From owner-freebsd-apache@FreeBSD.ORG  Wed May 12 17:20:35 2010
Return-Path: <owner-freebsd-apache@FreeBSD.ORG>
Delivered-To: apache@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7AA261065672
	for <apache@FreeBSD.org>; Wed, 12 May 2010 17:20:35 +0000 (UTC)
	(envelope-from stb@lassitu.de)
Received: from gilb.zs64.net (gilb.zs64.net [212.12.50.234])
	by mx1.freebsd.org (Postfix) with ESMTP id 1CCF18FC12
	for <apache@FreeBSD.org>; Wed, 12 May 2010 17:20:34 +0000 (UTC)
Received: by gilb.zs64.net (Postfix, from stb@lassitu.de) id C6E566C54D;
	Wed, 12 May 2010 17:05:17 +0000 (UTC)
Mime-Version: 1.0 (Apple Message framework v1078)
Content-Type: text/plain; charset=us-ascii
From: Stefan Bethke <stb@lassitu.de>
In-Reply-To: <4BEAC7FE.7000407@NLnetLabs.nl>
Date: Wed, 12 May 2010 19:05:17 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <C7B25BD8-4A0A-4A3E-8EC3-9DDE6A2AB06B@lassitu.de>
References: <4BEAC7FE.7000407@NLnetLabs.nl>
To: Benno Overeinder <benno@NLnetLabs.nl>
X-Mailer: Apple Mail (2.1078)
Cc: apache@FreeBSD.org
Subject: Re: Apache 2.0.63_8 compiles, but does not run
X-BeenThere: freebsd-apache@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Support of apache-related ports  <freebsd-apache.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-apache>, 
	<mailto:freebsd-apache-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-apache>
List-Post: <mailto:freebsd-apache@freebsd.org>
List-Help: <mailto:freebsd-apache-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-apache>,
	<mailto:freebsd-apache-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 May 2010 17:20:35 -0000

Am 12.05.2010 um 17:23 schrieb Benno Overeinder:

> Newsgroups: mailing.freebsd.ports
> From: Benno <benno@nlnetlabs.remove-this.nl>
> Subject: Re: Apache 2.0.63_8 compiles, but does not run
> Date: 12 May 2010 15:18:46 GMT
>=20
> On 2010-05-08, Stefan Bethke <stb@lassitu.de> wrote:
>> One of the commits to www/apache20 in the past 24 hours breaks the=20
>> port.  See PR#146393
>>=20
>> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D146393
>>=20
>> Downgrading to a revision from 2010-05-07 00:00 UTC or earlier works
>> around this.
>>=20
>=20
> Same problem here.  After some searchig after mySrvFromConn, and
> checking with the original Apache 2.0.63 sources, I figured out it =
must
> be in the patches of the port.  Indeed, in
> www/apache20/files/patch-CVE-2009-3555 there is the code injecting the
> line "s =3D mySrvFromConn(c);".
>=20
> According to the header, it is:
> "Modified patch from
> =
http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-3555-2.2=
.patch".
>=20
> In the original apache2.0.63 code there is no reference to
> mySrvFromConn, and in the other port patches I cannot find any line
> defining mySrvFromConn.  Is this a partial backport of CVE-2009-3555?
>=20
> Can you forward this to the maintainer?

Sure.  But you might want to add this analysis to the PR.


Stefan

--=20
Stefan Bethke <stb@lassitu.de>   Fon +49 151 14070811