diff -u apache2-2.0.55/debian/rules apache2-2.0.55/debian/rules --- apache2-2.0.55/debian/rules +++ apache2-2.0.55/debian/rules @@ -220,6 +220,7 @@ ln -s rotatelogs debian/apache2-utils/usr/sbin/rotatelogs2 #apache2-common stuff + cp debian/bash_completion debian/apache2-common/etc/bash_completion.d/apache2-common mv debian/apache2-mpm-worker/usr/share/apache2/icons/* debian/apache2-common/usr/share/apache2/icons/ mv debian/apache2-mpm-worker/usr/share/apache2/error/* debian/apache2-common/usr/share/apache2/error/ mv debian/apache2-mpm-worker/usr/sbin/apachectl debian/apache2-common/usr/sbin/apache2ctl diff -u apache2-2.0.55/debian/changelog apache2-2.0.55/debian/changelog --- apache2-2.0.55/debian/changelog +++ apache2-2.0.55/debian/changelog @@ -1,3 +1,20 @@ +apache2 (2.0.55-4.1) unstable; urgency=high + + * Non-maintainer upload. Urgency set to high due to security fixes. + * Added '052_mod_rewrite_CVE-2006-3747' to fix the off-by-one bug in + mod_rewrite. + [CVE-2006-3747]. (Closes: #380182) + * Added '053_restore_prefix_fix' to allow rebuilding from source. + (Closes: #374160) + * Added '054_apr_sendfile' to allow building for Hurd. + (Closes: #349416) + * Added '055_expect_CVE-2006-3918' to fix XSS attack in Expect headers. + [CVE-2006-3918]. (Closes: #381376) + * Added bash-completion script from Guillaume Rousse. + (Closes: #299855) + + -- Steve Kemp Sat, 5 Aug 2006 21:35:53 +0000 + apache2 (2.0.55-4) unstable; urgency=low * Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in diff -u apache2-2.0.55/debian/apache2-common.dirs apache2-2.0.55/debian/apache2-common.dirs --- apache2-2.0.55/debian/apache2-common.dirs +++ apache2-2.0.55/debian/apache2-common.dirs @@ -5,6 +5,7 @@ etc/apache2/mods-enabled etc/apache2/mods-available etc/apache2/conf.d +etc/bash_completion.d/ usr/bin usr/lib usr/lib/apache2 only in patch2: unchanged: --- apache2-2.0.55.orig/debian/bash_completion +++ apache2-2.0.55/debian/bash_completion @@ -0,0 +1,54 @@ +# bash completion for Debian apache2 configuration tools +# $Id: apache2,v 1.1 2005/03/16 22:51:19 guillaume Exp $ + +_apache2_modsites() +{ + COMPREPLY=( $( compgen -W '$( command ls /etc/apache2/$1 2>/dev/null \ + | sed -e 's/\.load//' -e 's/\.conf//' )' -- $cur ) ) +} + +_a2enmod() +{ + local cur + + COMPREPLY=() + cur=${COMP_WORDS[COMP_CWORD]} + + _apache2_modsites mods-available +} +complete -F _a2enmod a2enmod + +_a2ensite() +{ + local cur + + COMPREPLY=() + cur=${COMP_WORDS[COMP_CWORD]} + + _apache2_modsites sites-available + +} +complete -F _a2ensite a2ensite + +_a2dismod() +{ + local cur + + COMPREPLY=() + cur=${COMP_WORDS[COMP_CWORD]} + + _apache2_modsites mods-enabled +} +complete -F _a2dismod a2dismod + +_a2dissite() +{ + local cur + + COMPREPLY=() + cur=${COMP_WORDS[COMP_CWORD]} + + _apache2_modsites sites-enabled + +} +complete -F _a2dissite a2dissite only in patch2: unchanged: --- apache2-2.0.55.orig/debian/patches/052_mod_rewrite_CVE-2006-3747 +++ apache2-2.0.55/debian/patches/052_mod_rewrite_CVE-2006-3747 @@ -0,0 +1,11 @@ +--- build-tree.orig/apache2/modules/mappers/mod_rewrite.c 2006-07-28 08:16:53.000000000 +0000 ++++ build-tree/apache2/modules/mappers/mod_rewrite.c 2006-07-28 08:16:59.000000000 +0000 +@@ -2906,7 +2906,7 @@ + int c = 0; + + token[0] = cp = apr_pstrdup(p, cp); +- while (*cp && c < 5) { ++ while (*cp && c < 4) { + if (*cp == '?') { + token[++c] = cp + 1; + *cp = '\0'; only in patch2: unchanged: --- apache2-2.0.55.orig/debian/patches/053_restore_prefix_fix +++ apache2-2.0.55/debian/patches/053_restore_prefix_fix @@ -0,0 +1,33 @@ +--- build-tree/apache2/build/apr_common.m4 ++++ build-tree/apache2/build/apr_common.m4 +@@ -827,6 +827,8 @@ + dnl used here to allow us to co-exist layouts and argument based + dnl set ups. + AC_DEFUN(APR_PARSE_ARGUMENTS,[ ++eval "set x $ac_configure_args" ++shift + ac_prev= + for ac_option + do +--- build-tree/apache2/srclib/apr/build/apr_common.m4 ++++ build-tree/apache2/srclib/apr/build/apr_common.m4 +@@ -827,6 +827,8 @@ + dnl used here to allow us to co-exist layouts and argument based + dnl set ups. + AC_DEFUN(APR_PARSE_ARGUMENTS,[ ++eval "set x $ac_configure_args" ++shift + ac_prev= + for ac_option + do +--- build-tree/apache2/srclib/apr-util/build/apr_common.m4 ++++ build-tree/apache2/srclib/apr-util/build/apr_common.m4 +@@ -827,6 +827,8 @@ + dnl used here to allow us to co-exist layouts and argument based + dnl set ups. + AC_DEFUN(APR_PARSE_ARGUMENTS,[ ++eval "set $ac_configure_args" ++shift + ac_prev= + for ac_option + do only in patch2: unchanged: --- apache2-2.0.55.orig/debian/patches/054_apr_sendfile +++ apache2-2.0.55/debian/patches/054_apr_sendfile @@ -0,0 +1,11 @@ +--- build-tree.old/apache2/srclib/apr/network_io/unix/sendrecv.c 2005-03-28 22:21:19.000000000 +0200 ++++ build-tree/apache2/srclib/apr/network_io/unix/sendrecv.c 2005-03-28 22:22:11.000000000 +0200 +@@ -239,7 +239,7 @@ + /* Define a structure to pass in when we have a NULL header value */ + static apr_hdtr_t no_hdtr; + +-#if defined(__linux__) && defined(HAVE_WRITEV) ++#if (defined(__linux__) || defined(__GNU__)) && defined(HAVE_WRITEV) + + apr_status_t apr_socket_sendfile(apr_socket_t *sock, apr_file_t *file, + apr_hdtr_t *hdtr, apr_off_t *offset, only in patch2: unchanged: --- apache2-2.0.55.orig/debian/patches/055_expect_CVE-2006-3918 +++ apache2-2.0.55/debian/patches/055_expect_CVE-2006-3918 @@ -0,0 +1,11 @@ +--- build-tree.orig/apache2/modules/http/http_protocol.c 2006/04/18 15:17:22 394964 ++++ build-tree.orig/apache2/modules/http/http_protocol.c 2006/04/18 15:30:13 394965 +@@ -996,7 +996,7 @@ + "request-header" + "\nfield could not be met by this server.

\n" + "

The client sent

\n    Expect: ",
+-                           apr_table_get(r->headers_in, "Expect"),
++                           ap_escape_html(r->pool, apr_table_get(r->headers_in, "Expect")),
+                            "\n
\n" + "but we only allow the 100-continue " + "expectation.

\n",