Date: Thu, 30 May 2013 21:17:50 GMT From: Olli Hauer <ohauer@FreeBSD.org> To: FreeBSD-gnats-submit@freebsd.org Cc: lev@FreeBSD.org Subject: ports/179125: devel/subversion possible DoS against svnserve Message-ID: <201305302117.r4ULHoxn059336@freefall.freebsd.org> Resent-Message-ID: <201305302120.r4ULK0Ih059414@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 179125 >Category: ports >Synopsis: devel/subversion possible DoS against svnserve >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu May 30 21:20:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Olli Hauer >Release: FreeBSD 8.3-RELEASE-p3 amd64 >Organization: >Environment: >Description: Fix a possible DoS against svnserve Noted by: Boris Lytochkin <lytboris_at_yandex-team.ru> on the users@subversion list http://svn.haxx.se/users/archive-2013-05/0119.shtml Patch shaped from: http://svn.apache.org/viewvc?view=revision&revision=1485047 The patch will be included in subversion-1.8 and 1.7.10, as far as I know there will be no patch for subversion-1.6.x since 1.6 is EOL with the first release of subversion-1.8 I'm running the patch now for over a week in prod. without any issues. In case the patch is mangled here is a copy. http://people.freebsd.org/~ohauer/diffs/subversion-1.7.9_2.diff >How-To-Repeat: >Fix: --- subversion-1.7.9_2.diff begins here --- Index: Makefile =================================================================== --- Makefile (revision 319448) +++ Makefile (working copy) @@ -4,7 +4,7 @@ MAINTAINER= lev@FreeBSD.org COMMENT= Version control system -CONFLICTS_INSTALL= subversion-devel-[0-9]* subversion-freebsd-[0-9]* +CONFLICTS_INSTALL= subversion-1.[6|8]-[0-9]* USE_RC_SUBR= svnserve Index: Makefile.common =================================================================== --- Makefile.common (revision 319448) +++ Makefile.common (working copy) @@ -3,7 +3,7 @@ PORTNAME= subversion PORTVERSION= 1.7.9 -PORTREVISION?= 1 +PORTREVISION?= 2 CATEGORIES+= devel MASTER_SITES= ${MASTER_SITE_APACHE:S/$/:main/} \ ${MASTER_SITE_LOCAL:S/$/:book/} @@ -19,7 +19,7 @@ LICENSE= AL2 -CONFLICTS_INSTALL+= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-1.6.[0-9]* +CONFLICTS_INSTALL+= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-1.[6|8].[0-9]* LIB_DEPENDS+= sqlite3.8:${PORTSDIR}/databases/sqlite3 \ expat:${PORTSDIR}/textproc/expat2 @@ -30,7 +30,7 @@ --with-expat=/usr/local/include:/usr/local/lib:expat .if defined(SVN_BUILD_BINDINGS) -CONFLICTS_BUILD+= ${PORTNAME}-1.6.[0-9]* +CONFLICTS_BUILD+= ${PORTNAME}-1.[6|8].[0-9]* LIB_DEPENDS+= svn_client-1.0:${PORTSDIR}/devel/subversion OPTIONSFILE= ${PORT_DBDIR}/${PORTNAME}/options OPTIONS= # Dirty hack: if OPTIONS is not defined, OPTIONSFILE will not be included Index: files/patch-subversion__svnserve__main.c =================================================================== --- files/patch-subversion__svnserve__main.c (revision 0) +++ files/patch-subversion__svnserve__main.c (working copy) @@ -0,0 +1,25 @@ +Prevent svnserve from exiting when a client connection is aborted. + +Justification: + DoS against svnserve possible. + +Noted by: Boris Lytochkin <lytboris_at_yandex-team.ru> + on the users@subversion list + http://svn.haxx.se/users/archive-2013-05/0119.shtml + +Patch shaped from: + http://svn.apache.org/viewvc?view=revision&revision=1485047 +=========================================================================== +--- ./subversion/svnserve/main.c.orig 2013-05-23 20:10:51.000000000 +0200 ++++ ./subversion/svnserve/main.c 2013-05-23 20:14:45.000000000 +0200 +@@ -928,7 +928,9 @@ + connection_pool) == APR_CHILD_DONE) + ; + } +- if (APR_STATUS_IS_EINTR(status)) ++ if (APR_STATUS_IS_EINTR(status) ++ || APR_STATUS_IS_ECONNABORTED(status) ++ || APR_STATUS_IS_ECONNRESET(status)) + { + svn_pool_destroy(connection_pool); + continue; --- subversion-1.7.9_2.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201305302117.r4ULHoxn059336>