Bug#273412: Patch for this vulnerability
Attached patch brings the upstream fix in proper dpatch format for
debian/patches and compiles cleanly.
Cheers,
Moritz
--
Moritz Mühlenhoff muehlenhoff@univention.de fon: +49 421 22 232- 0
Development Linux for Your Business
Univention GmbH http://www.univention.de/ fax: +49 421 22 232-99
--- build-tree.orig/apache2/server/core.c 2004/08/31 08:16:56 1.225.2.27
+++ build-tree/apache2/server/core.c 2004/09/21 13:21:16 1.225.2.28
@@ -351,9 +351,13 @@
/* Otherwise we simply use the base->sec_file array
*/
+ /* use a separate ->satisfy[] array either way */
+ conf->satisfy = apr_palloc(a, sizeof(*conf->satisfy) * METHODS);
for (i = 0; i < METHODS; ++i) {
if (new->satisfy[i] != SATISFY_NOSPEC) {
conf->satisfy[i] = new->satisfy[i];
+ } else {
+ conf->satisfy[i] = base->satisfy[i];
}
}
Reply to: