Date: Thu, 8 Feb 2018 14:26:28 +0000 (UTC) From: Alexey Dokuchaev <danfe@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r461240 - in head/www/thttpd: . files Message-ID: <201802081426.w18EQSUm047534@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: danfe Date: Thu Feb 8 14:26:28 2018 New Revision: 461240 URL: https://svnweb.freebsd.org/changeset/ports/461240 Log: Update `www/thttpd' to version 2.28, which features: - Improvements to the FreeBSD startup script (Craig Leres) - Minor portability tweak in mmc.c - Fix a potential buffer overrun bug in htpasswd (reported by Alessio Santoru as CVE-2017-17663), no-op on FreeBSD due to our custom patches from Red Hat since r377324 PR: 225701 Modified: head/www/thttpd/Makefile head/www/thttpd/distinfo head/www/thttpd/files/patch-extras_htpasswd.c head/www/thttpd/files/patch-mmc.c Modified: head/www/thttpd/Makefile ============================================================================== --- head/www/thttpd/Makefile Thu Feb 8 14:18:52 2018 (r461239) +++ head/www/thttpd/Makefile Thu Feb 8 14:26:28 2018 (r461240) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= thttpd -PORTVERSION= 2.27 +PORTVERSION= 2.28 CATEGORIES= www ipv6 MASTER_SITES= http://www.acme.com/software/thttpd/ Modified: head/www/thttpd/distinfo ============================================================================== --- head/www/thttpd/distinfo Thu Feb 8 14:18:52 2018 (r461239) +++ head/www/thttpd/distinfo Thu Feb 8 14:26:28 2018 (r461240) @@ -1,2 +1,3 @@ -SHA256 (thttpd-2.27.tar.gz) = b1c4bc37ada7c39cc2bcfbf86b3bc05be91be49f8bb4f55379eaff1f66516d7a -SIZE (thttpd-2.27.tar.gz) = 134005 +TIMESTAMP = 1517762580 +SHA256 (thttpd-2.28.tar.gz) = 8552f929d4ede26cb193411c1208168e169dda24ee9eb1da8f8da4f4f8e10328 +SIZE (thttpd-2.28.tar.gz) = 135754 Modified: head/www/thttpd/files/patch-extras_htpasswd.c ============================================================================== --- head/www/thttpd/files/patch-extras_htpasswd.c Thu Feb 8 14:18:52 2018 (r461239) +++ head/www/thttpd/files/patch-extras_htpasswd.c Thu Feb 8 14:26:28 2018 (r461240) @@ -25,7 +25,7 @@ exit(1); } -@@ -149,51 +155,128 @@ void interrupted(int signo) { +@@ -149,52 +155,129 @@ void interrupted(int signo) { int main(int argc, char *argv[]) { FILE *tfp,*f; char user[MAX_STRING_LEN]; @@ -138,7 +138,8 @@ + exit(1); + } + /* already checked for boflw ... */ - strcpy(user,argv[2]); + strncpy(user,argv[2],sizeof(user)-1); + user[sizeof(user)-1] = '\0'; found = 0; - while(!(my_getline(line,MAX_STRING_LEN,f))) { Modified: head/www/thttpd/files/patch-mmc.c ============================================================================== --- head/www/thttpd/files/patch-mmc.c Thu Feb 8 14:18:52 2018 (r461239) +++ head/www/thttpd/files/patch-mmc.c Thu Feb 8 14:26:28 2018 (r461240) @@ -87,12 +87,3 @@ if ( munmap( m->addr, m->size ) < 0 ) syslog( LOG_ERR, "munmap - %m" ); #else /* HAVE_MMAP */ -@@ -523,7 +543,7 @@ void - mmc_logstats( long secs ) - { - syslog( -- LOG_NOTICE, " map cache - %d allocated, %d active (%lld bytes), %d free; hash size: %d; expire age: %ld", -+ LOG_NOTICE, " map cache - %d allocated, %d active (%lld bytes), %d free; hash size: %d; expire age: %d", - alloc_count, map_count, (long long) mapped_bytes, free_count, hash_size, - expire_age ); - if ( map_count + free_count != alloc_count )
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802081426.w18EQSUm047534>