- Fix security issue in mod_rewrite.

All people using mod_rewrite are strongly encouraged to update. An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution. This issue has been rated as having important security impact by the Apache HTTP Server Security Team Updates to latest versions will follow soon. Notified by: so@ (simon) Obtained from: Apache Security Team Security: CVE-2006-3747
author: clement <clement@FreeBSD.org> 2006-07-28 04:26:29 +0800
committer: clement <clement@FreeBSD.org> 2006-07-28 04:26:29 +0800
commit: 001de23829a0a974adaceb753b9f035329efd4f0 (patch)
tree: d3cf826bbeade58d44b8d267b24485ba8d113e5d /www
parent: e8e0209ce7d753c62c0148189f6e163d5466c856 (diff)
download: freebsd-ports-gnome-001de23829a0a974adaceb753b9f035329efd4f0.tar.gz
freebsd-ports-gnome-001de23829a0a974adaceb753b9f035329efd4f0.tar.zst
freebsd-ports-gnome-001de23829a0a974adaceb753b9f035329efd4f0.zip
10 files changed, 70 insertions, 3 deletions
diff --git a/www/apache13-modperl/Makefile b/www/apache13-modperl/Makefile
index c8ba0f494da6..de68a058573f 100644
--- a/www/apache13-modperl/Makefile
+++ b/www/apache13-modperl/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	apache+mod_perl
 PORTVERSION=	${VERSION_APACHE}
+PORTREVISION=	1
 CATEGORIES=	www perl5
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD:S/$/:apache/} \
 		${MASTER_SITE_PERL_CPAN:S/$/Apache\/:modperl/}
diff --git a/www/apache13-modperl/files/patch-secfix-CVE-2006-3747 b/www/apache13-modperl/files/patch-secfix-CVE-2006-3747
new file mode 100644
index 000000000000..fc06bed772bb
--- /dev/null
+++ b/www/apache13-modperl/files/patch-secfix-CVE-2006-3747
@@ -0,0 +1,13 @@
+Index: src/modules/standard/mod_rewrite.c
+===================================================================
+--- src/modules/standard/mod_rewrite.c	(revision 421288)
++++ src/modules/standard/mod_rewrite.c	(working copy)
+@@ -2736,7 +2736,7 @@
+             int c = 0;
+ 
+             token[0] = cp = ap_pstrdup(p, cp);
+-            while (*cp && c < 5) {
++            while (*cp && c < 4) {
+                 if (*cp == '?') {
+                     token[++c] = cp + 1;
+                     *cp = '\0';
diff --git a/www/apache13-ssl/Makefile b/www/apache13-ssl/Makefile
index 868712ed3e45..ecb957853d1d 100644
--- a/www/apache13-ssl/Makefile
+++ b/www/apache13-ssl/Makefile
@@ -9,7 +9,7 @@
 
 PORTNAME=	apache+ssl
 PORTVERSION=	${APACHE_VERSION}.${APACHE_SSL_VERSION}
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	www security
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD} \
 		${MASTER_SITES_APACHE_SSL:S/$/:ssl/}
diff --git a/www/apache13-ssl/files/patch-secfix-CVE-2006-3747 b/www/apache13-ssl/files/patch-secfix-CVE-2006-3747
new file mode 100644
index 000000000000..fc06bed772bb
--- /dev/null
+++ b/www/apache13-ssl/files/patch-secfix-CVE-2006-3747
@@ -0,0 +1,13 @@
+Index: src/modules/standard/mod_rewrite.c
+===================================================================
+--- src/modules/standard/mod_rewrite.c	(revision 421288)
++++ src/modules/standard/mod_rewrite.c	(working copy)
+@@ -2736,7 +2736,7 @@
+             int c = 0;
+ 
+             token[0] = cp = ap_pstrdup(p, cp);
+-            while (*cp && c < 5) {
++            while (*cp && c < 4) {
+                 if (*cp == '?') {
+                     token[++c] = cp + 1;
+                     *cp = '\0';
diff --git a/www/apache20/Makefile b/www/apache20/Makefile
index 505503b9fae1..c4361e6c3def 100644
--- a/www/apache20/Makefile
+++ b/www/apache20/Makefile
@@ -9,7 +9,7 @@
 
 PORTNAME=	apache
 PORTVERSION=	2.0.58
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD} \
 		${MASTER_SITE_LOCAL:S/$/:powerlogo/}
diff --git a/www/apache20/files/patch-secfix-CVE-2006-3747 b/www/apache20/files/patch-secfix-CVE-2006-3747
new file mode 100644
index 000000000000..995c77d37b0c
--- /dev/null
+++ b/www/apache20/files/patch-secfix-CVE-2006-3747
@@ -0,0 +1,13 @@
+Index: modules/mappers/mod_rewrite.c
+===================================================================
+--- modules/mappers/mod_rewrite.c	(revision 424536)
++++ modules/mappers/mod_rewrite.c	(working copy)
+@@ -2906,7 +2906,7 @@
+             int c = 0;
+ 
+             token[0] = cp = apr_pstrdup(p, cp);
+-            while (*cp && c < 5) {
++            while (*cp && c < 4) {
+                 if (*cp == '?') {
+                     token[++c] = cp + 1;
+                     *cp = '\0';
diff --git a/www/apache21/Makefile b/www/apache21/Makefile
index 12d73c84e2a6..1bc458b767d4 100644
--- a/www/apache21/Makefile
+++ b/www/apache21/Makefile
@@ -9,7 +9,7 @@
 
 PORTNAME=	apache
 PORTVERSION=	2.1.9
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD} \
 		${MASTER_SITE_LOCAL:S/%SUBDIR%/clement/}:powerlogo
diff --git a/www/apache21/files/patch-secfix-CVE-2006-3747 b/www/apache21/files/patch-secfix-CVE-2006-3747
new file mode 100644
index 000000000000..b40f6d31d095
--- /dev/null
+++ b/www/apache21/files/patch-secfix-CVE-2006-3747
@@ -0,0 +1,13 @@
+Index: modules/mappers/mod_rewrite.c
+===================================================================
+--- modules/mappers/mod_rewrite.c	(revision 424536)
++++ modules/mappers/mod_rewrite.c	(working copy)
+@@ -667,7 +667,7 @@
+             int c = 0;
+ 
+             token[0] = cp = apr_pstrdup(p, cp);
+-            while (*cp && c < 5) {
++            while (*cp && c < 4) {
+                 if (*cp == '?') {
+                     token[++c] = cp + 1;
+                     *cp = '\0';
diff --git a/www/apache22/Makefile b/www/apache22/Makefile
index 63a566745990..7560ab33366e 100644
--- a/www/apache22/Makefile
+++ b/www/apache22/Makefile
@@ -9,6 +9,7 @@
 
 PORTNAME=	apache
 PORTVERSION=	2.2.2
+PORTREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD} \
 		http://apache.webthing.com/database/:aprmysql
diff --git a/www/apache22/files/patch-secfix-CVE-2006-3747 b/www/apache22/files/patch-secfix-CVE-2006-3747
new file mode 100644
index 000000000000..b40f6d31d095
--- /dev/null
+++ b/www/apache22/files/patch-secfix-CVE-2006-3747
@@ -0,0 +1,13 @@
+Index: modules/mappers/mod_rewrite.c
+===================================================================
+--- modules/mappers/mod_rewrite.c	(revision 424536)
++++ modules/mappers/mod_rewrite.c	(working copy)
+@@ -667,7 +667,7 @@
+             int c = 0;
+ 
+             token[0] = cp = apr_pstrdup(p, cp);
+-            while (*cp && c < 5) {
++            while (*cp && c < 4) {
+                 if (*cp == '?') {
+                     token[++c] = cp + 1;
+                     *cp = '\0';
author	clement <clement@FreeBSD.org>	2006-07-28 04:26:29 +0800
committer	clement <clement@FreeBSD.org>	2006-07-28 04:26:29 +0800
commit	001de23829a0a974adaceb753b9f035329efd4f0 (patch)
tree	d3cf826bbeade58d44b8d267b24485ba8d113e5d /www
parent	e8e0209ce7d753c62c0148189f6e163d5466c856 (diff)
download	freebsd-ports-gnome-001de23829a0a974adaceb753b9f035329efd4f0.tar.gz freebsd-ports-gnome-001de23829a0a974adaceb753b9f035329efd4f0.tar.zst freebsd-ports-gnome-001de23829a0a974adaceb753b9f035329efd4f0.zip