186526
/
openresty
mirror of https://github.com/openresty/openresty.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

applied the official patch patch.2013.space.txt for the Nginx core to fix the security issue CVE-2013-4547.

This commit is contained in:
Yichun Zhang (agentzh) 2013-11-20 21:05:25 -08:00
parent 97622943d2
commit 8b86c72ea2
3 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
patches/patch.2013.space.txt Normal file
View File

@ -0,0 +1,18 @@
--- src/http/ngx_http_parse.c
+++ src/http/ngx_http_parse.c
@@ -617,6 +617,7 @@ ngx_http_parse_request_line(ngx_http_req
default:
r->space_in_uri = 1;
state = sw_check_uri;
+ p--;
break;
}
break;
@@ -670,6 +671,7 @@ ngx_http_parse_request_line(ngx_http_req
default:
r->space_in_uri = 1;
state = sw_uri;
+ p--;
break;
}
break;

7
util/mirror-tarballs
View File

@ -203,6 +203,13 @@ echo "$info_txt applying the cache_manager_exit patch for nginx $ver"
patch -p1 < $root/patches/nginx-$ver-cache_manager_exit.patch || exit 1
echo
answer=`$root/util/ver-ge "$main_ver" 1.4.4`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the CVE-2013-4547 patch for nginx $ver"
patch -p0 < $root/patches/patch.2013.space.txt || exit 1
echo
fi
rm -f *.patch || exit 1
cd .. || exit 1

2
util/ver
View File

@ -2,7 +2,7 @@
#main_ver=1.5.4
main_ver=1.4.3
minor_ver=4
minor_ver=6
version=$main_ver.$minor_ver
echo $version