update to 2.4.55, fixes CVE-2022-37436, CVE-2022-36760 and
CVE-2006-20001. ok sthen@
This commit is contained in:
parent
ce69f688de
commit
0ecb7a2cff
|
@ -1,9 +1,8 @@
|
|||
COMMENT= apache HTTP server
|
||||
|
||||
V= 2.4.54
|
||||
V= 2.4.55
|
||||
DISTNAME= httpd-${V}
|
||||
PKGNAME= apache-httpd-${V}
|
||||
REVISION= 0
|
||||
|
||||
CATEGORIES= www net
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
SHA256 (httpd-2.4.54.tar.gz) = xoe5nERsDvNF59hsIajhX8B0t9UVLE/iKwRj4r40b/s=
|
||||
SIZE (httpd-2.4.54.tar.gz) = 9743277
|
||||
SHA256 (httpd-2.4.55.tar.gz) = Unbqi8b/8x7tXIITKuUaCy7gX55rYaAPqHf2ytqztjg=
|
||||
SIZE (httpd-2.4.55.tar.gz) = 9758888
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Index: configure
|
||||
--- configure.orig
|
||||
+++ configure
|
||||
@@ -3472,7 +3472,7 @@ do
|
||||
@@ -3832,7 +3832,7 @@ do
|
||||
ap_last="${ap_cur}"
|
||||
ap_cur=`eval "echo ${ap_cur}"`
|
||||
done
|
||||
|
@ -10,12 +10,12 @@ Index: configure
|
|||
|
||||
|
||||
APACHE_VAR_SUBST="$APACHE_VAR_SUBST exp_sysconfdir"
|
||||
@@ -4678,7 +4678,7 @@ APR_INCLUDEDIR=`$apr_config --includedir`
|
||||
@@ -5059,7 +5059,7 @@ APR_INCLUDEDIR=`$apr_config --includedir`
|
||||
APR_INCLUDES=`$apr_config --includes`
|
||||
APR_VERSION=`$apr_config --version`
|
||||
apr_major_version=`echo ${APR_VERSION} | sed 's,\..*,,'`
|
||||
-APR_CONFIG="$APR_BINDIR/apr-${apr_major_version}-config"
|
||||
+APR_CONFIG="$apr_config"
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: " >&5
|
||||
$as_echo "$as_me: " >&6;}
|
||||
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: " >&5
|
||||
printf "%s\n" "$as_me: " >&6;}
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors
|
||||
reported in access logs and error documents. The processing of the
|
||||
reset was correct, only unneccesary reporting was caused.
|
||||
Index: modules/http2/h2_c2_filter.c
|
||||
--- modules/http2/h2_c2_filter.c.orig
|
||||
+++ modules/http2/h2_c2_filter.c
|
||||
@@ -615,7 +615,7 @@ apr_status_t h2_c2_filter_catch_h1_out(ap_filter_t* f,
|
||||
ap_assert(conn_ctx);
|
||||
H2_FILTER_LOG("c2_catch_h1_out", f->c, APLOG_TRACE2, 0, "check", bb);
|
||||
|
||||
- if (!conn_ctx->has_final_response) {
|
||||
+ if (!f->c->aborted && !conn_ctx->has_final_response) {
|
||||
if (!parser) {
|
||||
parser = apr_pcalloc(f->c->pool, sizeof(*parser));
|
||||
parser->id = apr_psprintf(f->c->pool, "%s-%d", conn_ctx->id, conn_ctx->stream_id);
|
|
@ -47,6 +47,7 @@ include/apache2/mod_cgi.h
|
|||
include/apache2/mod_core.h
|
||||
include/apache2/mod_dav.h
|
||||
include/apache2/mod_dbd.h
|
||||
include/apache2/mod_http2.h
|
||||
include/apache2/mod_include.h
|
||||
include/apache2/mod_log_config.h
|
||||
include/apache2/mod_proxy.h
|
||||
|
|
Loading…
Reference in New Issue