[mod_fcgid] Update to 2.3.6
Paul Howarth
pghmcfc at fedoraproject.org
Fri Nov 5 14:25:42 UTC 2010
commit b969a4171458bf73bd5799da858393e984accff2
Author: Paul Howarth <paul at city-fan.org>
Date: Fri Nov 5 14:23:42 2010 +0000
Update to 2.3.6
- New upstream release 2.3.6 (see CHANGES-FCGID for full details)
- Fix possible stack buffer overwrite (CVE-2010-3872)
- Change the default for FcgidMaxRequestLen from 1GB to 128K; administrators
should change this to an appropriate value based on site requirements
- Correct a problem that resulted in FcgidMaxProcesses being ignored in some
situations
- Return 500 instead of segfaulting when the application returns no output
- Don't include SELinux policy for RHEL-5 builds since RHEL >= 5.5 includes it
- Explicitly require /bin/sed for fixconf script
.gitignore | 2 +-
mod_fcgid.spec | 37 +++++++++++++++++++++++++------------
sources | 2 +-
3 files changed, 27 insertions(+), 14 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index c661092..e665cfd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-mod_fcgid-2.3.5.tar.bz2
+/mod_fcgid-2.3.6.tar.bz2
diff --git a/mod_fcgid.spec b/mod_fcgid.spec
index ab69b5d..fe64693 100644
--- a/mod_fcgid.spec
+++ b/mod_fcgid.spec
@@ -1,8 +1,8 @@
# Fedora 5, 6, and 7 versions includes SELinux policy module package
# Fedora 8 and 9 versions include policy in errata selinux-policy releases
# Fedora 10 onwards include policy in standard selinux-policy releases
-# RHEL 5.5 onwards will include policy in standard selinux-policy releases
-%if 0%{?fedora}%{?rhel} < 5 || 0%{?fedora} > 7 || 0%{?rhel} > 5
+# RHEL 5.5 onwards include policy in standard selinux-policy releases
+%if 0%{?fedora} < 5 || 0%{?fedora} > 7 || 0%{?rhel}
%global selinux_module 0
%global selinux_types %{nil}
%global selinux_variants %{nil}
@@ -15,8 +15,8 @@
%endif
Name: mod_fcgid
-Version: 2.3.5
-Release: 2%{?dist}
+Version: 2.3.6
+Release: 1%{?dist}
Summary: FastCGI interface module for Apache 2
Group: System Environment/Daemons
License: ASL 2.0
@@ -32,13 +32,15 @@ Patch0: mod_fcgid-2.3.4-fixconf-shellbang.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: httpd-devel >= 2.0, pkgconfig
Requires: httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && %{__cat} %{_includedir}/httpd/.mmn || echo missing)
+# sed required for fixconf script
+Requires: /bin/sed
# Make sure that selinux-policy is sufficiently up-to-date if it's installed
-## FastCGI policy properly incorporated into EL 5.5 (not yet available)
-#%if "%{?rhel}" == "5"
-#Conflicts: selinux-policy < 2.4.6-257.el5
-## No provide here because selinux-policy >= 2.4.6-203.el5 does the providing
-#Obsoletes: mod_fcgid-selinux <= %{version}-%{release}
-#%endif
+# FastCGI policy properly incorporated into EL 5.5
+%if "%{?rhel}" == "5"
+Conflicts: selinux-policy < 2.4.6-279.el5
+# No provide here because selinux-policy >= 2.4.6-279.el5 does the providing
+Obsoletes: mod_fcgid-selinux <= %{version}-%{release}
+%endif
%if "%{?fedora}" == "8"
Conflicts: selinux-policy < 3.0.8-123.fc8
%endif
@@ -62,7 +64,7 @@ as possible.
Summary: SELinux policy module supporting FastCGI applications with mod_fcgid
Group: System Environment/Base
BuildRequires: %{selinux_buildreqs}
-# selinux-policy is required for directory ownership of %{_datadir}/selinux/*
+# selinux-policy is required for directory ownership of %%{_datadir}/selinux/*
# Modules built against one version of a policy may not work with older policy
# versions, as noted on fedora-selinux-list:
# http://www.redhat.com/archives/fedora-selinux-list/2006-May/msg00102.html
@@ -110,7 +112,7 @@ done
%{__install} -D -m 644 fcgid.conf %{buildroot}%{_sysconfdir}/httpd/conf.d/fcgid.conf
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/run/mod_fcgid
-# Include the manual as %doc, don't need it elsewhere
+# Include the manual as %%doc, don't need it elsewhere
%{__rm} -rf %{buildroot}%{_var}/www/manual
# Install SELinux policy modules
@@ -171,6 +173,17 @@ exit 0
%endif
%changelog
+* Thu Nov 4 2010 Paul Howarth <paul at city-fan.org> 2.3.6-1
+- Update to 2.3.6 (see CHANGES-FCGID for full details)
+ - Fix possible stack buffer overwrite (CVE-2010-3872)
+ - Change the default for FcgidMaxRequestLen from 1GB to 128K; administrators
+ should change this to an appropriate value based on site requirements
+ - Correct a problem that resulted in FcgidMaxProcesses being ignored in some
+ situations
+ - Return 500 instead of segfaulting when the application returns no output
+- Don't include SELinux policy for RHEL-5 builds since RHEL >= 5.5 includes it
+- Explicitly require /bin/sed for fixconf script
+
* Tue Jun 8 2010 Paul Howarth <paul at city-fan.org> 2.3.5-2
- SELinux policy module not needed for RHEL-6 onwards
diff --git a/sources b/sources
index b5c65e1..37d7d45 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-640a49c9ddf8596bd913835118b4a6aa mod_fcgid-2.3.5.tar.bz2
+30ee138f3f0eb1c55303400748f128a2 mod_fcgid-2.3.6.tar.bz2
More information about the scm-commits
mailing list