Revision: 26401
http://sourceforge.net/p/gar/code/26401
Author: dmichelsen
Date: 2018-03-28 13:29:22 +0000 (Wed, 28 Mar 2018)
Log Message:
-----------
apache2/trunk: Add patches for CVE 2017 9798
Modified Paths:
--------------
csw/mgar/pkg/apache2/trunk/Makefile
Added Paths:
-----------
csw/mgar/pkg/apache2/trunk/files/0001-2.2.x-mod_proxy-without-APR_HAS_THREADS.patch
csw/mgar/pkg/apache2/trunk/files/0001-CVE-2017-9798-patch-2.2.patch
Modified: csw/mgar/pkg/apache2/trunk/Makefile
===================================================================
--- csw/mgar/pkg/apache2/trunk/Makefile 2018-03-27 09:09:26 UTC (rev 26400)
+++ csw/mgar/pkg/apache2/trunk/Makefile 2018-03-28 13:29:22 UTC (rev 26401)
@@ -53,6 +53,14 @@
PATCHFILES += 0003-Switch-usr-local-for-opt-csw-in-default-cgi-path.patch
PATCHFILES += 0004-Move-the-envvars-files-to-sysconfdir.patch
+# Reformatted patch from
+#
https://archive.apache.org/dist/httpd/patches/apply_to_2.2.34/2.2.x-mod_proxy-without-APR_HAS_THREADS.patch
+PATCHFILES += 0001-2.2.x-mod_proxy-without-APR_HAS_THREADS.patch
+
+# Reformatted patch from
+#
https://archive.apache.org/dist/httpd/patches/apply_to_2.2.34/CVE-2017-9798-patch-2.2.patch
+PATCHFILES += 0001-CVE-2017-9798-patch-2.2.patch
+
#Use Modern SOS
GARCOMPILER = SOS12U3
Added:
csw/mgar/pkg/apache2/trunk/files/0001-2.2.x-mod_proxy-without-APR_HAS_THREADS.patch
===================================================================
---
csw/mgar/pkg/apache2/trunk/files/0001-2.2.x-mod_proxy-without-APR_HAS_THREADS.patch
(rev 0)
+++
csw/mgar/pkg/apache2/trunk/files/0001-2.2.x-mod_proxy-without-APR_HAS_THREADS.patch
2018-03-28 13:29:22 UTC (rev 26401)
@@ -0,0 +1,32 @@
+From 5a9fb30cdb27a18a332cd3f0efe69bc8b8c0e966 Mon Sep 17 00:00:00 2001
+From: Dagobert Michelsen <d...@opencsw.org>
+Date: Wed, 28 Mar 2018 14:46:17 +0200
+Subject: [PATCH] 2.2.x mod_proxy without APR_HAS_THREADS
+
+---
+ modules/proxy/proxy_util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
+index 4b6b8cf..e2a06cd 100644
+--- a/modules/proxy/proxy_util.c
++++ b/modules/proxy/proxy_util.c
+@@ -1398,7 +1398,6 @@ PROXY_DECLARE(proxy_worker *)
ap_proxy_get_worker(apr_pool_t *p,
+ return max_worker;
+ }
+
+-#if APR_HAS_THREADS
+ static void socket_cleanup(proxy_conn_rec *conn)
+ {
+ conn->sock = NULL;
+@@ -1407,6 +1406,7 @@ static void socket_cleanup(proxy_conn_rec *conn)
+ apr_pool_clear(conn->scpool);
+ }
+
++#if APR_HAS_THREADS
+ static apr_status_t conn_pool_cleanup(void *theworker)
+ {
+ proxy_worker *worker = (proxy_worker *)theworker;
+--
+2.4.0
+
Added: csw/mgar/pkg/apache2/trunk/files/0001-CVE-2017-9798-patch-2.2.patch
===================================================================
--- csw/mgar/pkg/apache2/trunk/files/0001-CVE-2017-9798-patch-2.2.patch
(rev 0)
+++ csw/mgar/pkg/apache2/trunk/files/0001-CVE-2017-9798-patch-2.2.patch
2018-03-28 13:29:22 UTC (rev 26401)
@@ -0,0 +1,29 @@
+From 62e95a5567be3e16fb991ef7b01d7b939f7e4710 Mon Sep 17 00:00:00 2001
+From: Dagobert Michelsen <d...@opencsw.org>
+Date: Wed, 28 Mar 2018 14:45:24 +0200
+Subject: [PATCH] CVE 2017 9798 patch 2.2
+
+---
+ server/core.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/server/core.c b/server/core.c
+index 34afb34..926a2af 100644
+--- a/server/core.c
++++ b/server/core.c
+@@ -1809,6 +1809,12 @@ AP_CORE_DECLARE_NONSTD(const char *)
ap_limit_section(cmd_parms *cmd,
+ /* method has not been registered yet, but resorce restriction
+ * is always checked before method handling, so register it.
+ */
++ if (cmd->pool == cmd->temp_pool) {
++ /* In .htaccess, we can't globally register new methods. */
++ return apr_psprintf(cmd->pool, "Could not register method
'%s' "
++ "for %s from .htaccess configuration",
++ method, cmd->cmd->name);
++ }
+ methnum = ap_method_register(cmd->pool, method);
+ }
+
+--
+2.4.0
+
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
