|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
Name: mongoose
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
Group: Applications/System
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
Summary: An easy-to-use self-sufficient web server
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
Version: 3.0
|
|
Rafael Aquini |
bcadcd8 |
Release: 2%{?dist}
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
License: MIT
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
URL: http://code.google.com/p/mongoose
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
Source0: http://mongoose.googlecode.com/files/mongoose-%{version}.tgz
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
Source1: mongoose.conf
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
BuildRequires: openssl-devel
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
Rafael Aquini |
bcadcd8 |
# FIX CVE-2011-2900
|
|
Rafael Aquini |
bcadcd8 |
# https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0#
|
|
Rafael Aquini |
bcadcd8 |
Patch0: mongoose-fix-buffer-overflow-put_dir.patch
|
|
Rafael Aquini |
bcadcd8 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%description
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
Mongoose web server executable is self-sufficient, it does not depend on
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
anything to start serving requests. If it is copied to any directory and
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
executed, it starts to serve that directory on port 8080 (so to access files,
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
go to http://localhost:8080). If some additional configuration is required -
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
for example, different listening port or IP-based access control, then a
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
'mongoose.conf' file with respective options can be created in the same
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
directory where executable lives. This makes Mongoose perfect for all sorts
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
of demos, quick tests, file sharing, and Web programming.
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%prep
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%setup -q -n %{name}
|
|
Rafael Aquini |
bcadcd8 |
%patch0 -p1 -b .fixcve
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{__install} -p -m 0644 %{SOURCE1} .
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%build
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
# get dinamically the correct version to SSL shlib
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
LIBV=$(find '%{_libdir}' | grep -E '/libssl.so.[0-9]?[0-9]?$' | sed -e 's!%{_libdir}/libssl.so.!!')
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{__make} %{?_smp_mflags} CFLAGS="%{optflags} -DSSL_LIB='\"libssl.so.${LIBV}\"' -DCRYPTO_LIB='\"libcrypto.so.${LIBV}\"'" linux
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%install
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{__rm} -rf %{buildroot}
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{__install} -D -p -m 0755 %{name} %{buildroot}/%{_bindir}/%{name}
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{__install} -D -p -m 0644 %{name}.1 %{buildroot}/%{_mandir}/man1/%{name}.1
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%clean
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{__rm} -rf %{buildroot}
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%files
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%defattr(-,root,root,-)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
1a8aa87 |
%doc %{name}.conf LICENSE
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{_bindir}/%{name}
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%{_mandir}/man1/%{name}.1*
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
%changelog
|
|
Rafael Aquini |
bcadcd8 |
* Sat Aug 27 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-2
|
|
Rafael Aquini |
bcadcd8 |
- Add upstream patch to fix CVE-2011-2900 (729146)
|
|
Rafael Aquini |
bcadcd8 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
* Mon Jul 25 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-1
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
- Rebuilt for Fedora's inclusion, after scracth-build successful tests.
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
* Mon Jul 25 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-0
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
- Packaged mongoose's upstream 3.0 release.
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
88128b0 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
1a8aa87 |
* Tue Sep 28 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.11-0
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
1a8aa87 |
- Packaged the mongoose's upstream 2.11 release.
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
1a8aa87 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
* Wed Jul 21 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.8-6
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Adjust the approach to grab correct OpenSSL versioned shared libs in
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
build time, as suggested by Toshio Ernie Kuratomi (592670#c25)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Open an upstream issue asking for shipping a license file within mongoose's
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
.tar file (http://code.google.com/p/mongoose/issues/detail?id=159)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
* Tue Jul 13 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.8-5
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Get dinamically the correct OpenSSL versioned shared libs in build time,
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
as suggested by Douglas Schilling Landgraf (592670#c21)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
* Wed May 19 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.8-4
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Drop off all source files from doc dir, including the examples
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Add patch to define correct OpenSSL versioned shared libs in build time,
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
as suggested by Ralf Corsepius (592670#c19)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
* Tue May 18 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.8-3
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Several improvements to the Spec, by Terje Røsten's review (592670#c3)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Added /examples dir to docs, as suggested by Chen Lei's review (592670#c4)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
* Mon May 17 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.8-2
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- Set of fixes to the Spec file, suggested by Chen Lei's review (592670#c1)
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
* Sat May 15 2010 Rafael Azenha Aquini <aquini at linux dot com> - 2.8-1
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
- initial packaging.
|
|
![](https://seccdn.libravatar.org/avatar/3491a02bbdc053385b2743a975d660b957ffbee23a13c9c638cc24ebead1067d?s=16&d=retro) |
ac5ef60 |
|