cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 1.2.21. This version addresses the following security flaw which

Browse Source 
effects versions 1.2.19 and 1.2.20 only:

CVE-2007-0774 A Long URL Stack Overflow Vulnerability exists in the URI
handler for the mod_jk library. When parsing a long URL request, the URI
worker map routine performs an unsafe memory copy. This results in a stack
overflow condition which can be leveraged execute arbitrary code.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774
This commit is contained in:
kurt 2007-04-06 21:18:34 +00:00
parent 86a5cd9c85
commit 671cd67169
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
www/mod_jk/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.9 2007/01/09 18:42:04 kurt Exp $
# $OpenBSD: Makefile,v 1.10 2007/04/06 21:18:34 kurt Exp $
# This port currently only works with archs supporting dynamic loading
# and has Apache that supports DSO's.
@ -6,7 +6,7 @@ SHARED_ONLY= Yes
COMMENT= "Apache-Tomcat AJP Connector"
V= 1.2.20
V= 1.2.21
DISTNAME= tomcat-connectors-${V}-src
PKGNAME= mod_jk-${V}
CATEGORIES= www

10
www/mod_jk/distinfo
View File

@ -1,5 +1,5 @@
MD5 (tomcat-connectors-1.2.20-src.tar.gz) = 8QcJM5AJs76TmNOoONnKvQ==
RMD160 (tomcat-connectors-1.2.20-src.tar.gz) = OA5s59RaLFIvuwZ5Y7fphQ/2cPw=
SHA1 (tomcat-connectors-1.2.20-src.tar.gz) = cWth/6E3Bnwd+fsbCl2B9paaGBo=
SHA256 (tomcat-connectors-1.2.20-src.tar.gz) = WmBsRDiVLoWPitkemFGb9yODPcYSI0Oaj1fkVnpQZhA=
SIZE (tomcat-connectors-1.2.20-src.tar.gz) = 1316612
MD5 (tomcat-connectors-1.2.21-src.tar.gz) = 7WUVfsvqfTVp3ghhGqFg6w==
RMD160 (tomcat-connectors-1.2.21-src.tar.gz) = P9Z6bvZMy2ql4OgrtzvsQj2U+E0=
SHA1 (tomcat-connectors-1.2.21-src.tar.gz) = d7EQ2R7w81dL90+h3TeALe82HqY=
SHA256 (tomcat-connectors-1.2.21-src.tar.gz) = NxkI8oDuujjmTc57slo5iTHBgrm5mXanuxGWqLqLj6o=
SIZE (tomcat-connectors-1.2.21-src.tar.gz) = 1334563

6
www/mod_jk/patches/patch-native_apache-1_3_Makefile_in
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-native_apache-1_3_Makefile_in,v 1.1 2007/01/09 18:42:05 kurt Exp $
$OpenBSD: patch-native_apache-1_3_Makefile_in,v 1.2 2007/04/06 21:18:34 kurt Exp $
--- native/apache-1.3/Makefile.in.orig Tue Oct 3 09:18:44 2006
+++ native/apache-1.3/Makefile.in Mon Jan 8 09:04:09 2007
@@ -25,7 +25,7 @@ BUILD_DIR = ${JK_DIR}/../build/jk/apache
+++ native/apache-1.3/Makefile.in Tue Mar 27 17:14:36 2007
@@ -25,7 +25,7 @@ BUILD_DIR = ${JK_DIR}/../build/jk/apache13
APACHE_FILES = Makefile.tmpl Makefile.libdir libjk.module
JK=../common/