svn commit: r330031 - in head: security/vuxml www/mod_fcgid
Olli Hauer
ohauer at FreeBSD.org
Thu Oct 10 20:02:43 UTC 2013
Author: ohauer
Date: Thu Oct 10 20:02:42 2013
New Revision: 330031
URL: http://svnweb.freebsd.org/changeset/ports/330031
Log:
- update mod_fcgid to version 2.3.9
- add stage support
- add vuxml entry
PR: ports/182878
Submitted by: Fabiano Sidler <freebsd.ports at webstyle.ch> (maintainer)
Security: CVE-2013-4365
Modified:
head/security/vuxml/vuln.xml
head/www/mod_fcgid/Makefile
head/www/mod_fcgid/distinfo
head/www/mod_fcgid/pkg-plist
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Oct 10 18:47:42 2013 (r330030)
+++ head/security/vuxml/vuln.xml Thu Oct 10 20:02:42 2013 (r330031)
@@ -51,6 +51,35 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="9003b500-31e3-11e3-b0d0-20cf30e32f6d">
+ <topic>mod_fcgid -- possible heap buffer overwrite</topic>
+ <affects>
+ <package>
+ <name>ap22-mod_fcgid</name>
+ <range><lt>2.3.9</lt></range>
+ </package>
+ <package>
+ <name>ap24-mod_fcgid</name>
+ <range><lt>2.3.9</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Apache Project reports:</p>
+ <blockquote cite="https://mail-archives.apache.org/mod_mbox/httpd-cvs/201309.mbox/%3C20130929174048.13B962388831@eris.apache.org%3E">
+ <p>Fix possible heap buffer overwrite.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-4365</cvename>
+ </references>
+ <dates>
+ <discovery>2013-09-29</discovery>
+ <entry>2013-10-10</entry>
+ </dates>
+ </vuln>
+
<vuln vid="749b5587-2da1-11e3-b1a9-b499baab0cbe">
<topic>gnupg -- possible infinite recursion in the compressed packet parser</topic>
<affects>
Modified: head/www/mod_fcgid/Makefile
==============================================================================
--- head/www/mod_fcgid/Makefile Thu Oct 10 18:47:42 2013 (r330030)
+++ head/www/mod_fcgid/Makefile Thu Oct 10 20:02:42 2013 (r330031)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= mod_fcgid
-PORTVERSION= 2.3.7
+PORTVERSION= 2.3.9
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD}
MASTER_SITE_SUBDIR= ${PORTNAME}
@@ -28,15 +28,10 @@ MAKE_ARGS+= INCLUDES="-I${LOCALBASE}/inc
INSTALL_TARGET= install-modules-yes
DOCSDIR= ${PREFIX}/share/doc/apache${APACHE_VERSION}/mod
-NO_STAGE= yes
post-install:
-.if !defined(NOPORTDOCS)
- ${MKDIR} ${DOCSDIR}
- ${INSTALL_MAN} ${WRKSRC}/docs/manual/mod/mod_fcgid.html ${DOCSDIR}
- ${INSTALL_MAN} ${WRKSRC}/docs/manual/mod/mod_fcgid.html.en ${DOCSDIR}
-.endif
- ${MKDIR} -m 700 /var/run/fcgidsock
- ${CHOWN} www:www /var/run/fcgidsock
- @${CAT} ${PKGMESSAGE}
+ ${MKDIR} ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_MAN} ${WRKSRC}/docs/manual/mod/mod_fcgid.html ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_MAN} ${WRKSRC}/docs/manual/mod/mod_fcgid.html.en ${STAGEDIR}${DOCSDIR}
+ ${MKDIR} -m 700 ${STAGEDIR}/var/run/fcgidsock
.include <bsd.port.mk>
Modified: head/www/mod_fcgid/distinfo
==============================================================================
--- head/www/mod_fcgid/distinfo Thu Oct 10 18:47:42 2013 (r330030)
+++ head/www/mod_fcgid/distinfo Thu Oct 10 20:02:42 2013 (r330031)
@@ -1,2 +1,2 @@
-SHA256 (apache2/mod_fcgid-2.3.7.tar.gz) = b72810cb34942945156f29ce60946da7dc941bb4cfca8b9d224573535bd8ef6d
-SIZE (apache2/mod_fcgid-2.3.7.tar.gz) = 104818
+SHA256 (apache2/mod_fcgid-2.3.9.tar.gz) = 1cbad345e3376b5d7c8f9a62b471edd7fa892695b90b79502f326b4692a679cf
+SIZE (apache2/mod_fcgid-2.3.9.tar.gz) = 107582
Modified: head/www/mod_fcgid/pkg-plist
==============================================================================
--- head/www/mod_fcgid/pkg-plist Thu Oct 10 18:47:42 2013 (r330030)
+++ head/www/mod_fcgid/pkg-plist Thu Oct 10 20:02:42 2013 (r330031)
@@ -1,7 +1,6 @@
%%APACHEMODDIR%%/%%AP_MODULE%%
%%PORTDOCS%%%%DOCSDIR%%/mod_fcgid.html
%%PORTDOCS%%%%DOCSDIR%%/mod_fcgid.html.en
-%%PORTDOCS%%@unexec /bin/rmdir %D/%%DOCSDIR%% 2>/dev/null || true
- at exec /bin/mkdir -p -m 700 /var/run/fcgidsock
- at exec /usr/sbin/chown www:www /var/run/fcgidsock
+%%PORTDOCS%%@dirrmtry %%DOCSDIR%%
+ at exec install -m 700 -o www -g www -d /var/run/fcgidsock
@unexec /bin/rmdir /var/run/fcgidsock 2>/dev/null || true
More information about the svn-ports-head
mailing list