Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. ModPerl>
  3. ModPerl-cvs
svn commit: r1867470 - /perl/modperl/trunk/src/modules/perl/mod_perl.c
stevehay at apache
Sep 24, 2019, 9:31 AM
Post #1 of 1 (531 views)
Permalink
Author: stevehay
Date: Tue Sep 24 16:31:13 2019
New Revision: 1867470

URL: http://svn.apache.org/viewvc?rev=1867470&view=rev
Log:
Fix [CVE-2011-2767] Arbitrary Perl code execution in the context of the user account via a user-owned .htaccess

Patch by Jan Ingvoldstad <jani+debian-2011+@ifi.uio.no> from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644169#19
(See also https://rt.cpan.org/Ticket/Display.html?id=126984)

Modified:
perl/modperl/trunk/src/modules/perl/mod_perl.c

Modified: perl/modperl/trunk/src/modules/perl/mod_perl.c
URL: http://svn.apache.org/viewvc/perl/modperl/trunk/src/modules/perl/mod_perl.c?rev=1867470&r1=1867469&r2=1867470&view=diff
==============================================================================
--- perl/modperl/trunk/src/modules/perl/mod_perl.c (original)
+++ perl/modperl/trunk/src/modules/perl/mod_perl.c Tue Sep 24 16:31:13 2019
@@ -939,18 +939,18 @@ static const command_rec modperl_cmds[]
MP_CMD_DIR_ITERATE2("PerlAddVar", add_var, "PerlAddVar"),
MP_CMD_DIR_TAKE2("PerlSetEnv", set_env, "PerlSetEnv"),
MP_CMD_SRV_TAKE1("PerlPassEnv", pass_env, "PerlPassEnv"),
- MP_CMD_DIR_RAW_ARGS_ON_READ("<Perl", perl, "Perl Code"),
- MP_CMD_DIR_RAW_ARGS("Perl", perldo, "Perl Code"),
+ MP_CMD_SRV_RAW_ARGS_ON_READ("<Perl", perl, "Perl Code"),
+ MP_CMD_SRV_RAW_ARGS("Perl", perldo, "Perl Code"),

MP_CMD_DIR_TAKE1("PerlSetInputFilter", set_input_filter,
"filter[;filter]"),
MP_CMD_DIR_TAKE1("PerlSetOutputFilter", set_output_filter,
"filter[;filter]"),

- MP_CMD_DIR_RAW_ARGS_ON_READ("=pod", pod, "Start of POD"),
- MP_CMD_DIR_RAW_ARGS_ON_READ("=back", pod, "End of =over"),
- MP_CMD_DIR_RAW_ARGS_ON_READ("=cut", pod_cut, "End of POD"),
- MP_CMD_DIR_RAW_ARGS_ON_READ("__END__", END, "Stop reading config"),
+ MP_CMD_SRV_RAW_ARGS_ON_READ("=pod", pod, "Start of POD"),
+ MP_CMD_SRV_RAW_ARGS_ON_READ("=back", pod, "End of =over"),
+ MP_CMD_SRV_RAW_ARGS_ON_READ("=cut", pod_cut, "End of POD"),
+ MP_CMD_SRV_RAW_ARGS_ON_READ("__END__", END, "Stop reading config"),

MP_CMD_SRV_RAW_ARGS("PerlLoadModule", load_module, "A Perl module"),
#ifdef MP_TRACE

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal