protocol Server diff --git a/www/apache-httpd/patches/patch-server_mpm_common_c b/www/apache-httpd/patches/patch-server_mpm_common_c index adbfbea8af7..1e5efdf783a 100644 --- a/www/apache-httpd/patches/patch-server_mpm_common_c +++ b/www/apache-httpd/patches/patch-server_mpm_common_c @@ -1,7 +1,7 @@ -$OpenBSD: patch-server_mpm_common_c,v 1.2 2007/03/25 17:40:55 deanna Exp $ ---- server/mpm_common.c.orig Fri Sep 15 09:19:25 2006 -+++ server/mpm_common.c Sun Mar 25 13:21:04 2007 -@@ -915,19 +915,19 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco +$OpenBSD: patch-server_mpm_common_c,v 1.3 2007/09/19 05:47:36 steven Exp $ +--- server/mpm_common.c.orig Tue Jul 17 16:48:25 2007 ++++ server/mpm_common.c Tue Sep 18 17:00:40 2007 +@@ -980,19 +980,19 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco *exit_status = 1; return 1; } @@ -24,7 +24,7 @@ $OpenBSD: patch-server_mpm_common_c,v 1.2 2007/03/25 17:40:55 deanna Exp $ otherpid); } } -@@ -951,7 +951,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco +@@ -1016,7 +1016,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco if (!strcmp(dash_k_arg, "restart")) { if (!running) { @@ -33,7 +33,7 @@ $OpenBSD: patch-server_mpm_common_c,v 1.2 2007/03/25 17:40:55 deanna Exp $ } else { *exit_status = send_signal(otherpid, SIGHUP); -@@ -961,7 +961,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco +@@ -1026,7 +1026,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco if (!strcmp(dash_k_arg, "graceful")) { if (!running) { @@ -42,7 +42,7 @@ $OpenBSD: patch-server_mpm_common_c,v 1.2 2007/03/25 17:40:55 deanna Exp $ } else { *exit_status = send_signal(otherpid, AP_SIG_GRACEFUL); -@@ -978,7 +978,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco +@@ -1043,7 +1043,7 @@ int ap_signal_server(int *exit_status, apr_pool_t *pco *exit_status = send_signal(otherpid, AP_SIG_GRACEFUL_STOP); } #else diff --git a/www/apache-httpd/pkg/PLIST b/www/apache-httpd/pkg/PLIST index 54b88fcd9a4..d189ffff5f9 100644 --- a/www/apache-httpd/pkg/PLIST +++ b/www/apache-httpd/pkg/PLIST @@ -1,4 +1,4 @@ -@comment $OpenBSD: PLIST,v 1.10 2007/09/06 07:33:53 merdely Exp $ +@comment $OpenBSD: PLIST,v 1.11 2007/09/19 05:47:36 steven Exp $ @newgroup _apache2:576 @newuser _apache2:576:576:daemon:Apache HTTP Server:/var/empty:/sbin/nologin include/apache2/ @@ -203,24 +203,8 @@ share/doc/apache2/env.html.en share/doc/apache2/env.html.ja.euc-jp share/doc/apache2/env.html.ko.euc-kr share/doc/apache2/faq/ -share/doc/apache2/faq/all_in_one.html -share/doc/apache2/faq/all_in_one.html.en -share/doc/apache2/faq/all_in_one.html.ja.euc-jp -share/doc/apache2/faq/all_in_one.html.ko.euc-kr -share/doc/apache2/faq/background.html -share/doc/apache2/faq/background.html.en -share/doc/apache2/faq/error.html -share/doc/apache2/faq/error.html.en -share/doc/apache2/faq/error.html.ja.euc-jp -share/doc/apache2/faq/error.html.ko.euc-kr share/doc/apache2/faq/index.html share/doc/apache2/faq/index.html.en -share/doc/apache2/faq/index.html.ja.euc-jp -share/doc/apache2/faq/index.html.ko.euc-kr -share/doc/apache2/faq/support.html -share/doc/apache2/faq/support.html.en -share/doc/apache2/faq/support.html.ja.euc-jp -share/doc/apache2/faq/support.html.ko.euc-kr share/doc/apache2/filter.html share/doc/apache2/filter.html.en share/doc/apache2/filter.html.es @@ -235,6 +219,7 @@ share/doc/apache2/glossary.html.ko.euc-kr share/doc/apache2/handler.html share/doc/apache2/handler.html.en share/doc/apache2/handler.html.es +share/doc/apache2/handler.html.fr share/doc/apache2/handler.html.ja.euc-jp share/doc/apache2/handler.html.ko.euc-kr share/doc/apache2/handler.html.ru.koi8-r @@ -315,6 +300,7 @@ share/doc/apache2/invoking.html share/doc/apache2/invoking.html.de share/doc/apache2/invoking.html.en share/doc/apache2/invoking.html.es +share/doc/apache2/invoking.html.fr share/doc/apache2/invoking.html.ja.euc-jp share/doc/apache2/invoking.html.ko.euc-kr share/doc/apache2/invoking.html.ru.koi8-r @@ -645,6 +631,7 @@ share/doc/apache2/mpm.html share/doc/apache2/mpm.html.de share/doc/apache2/mpm.html.en share/doc/apache2/mpm.html.es +share/doc/apache2/mpm.html.fr share/doc/apache2/mpm.html.ja.euc-jp share/doc/apache2/mpm.html.ko.euc-kr share/doc/apache2/new_features_2_0.html @@ -657,6 +644,7 @@ share/doc/apache2/new_features_2_0.html.pt-br share/doc/apache2/new_features_2_0.html.ru.koi8-r share/doc/apache2/new_features_2_2.html share/doc/apache2/new_features_2_2.html.en +share/doc/apache2/new_features_2_2.html.fr share/doc/apache2/new_features_2_2.html.ko.euc-kr share/doc/apache2/new_features_2_2.html.pt-br share/doc/apache2/platform/ @@ -769,6 +757,7 @@ share/doc/apache2/stopping.html share/doc/apache2/stopping.html.de share/doc/apache2/stopping.html.en share/doc/apache2/stopping.html.es +share/doc/apache2/stopping.html.fr share/doc/apache2/stopping.html.ja.euc-jp share/doc/apache2/stopping.html.ko.euc-kr share/doc/apache2/style/ @@ -997,6 +986,8 @@ share/examples/apache2/icons/ @sample /var/apache2/icons/ share/examples/apache2/icons/README @sample /var/apache2/icons/README +share/examples/apache2/icons/README.html +@sample /var/apache2/icons/README.html share/examples/apache2/icons/a.gif @sample /var/apache2/icons/a.gif share/examples/apache2/icons/a.png @@ -1253,8 +1244,6 @@ share/examples/apache2/icons/script.png @sample /var/apache2/icons/script.png share/examples/apache2/icons/small/ @sample /var/apache2/icons/small/ -share/examples/apache2/icons/small/README.txt -@sample /var/apache2/icons/small/README.txt share/examples/apache2/icons/small/back.gif @sample /var/apache2/icons/small/back.gif share/examples/apache2/icons/small/back.png