Date: Wed, 1 Dec 2004 14:41:20 -0500 (EST) From: Jonathan Pater <pater@cowboyneal.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Jonathan Pater <pater@cowboyneal.org> Subject: ports/74596: Patch updates apache13-modperl port, fixes security vulnerability Message-ID: <200412011941.iB1JfKx2010597@yogafrog.blockstackers.com> Resent-Message-ID: <200412011940.iB1JeMEG001047@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 74596
>Category: ports
>Synopsis: Patch updates apache13-modperl port, fixes security vulnerability
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 01 19:40:22 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Jonathan Pater
>Release: FreeBSD 5.3-RELEASE-p1 i386
>Organization:
>Environment:
System: FreeBSD yogafrog.blockstackers.com 5.3-RELEASE-p1 FreeBSD 5.3-RELEASE-p1 #0: Fri Nov 19 10:18:02 EST 2004 root@yogafrog.blockstackers.com:/usr/obj/usr/src/sys/YOGAFROG i386
>Description:
This port has recently been deprecated, but I and a couple other people I've talked to still have use for Apache 1.3 with a statically compiled mod_perl. Since the security vulnerability was fixed in the upstream sources, all that is required is to bump the port's version number, I think. The reason for deprecating this port was given via private email, so I may be missing something, but the attached patch updates the port correctly here. If need be, I could also assume maintenance of this port, since I'm an active user of it.
>How-To-Repeat:
>Fix:
--- apache13-modperl.diff begins here ---
diff -u apache13-modperl.orig/Makefile apache13-modperl/Makefile
--- apache13-modperl.orig/Makefile Wed Dec 1 14:25:57 2004
+++ apache13-modperl/Makefile Wed Dec 1 14:22:10 2004
@@ -14,9 +14,6 @@
DISTFILES= apache_${VERSION_APACHE}${EXTRACT_SUFX}:apache \
mod_perl-${VERSION_MODPERL}${EXTRACT_SUFX}:modperl
-DEPRECATED= http://vuxml.freebsd.org/6e6a6b8a-2fde-11d9-b3a2-0050fc56d258.html (vulnerability)
-EXPIRATION_DATE=2004-12-06
-
MAINTAINER= ports@rbt.ca
COMMENT= The Apache 1.3 webserver with a statically embedded perl interpreter
@@ -44,7 +41,7 @@
.include <bsd.port.pre.mk>
-VERSION_APACHE= 1.3.31
+VERSION_APACHE= 1.3.33
VERSION_MODPERL= 1.29
WRKSRC_MODPERL= ${WRKDIR}/mod_perl-${VERSION_MODPERL}
diff -u apache13-modperl.orig/distinfo apache13-modperl/distinfo
--- apache13-modperl.orig/distinfo Wed Dec 1 14:25:57 2004
+++ apache13-modperl/distinfo Wed Dec 1 14:22:06 2004
@@ -1,4 +1,4 @@
-MD5 (apache_1.3.31.tar.gz) = bd548a06ac48dda496b4e613572bb020
-SIZE (apache_1.3.31.tar.gz) = 2467371
+MD5 (apache_1.3.33.tar.gz) = 3dfd2c3778f37a2dfc22b97417a61407
+SIZE (apache_1.3.33.tar.gz) = 2468567
MD5 (mod_perl-1.29.tar.gz) = 1491931790509b9af06fc037d02b0e7a
SIZE (mod_perl-1.29.tar.gz) = 378877
Common subdirectories: apache13-modperl.orig/files and apache13-modperl/files
--- apache13-modperl.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412011941.iB1JfKx2010597>