31f09f54a6
* Improved HTTPS cipher handling and added support for chained certificates. * Allow the source password to be undefined. There was a corner case, where a default password would have taken effect. It would require the admin to remove the 'source-password' from the icecast config to take effect. Default configs ship with the password set, so this vulnerability doesn't trigger there. * Prevent error log injection of control characters by substituting non-alphanumeric characters with a '.' (CVE-2011-4612). Injection attempts can be identified via access.log, as that stores URL encoded requests. Investigation if further logging code needs to have sanitized output is ongoing. Tested on amd64. Reads fine aja@
22 lines
767 B
Plaintext
22 lines
767 B
Plaintext
$OpenBSD: patch-configure,v 1.10 2012/09/01 17:35:54 gonzalo Exp $
|
|
--- configure.orig Mon Jun 11 14:03:18 2012
|
|
+++ configure Mon Aug 13 13:31:38 2012
|
|
@@ -13910,7 +13910,7 @@ fi
|
|
|
|
|
|
if test "x$openssl_prefix" != "x" -a "x$openssl_prefix" != "xyes"; then
|
|
- OPENSSL_LIBS="-L$openssl_prefix/lib -lssl"
|
|
+ OPENSSL_LIBS="-L$openssl_prefix/lib -lssl -lcrypto"
|
|
OPENSSL_CFLAGS="-I$openssl_prefix/include"
|
|
else
|
|
# Extract the first word of "pkg-config", so it can be a program name with args.
|
|
@@ -13963,7 +13963,7 @@ fi
|
|
else
|
|
openssl_prefix="$prefix"
|
|
fi
|
|
- OPENSSL_LIBS="-L$openssl_prefix/lib -lssl"
|
|
+ OPENSSL_LIBS="-L$openssl_prefix/lib -lssl -lcrypto"
|
|
OPENSSL_CFLAGS="-I$openssl_prefix/include"
|
|
fi
|
|
fi
|