Bug#273412: Patch for this vulnerability

To: 273412@bugs.debian.org
Subject: Bug#273412: Patch for this vulnerability
From: Moritz Mühlenhoff <muehlenhoff@univention.de>
Date: Tue, 28 Sep 2004 11:13:05 +0200
Message-id: <[🔎] 1096362785.22428.24.camel@anton.knut.univention.de>
Reply-to: Moritz Mühlenhoff <muehlenhoff@univention.de>, 273412@bugs.debian.org

Attached patch brings the upstream fix in proper dpatch format for
debian/patches and compiles cleanly.

Cheers,
         Moritz
-- 
Moritz Mühlenhoff  muehlenhoff@univention.de      fon: +49 421 22 232- 0
Development        Linux for Your Business                             
Univention GmbH    http://www.univention.de/      fax: +49 421 22 232-99

--- build-tree.orig/apache2/server/core.c	2004/08/31 08:16:56	1.225.2.27
+++ build-tree/apache2/server/core.c	2004/09/21 13:21:16	1.225.2.28
@@ -351,9 +351,13 @@
     /* Otherwise we simply use the base->sec_file array
      */
 
+    /* use a separate ->satisfy[] array either way */
+    conf->satisfy = apr_palloc(a, sizeof(*conf->satisfy) * METHODS);
     for (i = 0; i < METHODS; ++i) {
         if (new->satisfy[i] != SATISFY_NOSPEC) {
             conf->satisfy[i] = new->satisfy[i];
+        } else {
+            conf->satisfy[i] = base->satisfy[i];
         }
     }

Reply to:

Prev by Date: Bug#245050: marked as done ([upstream: fixed in 2.1] SEGV when Including itself (recursive Include))
Next by Date: Bug#273856: Bug in Apache2
Previous by thread: Bug#245050: marked as done ([upstream: fixed in 2.1] SEGV when Including itself (recursive Include))
Next by thread: Bug#273856: Bug in Apache2
Index(es):
- Date
- Thread