Sunday, July 30, 2006

004_httpd binpatch 3.9

OpenBSDThe OpenBSD team has released a patch for OpenBSD 3.9 which fixes "a potentially exploitable off-by-one buffer overflow" in httpd's mod_rewrite (CVE-2006-3747).

I've created a binpatch for i386 again using Gerardo SantanaĆ¢€™s Binpatch System.

To make it happen, I modified the binpatch Makefile adding "004_httpd" to the PATCH_COMMON line. Then, I added a section for building httpd:
cd ${WRKSRC}/usr.sbin/httpd && \
(${_obj_wrp}; ${_cleandir_wrp}; ${_depend_wrp}; \
${_build_wrp}; ${_install_wrp})

For OpenBSD 3.9, I have so far created:

I no longer maintain binpatches for 3.8 (or earlier) systems as I no longer have any 3.8 systems. Sorry.