From: Bartosz Świątek Date: Thu, 7 Mar 2013 22:23:48 +0000 (+0100) Subject: - Apache HTTPD 2.4.4 X-Git-Url: https://git.tld-linux.org/?p=packages%2Fapache.git;a=commitdiff_plain;h=a4cac23f9e06b9e3ea4f6678f43e938ad0dad931 - Apache HTTPD 2.4.4 --- diff --git a/apache-paths.patch b/apache-paths.patch index e195a15..1acf86f 100644 --- a/apache-paths.patch +++ b/apache-paths.patch @@ -1,13 +1,13 @@ ---- httpd-2.4.1/docs/cgi-examples/printenv.orig 2008-09-06 22:26:15.000000000 +0200 -+++ httpd-2.4.1/docs/cgi-examples/printenv 2012-02-22 00:03:03.259441113 +0100 +--- httpd-2.4.4/docs/cgi-examples/printenv.orig 2012-12-17 22:47:48.000000000 +0100 ++++ httpd-2.4.4/docs/cgi-examples/printenv 2013-02-28 21:05:57.651099413 +0100 @@ -1,9 +1,5 @@ -# +#!/usr/bin/perl -# To permit this cgi, replace # on the first line above with the --# appropriate #!/path/to/perl shebang, and set this script executable --# with chmod 755. +-# appropriate #!/path/to/perl shebang, and on Unix / Linux also +-# set this script executable with chmod 755. -# - # Note that it is subject to cross site scripting attacks on MS IE - # and any other browser which fails to honor RFC2616, so never use - # it in a live server environment, it is provided only for testing. + # ***** !!! WARNING !!! ***** + # This script echoes the server environment variables and therefore + # leaks information - so NEVER use it in a live server environment! diff --git a/apache-suexec_fcgi.patch b/apache-suexec_fcgi.patch index 3201f3d..06fcfef 100644 --- a/apache-suexec_fcgi.patch +++ b/apache-suexec_fcgi.patch @@ -1,6 +1,6 @@ ---- httpd-2.4.1/support/suexec.c.orig 2011-07-13 21:11:21.000000000 +0200 -+++ httpd-2.4.1/support/suexec.c 2012-02-22 00:26:17.549340557 +0100 -@@ -234,6 +234,21 @@ +--- httpd-2.4.4/support/suexec.c.orig 2012-12-03 17:33:42.000000000 +0100 ++++ httpd-2.4.4/support/suexec.c 2013-03-07 23:13:29.312581994 +0100 +@@ -240,6 +240,21 @@ environ = cleanenv; } @@ -22,7 +22,7 @@ int main(int argc, char *argv[]) { int userdir = 0; /* ~userdir flag */ -@@ -249,6 +264,7 @@ +@@ -255,6 +270,7 @@ char dwd[AP_MAXPATH]; /* docroot working directory */ struct passwd *pw; /* password entry holder */ struct group *gr; /* group entry holder */ @@ -30,7 +30,7 @@ struct stat dir_info; /* directory info holder */ struct stat prg_info; /* program info holder */ -@@ -369,8 +385,23 @@ +@@ -375,8 +391,23 @@ } else { if ((pw = getpwuid(atoi(target_uname))) == NULL) { @@ -56,41 +56,19 @@ } } -@@ -549,20 +580,24 @@ - } - - /* -- * Error out if the target name/group is different from -- * the name/group of the cwd or the program. -- */ -- if ((uid != dir_info.st_uid) || -- (gid != dir_info.st_gid) || -- (uid != prg_info.st_uid) || -- (gid != prg_info.st_gid)) { -- log_err("target uid/gid (%ld/%ld) mismatch " -- "with directory (%ld/%ld) or program (%ld/%ld)\n", -- uid, gid, -- dir_info.st_uid, dir_info.st_gid, -- prg_info.st_uid, prg_info.st_gid); -- exit(120); -+ * If not called as suexec.fcgi error out if the target -+ * name/group is different from the name/group of the cwd -+ * or the program. -+ */ +@@ -558,6 +589,7 @@ + * Error out if the target name/group is different from + * the name/group of the cwd or the program. + */ + if(strcmp(base_pathname(argv[0]),"suexec.fcgi")) { -+ if ((uid != dir_info.st_uid) || -+ (gid != dir_info.st_gid) || -+ (uid != prg_info.st_uid) || -+ (gid != prg_info.st_gid)) { -+ log_err("target uid/gid (%ld/%ld) mismatch " -+ "with directory (%ld/%ld) or program (%ld/%ld)\n", -+ uid, gid, -+ dir_info.st_uid, dir_info.st_gid, -+ prg_info.st_uid, prg_info.st_gid); -+ exit(120); -+ } + if ((uid != dir_info.st_uid) || + (gid != dir_info.st_gid) || + (uid != prg_info.st_uid) || +@@ -569,6 +601,7 @@ + (unsigned long)prg_info.st_uid, (unsigned long)prg_info.st_gid); + exit(120); } -+ ++ } /* * Error out if the program is not executable for the user. * Otherwise, she won't find any error in the logs except for diff --git a/apache.spec b/apache.spec index ba00e8a..01c5ad2 100644 --- a/apache.spec +++ b/apache.spec @@ -33,12 +33,12 @@ Summary(pt_BR.UTF-8): Servidor HTTPD para prover serviços WWW Summary(ru.UTF-8): Самый популярный веб-сервер Summary(tr.UTF-8): Lider WWW tarayıcı Name: apache -Version: 2.4.3 -Release: 5 +Version: 2.4.4 +Release: 1 License: Apache v2.0 Group: Networking/Daemons/HTTP Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz -# Source0-md5: 538dccd22dd18466fff3ec7948495417 +# Source0-md5: a2fed766e67c9681e0d9b86768f08286 Source1: %{name}.init Source2: %{name}.logrotate Source3: %{name}.sysconfig diff --git a/libtool-tag.patch b/libtool-tag.patch index 17259e4..a5c230b 100644 --- a/libtool-tag.patch +++ b/libtool-tag.patch @@ -1,31 +1,31 @@ ---- httpd-2.2.17/build/rules.mk.in~ 2006-07-12 06:38:44.000000000 +0300 -+++ httpd-2.2.17/build/rules.mk.in 2011-03-26 18:27:36.410587573 +0200 -@@ -38,17 +38,17 @@ - COMPILE = $(BASE_CC) @PICFLAGS@ - CXX_COMPILE = $(BASE_CXX) @PICFLAGS@ - --SH_COMPILE = $(LIBTOOL) --mode=compile $(BASE_CC) @SHLTCFLAGS@ -c $< && touch $@ --SH_CXX_COMPILE = $(LIBTOOL) --mode=compile $(BASE_CXX) @SHLTCFLAGS@ -c $< && touch $@ -+SH_COMPILE = $(LIBTOOL) --mode=compile --tag=CC $(BASE_CC) @SHLTCFLAGS@ -c $< && touch $@ -+SH_CXX_COMPILE = $(LIBTOOL) --mode=compile --tag=CXX $(BASE_CXX) @SHLTCFLAGS@ -c $< && touch $@ - --LT_COMPILE = $(LIBTOOL) --mode=compile $(COMPILE) @LTCFLAGS@ -c $< && touch $@ --LT_CXX_COMPILE = $(LIBTOOL) --mode=compile $(CXX_COMPILE) @LTCFLAGS@ -c $< && touch $@ -+LT_COMPILE = $(LIBTOOL) --mode=compile --tag=CC $(COMPILE) @LTCFLAGS@ -c $< && touch $@ -+LT_CXX_COMPILE = $(LIBTOOL) --mode=compile --tag=CXX $(CXX_COMPILE) @LTCFLAGS@ -c $< && touch $@ +--- httpd-2.4.4/build/rules.mk.in.orig 2012-09-26 16:30:31.000000000 +0200 ++++ httpd-2.4.4/build/rules.mk.in 2013-03-07 23:18:20.779633942 +0100 +@@ -41,17 +41,17 @@ + COMPILE = $(BASE_CC) $(PICFLAGS) + CXX_COMPILE = $(BASE_CXX) $(PICFLAGS) + +-SH_COMPILE = $(LIBTOOL) --mode=compile $(BASE_CC) $(SHLTCFLAGS) -c $< && touch $@ +-SH_CXX_COMPILE = $(LIBTOOL) --mode=compile $(BASE_CXX) $(SHLTCFLAGS) -c $< && touch $@ ++SH_COMPILE = $(LIBTOOL) --mode=compile --tag=CC $(BASE_CC) $(SHLTCFLAGS) -c $< && touch $@ ++SH_CXX_COMPILE = $(LIBTOOL) --mode=compile --tag=CXX $(BASE_CXX) $(SHLTCFLAGS) -c $< && touch $@ + +-LT_COMPILE = $(LIBTOOL) --mode=compile $(COMPILE) $(LTCFLAGS) -c $< && touch $@ +-LT_CXX_COMPILE = $(LIBTOOL) --mode=compile $(CXX_COMPILE) $(LTCFLAGS) -c $< && touch $@ ++LT_COMPILE = $(LIBTOOL) --mode=compile --tag=CC $(COMPILE) $(LTCFLAGS) -c $< && touch $@ ++LT_CXX_COMPILE = $(LIBTOOL) --mode=compile --tag=CXX $(CXX_COMPILE) $(LTCFLAGS) -c $< && touch $@ # Link-related commands --LINK = $(LIBTOOL) --mode=link $(CC) $(ALL_CFLAGS) @PILDFLAGS@ $(LT_LDFLAGS) $(ALL_LDFLAGS) -o $@ +-LINK = $(LIBTOOL) --mode=link $(CC) $(ALL_CFLAGS) $(PILDFLAGS) $(LT_LDFLAGS) $(ALL_LDFLAGS) -o $@ -SH_LINK = $(SH_LIBTOOL) --mode=link $(CC) $(ALL_CFLAGS) $(LT_LDFLAGS) $(ALL_LDFLAGS) $(SH_LDFLAGS) $(CORE_IMPLIB) $(SH_LIBS) -o $@ -MOD_LINK = $(LIBTOOL) --mode=link $(CC) $(ALL_CFLAGS) -static $(LT_LDFLAGS) $(ALL_LDFLAGS) -o $@ -+LINK = $(LIBTOOL) --mode=link --tag=CC $(CC) $(ALL_CFLAGS) @PILDFLAGS@ $(LT_LDFLAGS) $(ALL_LDFLAGS) -o $@ ++LINK = $(LIBTOOL) --mode=link --tag=CC $(CC) $(ALL_CFLAGS) $(PILDFLAGS) $(LT_LDFLAGS) $(ALL_LDFLAGS) -o $@ +SH_LINK = $(SH_LIBTOOL) --mode=link --tag=CC $(CC) $(ALL_CFLAGS) $(LT_LDFLAGS) $(ALL_LDFLAGS) $(SH_LDFLAGS) $(CORE_IMPLIB) $(SH_LIBS) -o $@ +MOD_LINK = $(LIBTOOL) --mode=link --tag=CC $(CC) $(ALL_CFLAGS) -static $(LT_LDFLAGS) $(ALL_LDFLAGS) -o $@ # Cross compile commands -@@ -216,7 +216,7 @@ +@@ -228,7 +228,7 @@ # Makes an import library from a def file .def.la: