ports/52768: [PATCH] SECURITY-UPDATE Apache2 to 2.0.46
öÎ Àî
delphij at hotmail.com
Wed May 28 19:30:08 UTC 2003
>Number: 52768
>Category: ports
>Synopsis: [PATCH] SECURITY-UPDATE Apache2 to 2.0.46
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed May 28 12:30:03 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Xin LI <delphij at frontfree.net>
>Release: FreeBSD 4.8-STABLE i386
>Organization:
Frontfree Technology Network
>Environment:
System: FreeBSD ftp.cn.netbsd.org 4.8-STABLE FreeBSD 4.8-STABLE #129: Thu
May 8 00:48:00 CST 2003 delphij at ftp.cn.netbsd.org:/usr/obj/usr/src/sys/FTP
i386
>Description:
Apache 2.0 versions 2.0.37 through 2.0.45 can be caused to crash in certain
circumstances. This can be triggered remotely through mod_dav and possibly
other mechanisms. The crash was originally reported by David Endler
<DEndler at iDefense.com> and was researched and fixed by Joe Orton
<jorton at redhat.com>. Specific details and an analysis of the crash will be
published Friday, May 30. No more specific information is disclosed at this
time, but all Apache 2.0 users are encouraged to upgrade now.
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245]
Apache 2.0 versions 2.0.40 through 2.0.45 on Unix platforms were vulnerable
to a denial-of-service attack on the basic authentication module, which was
reported by John Hughes <john.hughes at entegrity.com>. A bug in the
configuration scripts caused the apr_password_validate() function to be
thread-unsafe on platforms with crypt_r(), including AIX and Linux. All
versions of Apache 2.0 have this thread-safety problem on platforms with no
crypt_r() and no thread-safe crypt(), such as Mac OS X and possibly others.
When using a threaded MPM (which is not the default on these platforms),
this allows remote attackers to create a denial of service which causes
valid usernames and passwords for Basic Authentication to fail until Apache
is restarted. We do not believe this bug could allow unauthorized users to
gain access to protected resources.
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0189]
>How-To-Repeat:
>Fix:
I believe the current maintainer will fix this issue, but because of this
is an emergency security update, I would like this patch to be applied if
the maintainer is busy. I have tested this under FreeBSD 4-STABLE and
5-CURRENT. Hope this is helpful and be merged into the 5.1-RELEASE. Thanks.
Patch updates the port:
diff -ruN apache2.orig/Makefile apache2/Makefile
--- apache2.orig/Makefile Thu Apr 17 05:33:58 2003
+++ apache2/Makefile Thu May 29 02:40:53 2003
@@ -6,7 +6,7 @@
#
PORTNAME= apache
-PORTVERSION= 2.0.45
+PORTVERSION= 2.0.46
CATEGORIES= www ipv6
MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD}
DISTNAME= httpd-${PORTVERSION}
diff -ruN apache2.orig/distinfo apache2/distinfo
--- apache2.orig/distinfo Fri Apr 4 10:36:57 2003
+++ apache2/distinfo Thu May 29 02:41:47 2003
@@ -1,2 +1,2 @@
-MD5 (httpd-2.0.45.tar.gz) = 1f33e9a2e2de06da190230fa72738d75
+MD5 (httpd-2.0.46.tar.gz) = ff682f82f0808eb01df60824d959ebe8
MD5 (powerlogo.gif) = 0f106073b3c7844cf22d4df126b27c62
diff -ruN apache2.orig/files/patch-configure apache2/files/patch-configure
--- apache2.orig/files/patch-configure Fri Apr 4 10:36:57 2003
+++ apache2/files/patch-configure Thu May 29 03:12:58 2003
@@ -1,5 +1,5 @@
---- configure.orig Mon Mar 31 16:48:51 2003
-+++ configure Thu Apr 3 21:18:08 2003
+--- configure.orig Thu May 29 03:07:55 2003
++++ configure Thu May 29 03:12:31 2003
@@ -1513,7 +1513,7 @@
$srcdir/config.layout > $pldconf
layout_name=$LAYOUT
@@ -9,25 +9,25 @@
for var in prefix exec_prefix bindir sbindir libexecdir mandir \
sysconfdir datadir errordir iconsdir htdocsdir cgidir \
includedir localstatedir runtimedir logfiledir libdir \ -@@
-2613,7 +2613,7 @@
- ac_sub_cache_file="$ac_popdir/$cache_file" ;;
- esac
+@@ -2627,7 +2627,7 @@
+ done
-- if eval $SHELL $ac_abs_srcdir/configure $ac_configure_args
--cache-file=$ac_sub_cache_file --srcdir=$ac_abs_srcdir $apache_apr_flags
--prefix=$prefix --exec-prefix=$exec_prefix --libdir=$libdir
--includedir=$includedir --bindir=$bindir --datadir=$datadir
--with-installbuilddir=$installbuilddir
-+ if eval $SHELL $ac_abs_srcdir/configure
-+ $ac_configure_args --cache-file=$ac_sub_cache_file
-+ --srcdir=$ac_abs_srcdir $apache_apr_flags --prefix=$prefix
-+ --exec-prefix=$exec_prefix --libdir=$libdir --includedir=$includedir
-+ --bindir=$libdir --datadir=$datadir
-+ --with-installbuilddir=$installbuilddir
+
+- if eval $SHELL $ac_abs_srcdir/configure $apr_configure_args
--cache-file=$ac_sub_cache_file --srcdir=$ac_abs_srcdir $apache_apr_flags
--prefix=$prefix --exec-prefix=$exec_prefix --libdir=$libdir
--includedir=$includedir --bindir=$bindir --datadir=$datadir
--with-installbuilddir=$installbuilddir
++ if eval $SHELL $ac_abs_srcdir/configure
++ $apr_configure_args --cache-file=$ac_sub_cache_file
--srcdir=$ac_abs_srcdir $apache_apr_flags --prefix=$prefix
--exec-prefix=$exec_prefix --libdir=$libdir --includedir=$includedir
--bindir=$libdir --datadir=$datadir --with-installbuilddir=$installbuilddir
then :
echo "srclib/apr configured properly"
else
-@@ -2888,7 +2888,7 @@
- ac_sub_cache_file="$ac_popdir/$cache_file" ;;
- esac
+@@ -2928,7 +2928,7 @@
+ done
+
-- if eval $SHELL $ac_abs_srcdir/configure $ac_configure_args
--cache-file=$ac_sub_cache_file --srcdir=$ac_abs_srcdir --with-apr=../apr
--prefix=$prefix --exec-prefix=$exec_prefix --libdir=$libdir
--includedir=$includedir --bindir=$bindir
-+ if eval $SHELL $ac_abs_srcdir/configure
-+ $ac_configure_args --cache-file=$ac_sub_cache_file
--srcdir=$ac_abs_srcdir --with-apr=../apr --prefix=$prefix
--exec-prefix=$exec_prefix --libdir=$libdir --includedir=$includedir
--bindir=$libdir
+- if eval $SHELL $ac_abs_srcdir/configure $apr_configure_args
--cache-file=$ac_sub_cache_file --srcdir=$ac_abs_srcdir --with-apr=../apr
--prefix=$prefix --exec-prefix=$exec_prefix --libdir=$libdir
--includedir=$includedir --bindir=$bindir
++ if eval $SHELL $ac_abs_srcdir/configure
++ $apr_configure_args --cache-file=$ac_sub_cache_file
--srcdir=$ac_abs_srcdir --with-apr=../apr --prefix=$prefix
--exec-prefix=$exec_prefix --libdir=$libdir --includedir=$includedir
--bindir=$libdir
then :
echo "srclib/apr-util configured properly"
else
-@@ -15634,6 +15634,9 @@
+@@ -15719,6 +15719,9 @@
cat >>confdefs.h <<_ACEOF
#define SERVER_CONFIG_FILE "${rel_sysconfdir}/${progname}.conf"
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list