UPDATE: www/mod_perl 1.29 -> 1.30 (CVE Security Fix)
Philip M. Gollucci
pgollucci at apache.org
Thu Apr 19 05:46:54 UTC 2007
>Submitter-Id: current-users
>Originator: Philip M. Gollucci
>Organization:
>Confidential: no
>Synopsis: UPDATE: www/mod_perl 1.29 -> 1.30 (CVE Security Fix)
>Severity: serious
>Priority: high
>Category: ports
>Class: maintainer-update
>Release: FreeBSD 6.2-PRERELEASE i386
>Environment:
System: FreeBSD piccollo.p6m7g8.net 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Mon Sep 25 02:11:28 EDT 2006 pgollucci at piccollo.p6m7g8.net:/usr/obj/usr/src/sys/PICCOLLO i386
>Description:
Update to 1.30
Changes:
http://perl.apache.org/dist/mod_perl-1.0-current/Changes
CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
>How-To-Repeat:
>Fix:
Upgrade.
I know there still some portlint issues, and
ports/74907: [PATCH] www/mod_perl: cleanups
was filed previously, but I'd like to see this go first so security upgrades
are easier.
Also, erwin@ (CC'ed) hinted I should take maintainership of this port on efnet
about 3 months ago. So I've finally gotten around to to doing that.
Once this goes in, I'll circle back and review the above PR and portlint errors.
--- mod_perl.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/www/mod_perl/Makefile,v
retrieving revision 1.33
diff -u -r1.33 Makefile
--- Makefile 8 Sep 2006 10:43:15 -0000 1.33
+++ Makefile 19 Apr 2007 05:11:34 -0000
@@ -6,19 +6,18 @@
#
PORTNAME= mod_perl
-PORTVERSION= 1.29
-PORTREVISION= 2
+PORTVERSION= 1.30
CATEGORIES= www perl5
MASTER_SITES= ${MASTER_SITE_PERL_CPAN}
MASTER_SITE_SUBDIR= Apache
-MAINTAINER= apache at FreeBSD.org
+MAINTAINER= pgollucci at p6m7g8.com
COMMENT= Embeds a Perl interpreter in the Apache server
BUILD_DEPENDS= ${SITE_PERL}/LWP.pm:${PORTSDIR}/www/p5-libwww
RUN_DEPENDS= ${BUILD_DEPENDS}
-USE_APACHE= YES
+USE_APACHE= yes
PERL_CONFIGURE= yes
CONFIGURE_ARGS+= USE_APXS=1 EVERYTHING=1 INSTALLSITELIB=${SITE_PERL} \
INSTALLSITEARCH=${SITE_PERL}/${PERL_ARCH} \
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/www/mod_perl/distinfo,v
retrieving revision 1.11
diff -u -r1.11 distinfo
--- distinfo 24 Jan 2006 03:13:27 -0000 1.11
+++ distinfo 19 Apr 2007 05:11:34 -0000
@@ -1,3 +1,3 @@
-MD5 (mod_perl-1.29.tar.gz) = 1491931790509b9af06fc037d02b0e7a
-SHA256 (mod_perl-1.29.tar.gz) = b401efaa105dd5f82d6e61f0efa372d4018db15e0748ca34a52d8daa209dea6b
-SIZE (mod_perl-1.29.tar.gz) = 378877
+MD5 (mod_perl-1.30.tar.gz) = bfd6f6cff1ab1cc3dbb58a236701d169
+SHA256 (mod_perl-1.30.tar.gz) = af6e1380a9197750b2d443f02a7a0dba3586c3fc0c8269beaafef09159184a08
+SIZE (mod_perl-1.30.tar.gz) = 389029
Index: files/patch-Makefile.PL
===================================================================
RCS file: /home/ncvs/ports/www/mod_perl/files/patch-Makefile.PL,v
retrieving revision 1.1
diff -u -r1.1 patch-Makefile.PL
--- files/patch-Makefile.PL 18 Aug 2004 19:11:12 -0000 1.1
+++ files/patch-Makefile.PL 19 Apr 2007 05:11:34 -0000
@@ -1,15 +1,14 @@
---- Makefile.PL.orig Thu Feb 15 12:39:35 2001
-+++ Makefile.PL Thu Feb 15 12:41:28 2001
-@@ -1300,7 +1300,11 @@
+--- Makefile.PL.orig Wed Apr 18 22:00:41 2007
++++ Makefile.PL Wed Apr 18 22:01:40 2007
+@@ -1380,7 +1380,10 @@
my $string = $self->MM::install;
my $add = "";
- if($USE_APXS) {
-- $add = "apxs_install";
-+# XXX The FreeBSD port for mod_perl takes care of installing libperl.so
-+# itself via the pkg-install script.
-+#
-+# $add = "apxs_install";
-+ print "Disabling apxs_install target; deferred to pkg-install\n";
+ if ($USE_APXS) {
+- $add = "apxs_install";
++ # XXX The FreeBSD port for mod_perl takes care of installing libperl.so
++ # itself via the pkg-install script.
++ #
++ # $add = "apxs_install";
}
- elsif ($win32_auto and $win32_args{INSTALL_DLL}) {
- $add = 'amp_install';
+ elsif ($win32_auto and
+ ($win32_args{INSTALL_DLL} or $win32_args{INSTALL_LIB})) {
--- mod_perl.diff ends here ---
More information about the freebsd-apache
mailing list