From 7826cc794a3bfa0e3bd856eb9e8b55ff9cd06eb5 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Elan=20Ruusam=C3=A4e?= <glen@pld-linux.org>
Date: Tue, 7 Feb 2006 19:40:23 +0000
Subject: [PATCH] - just for apache 2.0

Changed files:
    apache-CVE-2005-3352.patch -> 1.2
    apache-CVE-2005-3357.patch -> 1.2
---
 apache-CVE-2005-3352.patch | 35 -----------------------------------
 apache-CVE-2005-3357.patch | 21 ---------------------
 2 files changed, 56 deletions(-)
 delete mode 100644 apache-CVE-2005-3352.patch
 delete mode 100644 apache-CVE-2005-3357.patch

diff --git a/apache-CVE-2005-3352.patch b/apache-CVE-2005-3352.patch
deleted file mode 100644
index 2347338..0000000
--- a/apache-CVE-2005-3352.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-http://bugs.gentoo.org/show_bug.cgi?id=118875
-
---- server/util.c	(revision 330526)
-+++ server/util.c	(working copy)
-@@ -1762,6 +1762,8 @@
-             j += 3;
-         else if (s[i] == '&')
-             j += 4;
-+        else if (s[i] == '"')
-+            j += 5;
- 
-     if (j == 0)
-         return apr_pstrmemdup(p, s, i);
-@@ -1780,6 +1782,10 @@
-             memcpy(&x[j], "&amp;", 5);
-             j += 4;
-         }
-+        else if (s[i] == '"') {
-+            memcpy(&x[j], "&quot;", 6);
-+            j += 5;
-+        }
-         else
-             x[j] = s[i];
- 
---- modules/mappers/mod_imap.c	(revision 330526)
-+++ modules/mappers/mod_imap.c	(working copy)
-@@ -342,7 +342,7 @@
-     if (!strcasecmp(value, "referer")) {
-         referer = apr_table_get(r->headers_in, "Referer");
-         if (referer && *referer) {
--	    return apr_pstrdup(r->pool, referer);
-+	    return ap_escape_html(r->pool, referer);
-         }
-         else {
- 	    /* XXX:  This used to do *value = '\0'; ... which is totally bogus
diff --git a/apache-CVE-2005-3357.patch b/apache-CVE-2005-3357.patch
deleted file mode 100644
index bdd5793..0000000
--- a/apache-CVE-2005-3357.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-http://bugs.gentoo.org/show_bug.cgi?id=115324
-
---- modules/ssl/ssl_engine_kernel.c	(Revision 368148)
-+++ modules/ssl/ssl_engine_kernel.c	(Arbeitskopie)
-@@ -202,11 +202,14 @@
-     }
- 
-     /*
--     * Check to see if SSL protocol is on
-+     * Check to see whether SSL is in use; if it's not, then no
-+     * further access control checks are relevant.  (the test for
-+     * sc->enabled is probably strictly unnecessary)
-      */
--    if (!(sc->enabled || ssl)) {
-+    if (!sc->enabled || !ssl) {
-         return DECLINED;
-     }
-+
-     /*
-      * Support for per-directory reconfigured SSL connection parameters.
-      *
-- 
2.44.0