diff options
| author | dinoex <dinoex@FreeBSD.org> | 2005-12-14 23:52:42 +0800 |
|---|---|---|
| committer | dinoex <dinoex@FreeBSD.org> | 2005-12-14 23:52:42 +0800 |
| commit | f53d13ed4e8666b20077cfb8312b4880e3a4b3ed (patch) | |
| tree | 461a4dcc69b02a302b3eb0aa2d49de9bdb530ffa /www | |
| parent | 831403ed98d545a65d1a5c1bfa0de86404adf8df (diff) | |
| download | freebsd-ports-gnome-f53d13ed4e8666b20077cfb8312b4880e3a4b3ed.tar.gz freebsd-ports-gnome-f53d13ed4e8666b20077cfb8312b4880e3a4b3ed.tar.zst freebsd-ports-gnome-f53d13ed4e8666b20077cfb8312b4880e3a4b3ed.zip | |
- Securitry Fix
SECURITY: CVE-2005-3352 (cve.mitre.org)
Obtained from: ports
Diffstat (limited to 'www')
| -rw-r--r-- | www/apache13-modssl/Makefile | 2 | ||||
| -rw-r--r-- | www/apache13-modssl/files/patch-secfix-CAN-2005-3352 | 35 |
2 files changed, 36 insertions, 1 deletions
diff --git a/www/apache13-modssl/Makefile b/www/apache13-modssl/Makefile index df9e8b88d39c..0ab8779761ea 100644 --- a/www/apache13-modssl/Makefile +++ b/www/apache13-modssl/Makefile @@ -7,7 +7,7 @@ PORTNAME= apache+mod_ssl PORTVERSION= ${VERSION_APACHE}+${VERSION_MODSSL} -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES?= www security MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} \ ${MASTER_SITES_MODSSL:S/$/:mod_ssl/} \ diff --git a/www/apache13-modssl/files/patch-secfix-CAN-2005-3352 b/www/apache13-modssl/files/patch-secfix-CAN-2005-3352 new file mode 100644 index 000000000000..8febc0e58935 --- /dev/null +++ b/www/apache13-modssl/files/patch-secfix-CAN-2005-3352 @@ -0,0 +1,35 @@ +--- src/main/util.c (original) ++++ src/main/util.c Mon Dec 12 08:36:54 2005 +@@ -1722,6 +1722,8 @@ + j += 3; + else if (s[i] == '&') + j += 4; ++ else if (s[i] == '"') ++ j += 5; + + if (j == 0) + return ap_pstrndup(p, s, i); +@@ -1739,6 +1741,10 @@ + else if (s[i] == '&') { + memcpy(&x[j], "&", 5); + j += 4; ++ } ++ else if (s[i] == '"') { ++ memcpy(&x[j], """, 6); ++ j += 5; + } + else + x[j] = s[i]; + +--- src/modules/standard/mod_imap.c (original) ++++ src/modules/standard/mod_imap.c Mon Dec 12 08:36:54 2005 +@@ -328,7 +328,7 @@ + if (!strcasecmp(value, "referer")) { + referer = ap_table_get(r->headers_in, "Referer"); + if (referer && *referer) { +- return ap_pstrdup(r->pool, referer); ++ return ap_escape_html(r->pool, referer); + } + else { + /* XXX: This used to do *value = '\0'; ... which is totally bogus + |