1 |
commit: 562e0ddc683696a4d4e423ed6b2b3a4f9d5d4eab |
2 |
Author: Kent Fredric <kentnl <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue May 12 18:01:03 2020 +0000 |
4 |
Commit: Kent Fredric <kentnl <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue May 12 18:02:42 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=562e0ddc |
7 |
|
8 |
www-apache/mod_perl: Sec cleanup 2.0.11 re bug #672086 |
9 |
|
10 |
Removing versions affected by CVE-2011-2767 |
11 |
|
12 |
Bug: https://bugs.gentoo.org/672086 |
13 |
Bug: https://rt.cpan.org/Public/Bug/Display.html?id=126984 |
14 |
Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644169 |
15 |
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1623265 |
16 |
Bug: https://nvd.nist.gov/vuln/detail/CVE-2011-2767 |
17 |
Bug: https://www.cvedetails.com/cve/CVE-2011-2767/ |
18 |
Package-Manager: Portage-2.3.99, Repoman-2.3.22 |
19 |
Signed-off-by: Kent Fredric <kentnl <AT> gentoo.org> |
20 |
|
21 |
www-apache/mod_perl/Manifest | 1 - |
22 |
.../files/mod_perl-2.0.10-apache24-tests-1.patch | 33 ----- |
23 |
.../files/mod_perl-2.0.10-apache24-tests-2.patch | 23 ---- |
24 |
www-apache/mod_perl/mod_perl-2.0.10.ebuild | 140 --------------------- |
25 |
4 files changed, 197 deletions(-) |
26 |
|
27 |
diff --git a/www-apache/mod_perl/Manifest b/www-apache/mod_perl/Manifest |
28 |
index c26064fe0a8..238175ecb66 100644 |
29 |
--- a/www-apache/mod_perl/Manifest |
30 |
+++ b/www-apache/mod_perl/Manifest |
31 |
@@ -1,2 +1 @@ |
32 |
-DIST mod_perl-2.0.10.tar.gz 3846211 BLAKE2B de44c76d22cc90984be20193bb635f27d68fbc25cab39333be93ee15c4636025d9e6d8f7bfc661b50ac19cfeb5f697f957acb7fbbb38e1f3f712c81ac27737ab SHA512 0bf1a885cb32a3393e95f87e71983097613e263b9052dbf22494663b506e36a25d0256afed24285232276d9f43ebd3adaa18b91129bfb62116a8ccb023855bca |
33 |
DIST mod_perl-2.0.11.tar.gz 3848147 BLAKE2B 8eeef6d1fadbf9d2e3bcff33c5114e588f032c2497f5191b1edd30da8bce72eadf5ea62482ec8ece7d7fde308c8c41d6682d1a325760c627bee75c3ce8cf6272 SHA512 f232b215ccb9217f69ccced8a037470e5975900b9a6fcc5a2e4674e6559d21f026547c1b97c48109352043946dc22539dd38004759be16ad5cfcb3a96973dfdf |
34 |
|
35 |
diff --git a/www-apache/mod_perl/files/mod_perl-2.0.10-apache24-tests-1.patch b/www-apache/mod_perl/files/mod_perl-2.0.10-apache24-tests-1.patch |
36 |
deleted file mode 100644 |
37 |
index 822fb4e8755..00000000000 |
38 |
--- a/www-apache/mod_perl/files/mod_perl-2.0.10-apache24-tests-1.patch |
39 |
+++ /dev/null |
40 |
@@ -1,33 +0,0 @@ |
41 |
-From f4dd0394f0975892b51a889f023d0e207553a656 Mon Sep 17 00:00:00 2001 |
42 |
-From: Niko Tyni <ntyni@××××××.org> |
43 |
-Date: Fri, 23 Dec 2016 18:27:23 +0200 |
44 |
-Subject: [PATCH 1/2] Fix t/apache/read.t HTTP syntax for Apache 2.4.25 |
45 |
- compatibility |
46 |
- |
47 |
-HTTP/1.1 RFC 7230, section 2.6. "Protocol Versioning" says the HTTP name |
48 |
-is case sensitive. Starting with Apache 2.4.25, using lower case will |
49 |
-make the server issue a 400 Bad request response, causing a test failure. |
50 |
- |
51 |
-https://tools.ietf.org/html/rfc7230#section-2.6 |
52 |
- |
53 |
-Bug-Debian: https://bugs.debian.org/849082 |
54 |
---- |
55 |
- t/apache/read.t | 2 +- |
56 |
- 1 file changed, 1 insertion(+), 1 deletion(-) |
57 |
- |
58 |
-diff --git a/t/apache/read.t b/t/apache/read.t |
59 |
-index 83670c9..9f7f504 100644 |
60 |
---- a/t/apache/read.t |
61 |
-+++ b/t/apache/read.t |
62 |
-@@ -24,7 +24,7 @@ close $fh; |
63 |
- |
64 |
- my $size = length $data; |
65 |
- |
66 |
--for my $string ("POST $location http/1.0", |
67 |
-+for my $string ("POST $location HTTP/1.0", |
68 |
- "Content-length: $size", |
69 |
- "") { |
70 |
- my $line = "$string\r\n"; |
71 |
--- |
72 |
-2.11.0 |
73 |
- |
74 |
|
75 |
diff --git a/www-apache/mod_perl/files/mod_perl-2.0.10-apache24-tests-2.patch b/www-apache/mod_perl/files/mod_perl-2.0.10-apache24-tests-2.patch |
76 |
deleted file mode 100644 |
77 |
index 29e24cc770d..00000000000 |
78 |
--- a/www-apache/mod_perl/files/mod_perl-2.0.10-apache24-tests-2.patch |
79 |
+++ /dev/null |
80 |
@@ -1,23 +0,0 @@ |
81 |
-Author: Stefan Fritsch <sf@××××××××.de> |
82 |
-Source: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849082 |
83 |
- |
84 |
---- ./t/filter/TestFilter/in_bbs_inject_header.pm.orig 2016-10-27 22:11:16.000000000 +0200 |
85 |
-+++ ./t/filter/TestFilter/in_bbs_inject_header.pm 2016-12-24 06:55:19.049606491 +0100 |
86 |
-@@ -181,7 +181,7 @@ |
87 |
- |
88 |
- if ($data and $data =~ /^POST/) { |
89 |
- # demonstrate how to add a header while processing other headers |
90 |
-- my $header = "$header1_key: $header1_val\n"; |
91 |
-+ my $header = "$header1_key: $header1_val\r\n"; |
92 |
- push @{ $ctx->{buckets} }, APR::Bucket->new($c->bucket_alloc, $header); |
93 |
- debug "queued header [$header]"; |
94 |
- } |
95 |
-@@ -199,7 +199,7 @@ |
96 |
- # we hit the headers and body separator, which is a good |
97 |
- # time to add extra headers: |
98 |
- for my $key (keys %headers) { |
99 |
-- my $header = "$key: $headers{$key}\n"; |
100 |
-+ my $header = "$key: $headers{$key}\r\n"; |
101 |
- push @{ $ctx->{buckets} }, APR::Bucket->new($c->bucket_alloc, $header); |
102 |
- debug "queued header [$header]"; |
103 |
- } |
104 |
|
105 |
diff --git a/www-apache/mod_perl/mod_perl-2.0.10.ebuild b/www-apache/mod_perl/mod_perl-2.0.10.ebuild |
106 |
deleted file mode 100644 |
107 |
index 9e6cfc0edf7..00000000000 |
108 |
--- a/www-apache/mod_perl/mod_perl-2.0.10.ebuild |
109 |
+++ /dev/null |
110 |
@@ -1,140 +0,0 @@ |
111 |
-# Copyright 1999-2020 Gentoo Authors |
112 |
-# Distributed under the terms of the GNU General Public License v2 |
113 |
- |
114 |
-EAPI=5 |
115 |
- |
116 |
-inherit depend.apache apache-module perl-module eutils |
117 |
- |
118 |
-DESCRIPTION="An embedded Perl interpreter for Apache2" |
119 |
-HOMEPAGE="https://perl.apache.org/ https://projects.apache.org/project.html?perl-mod_perl" |
120 |
-SRC_URI="mirror://apache/perl/${P}.tar.gz" |
121 |
- |
122 |
-LICENSE="Apache-2.0" |
123 |
-SLOT="1" |
124 |
-KEYWORDS="~alpha amd64 ~arm ppc ppc64 x86" |
125 |
-IUSE="debug ithreads test" |
126 |
-RESTRICT="!test? ( test )" |
127 |
- |
128 |
-SRC_TEST=do |
129 |
- |
130 |
-# Apache::Reload, Apache::SizeLimit, and Apache::Test are force-unbundled. |
131 |
-# The minimum versions requested here are the bundled versions. |
132 |
- |
133 |
-# The test dependencies are from CPAN (Bundle::Apache2). |
134 |
- |
135 |
-# When all MPMs are disabled via useflags, the apache ebuild selects a |
136 |
-# default one, which will likely need threading. |
137 |
- |
138 |
-RDEPEND=" |
139 |
- dev-lang/perl[ithreads=] |
140 |
- >=dev-perl/Apache-Test-1.400.0 |
141 |
- >=www-servers/apache-2.0.47 |
142 |
- >=dev-libs/apr-util-1.4 |
143 |
- !ithreads? ( www-servers/apache[-apache2_mpms_event,-apache2_mpms_worker,apache2_mpms_prefork] ) |
144 |
-" |
145 |
-DEPEND="${RDEPEND} |
146 |
- dev-perl/Module-Build |
147 |
- test? ( |
148 |
- >=dev-perl/CGI-3.110.0 |
149 |
- dev-perl/Chatbot-Eliza |
150 |
- dev-perl/Devel-Symdump |
151 |
- dev-perl/HTML-Parser |
152 |
- dev-perl/IPC-Run3 |
153 |
- dev-perl/libwww-perl |
154 |
- www-servers/apache[apache2_modules_version,-apache2_modules_unique_id] |
155 |
- !www-apache/mpm_itk |
156 |
- ) |
157 |
-" |
158 |
-PDEPEND=" |
159 |
- >=dev-perl/Apache-Reload-0.130.0 |
160 |
- >=dev-perl/Apache-SizeLimit-0.970.0 |
161 |
-" |
162 |
- |
163 |
-APACHE2_MOD_FILE="${S}/src/modules/perl/mod_perl.so" |
164 |
-APACHE2_MOD_CONF="2.0.3/75_${PN}" |
165 |
-APACHE2_MOD_DEFINE="PERL" |
166 |
- |
167 |
-need_apache2 |
168 |
- |
169 |
-PATCHES=( |
170 |
- "${FILESDIR}/${PN}"-2.0.1-sneak-tmpdir.patch # seems to fix the make test problem |
171 |
- "${FILESDIR}/${PN}"-2.0.4-inline.patch # 550244 |
172 |
- "${FILESDIR}/${PN}"-2.0.10_rc1-bundled-Apache-Test.patch # 352724 |
173 |
- "${FILESDIR}/${PN}"-2.0.10_rc1-Gentoo-not-Unix.patch |
174 |
- "${FILESDIR}/${PN}"-2.0.10-apache24-tests-1.patch # 614684 |
175 |
- "${FILESDIR}/${PN}"-2.0.10-apache24-tests-2.patch # 614684 |
176 |
-) |
177 |
- |
178 |
-src_prepare() { |
179 |
- perl-module_src_prepare |
180 |
- |
181 |
- # chainsaw unbundling |
182 |
- rm -rf Apache-{Test,Reload,SizeLimit}/ lib/Bundle/ || die |
183 |
-} |
184 |
- |
185 |
-src_configure() { |
186 |
- local debug=$(usex debug 1 0) |
187 |
- local nothreads=$(usex ithreads 0 1) |
188 |
- myconf=( |
189 |
- MP_USE_DSO=1 |
190 |
- MP_APXS=${APXS} |
191 |
- MP_APR_CONFIG=/usr/bin/apr-1-config |
192 |
- MP_TRACE=${debug} |
193 |
- MP_DEBUG=${debug} |
194 |
- MP_NO_THREADS=${nothreads} |
195 |
- ) |
196 |
- |
197 |
- perl-module_src_configure |
198 |
-} |
199 |
- |
200 |
-src_test() { |
201 |
- # make test notes whether it is running as root, and drops |
202 |
- # privileges all the way to "nobody" if so, so we must adjust |
203 |
- # write permissions accordingly in this case. |
204 |
- |
205 |
- # IF YOU SUDO TO EMERGE AND HAVE !env_reset set testing will fail! |
206 |
- if [[ "$(id -u)" == "0" ]]; then |
207 |
- chown nobody:nobody "${WORKDIR}" "${T}" || die |
208 |
- fi |
209 |
- |
210 |
- # We force verbose tests for now to get meaningful bug reports. |
211 |
- MAKEOPTS+=" -j1" |
212 |
- TMPDIR="${T}" HOME="${T}/" TEST_VERBOSE=1 perl-module_src_test |
213 |
-} |
214 |
- |
215 |
-src_install() { |
216 |
- apache-module_src_install |
217 |
- |
218 |
- default |
219 |
- |
220 |
- perl_delete_localpod |
221 |
- perl_delete_packlist |
222 |
- |
223 |
- insinto "${APACHE_MODULES_CONFDIR}" |
224 |
- doins "${FILESDIR}"/2.0.3/apache2-mod_perl-startup.pl |
225 |
- |
226 |
- # this is an attempt to get @INC in line with /usr/bin/perl. |
227 |
- # there is blib garbage in the mainstream one that can only be |
228 |
- # useful during internal testing, so we wait until here and then |
229 |
- # just go with a clean slate. should be much easier to see what's |
230 |
- # happening and revert if problematic. |
231 |
- |
232 |
- perl_set_version |
233 |
- sed -i \ |
234 |
- -e "s,-I${S}/[^[:space:]\"\']\+[[:space:]]\?,,g" \ |
235 |
- -e "s,-typemap[[:space:]]${S}/[^[:space:]\"\']\+[[:space:]]\?,,g" \ |
236 |
- -e "s,${S}\(/[^[:space:]\"\']\+\)\?,/,g" \ |
237 |
- "${D}/${VENDOR_ARCH}/Apache2/BuildConfig.pm" || die |
238 |
- |
239 |
- local fname |
240 |
- for fname in $(find "${D}" -type f -not -name '*.so'); do |
241 |
- grep -q "\(${D}\|${S}\)" "${fname}" && ewarn "QA: File contains a temporary path ${fname}" |
242 |
- sed -i -e "s:\(${D}\|${S}\):/:g" ${fname} || die |
243 |
- done |
244 |
- |
245 |
- perl_remove_temppath |
246 |
-} |
247 |
- |
248 |
-pkg_postinst() { |
249 |
- apache-module_pkg_postinst |
250 |
-} |