rjung at apache
Nov 20, 2009, 7:43 AM
Post #1 of 1
(205 views)
Permalink
|
|
svn commit: r882610 - /httpd/httpd/branches/2.0.x/STATUS
|
|
Author: rjung
Date: Fri Nov 20 15:43:31 2009
New Revision: 882610
URL: http://svn.apache.org/viewvc?rev=882610&view=rev
Log:
Update patch proposal, add comment.
Modified:
httpd/httpd/branches/2.0.x/STATUS
Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/STATUS?rev=882610&r1=882609&r2=882610&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Fri Nov 20 15:43:31 2009
@@ -163,20 +163,27 @@
/* Uh-oh. Failed to open the new log file. Try to clear
* mod_ssl: Partial fix for CVE-2009-3555
+ Trunk version of patch:
+ http://svn.apache.org/viewvc?rev=833582&view=rev
+ http://svn.apache.org/viewvc?rev=833593&view=rev
+ http://svn.apache.org/viewvc?rev=881222&view=rev
Patch in 2.2.x branch:
http://svn.apache.org/viewvc?rev=833622&view=rev
- Backport version for 2.0.x of patch:
- http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x.patch
+ Backport version for 2.0.x of patch (Updated with backport of r881222):
+ http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x-v2.patch
+1: rjung
rpluem says: Two comments
1. IMHO backports are done from trunk not from other stable branches
2. The patch causes the compiler warning below that was fixed in r881222
on trunk. The backport should reflect this.
-
ssl_engine_kernel.c: In function `ssl_callback_Info':
ssl_engine_kernel.c:1802: warning: passing arg 1 of `SSL_state' discards qualifiers from pointer target type
Otherwise +1.
+ rjung: Ad 1: I couldn't see any difference between the trunk and 2.2.x patch.
+ The backport of the trunk and 2.2.x versions are identical.
+ Ad 2: I added the missing cast to the patch and updated the URL.
+
PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON:
|
