apache2: upgrade 2.4.57 -> 2.4.58

This upgrade incorporates the CVE-2023-31122, CVE-2023-43622 & CVE-2023-45802 fixes and other bugfixes. The "0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch" and "CVE-2023-45802.patch" is no longer needed as it's included in this upgrade. Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.58 References: https://httpd.apache.org/security/vulnerabilities_24.html https://security-tracker.debian.org/tracker/CVE-2023-31122 https://security-tracker.debian.org/tracker/CVE-2023-43622 https://security-tracker.debian.org/tracker/CVE-2023-45802 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Hitendra Prajapati <hprajapati@mvista.com> 2024-01-09 10:43:26 +0530
committer: Armin Kuster <akuster808@gmail.com> 2024-03-03 16:38:27 -0500
commit: 10d8982782b32a3940d2b2b57927ae6978e0f472 (patch)
tree: c1b43b8524f5a105370dad784383182778822ae2
parent: daa4619fe3fbf8c28f342c4a7163a84a330f7653 (diff)
download: meta-openembedded-10d8982782b32a3940d2b2b57927ae6978e0f472.tar.gz
3 files changed, 1 insertions, 175 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch b/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch
deleted file mode 100644
index 996eabf58..000000000
--- a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 5c9257fa34335ff83f7c01581cf953111072a457 Mon Sep 17 00:00:00 2001
-From: Valeria Petrov <valeria.petrov@spinetix.com>
-Date: Tue, 18 Apr 2023 15:38:53 +0200
-Subject: [PATCH] * modules/mappers/config9.m4: Add 'server' directory to
- include path if mod_rewrite is enabled.
-Upstream-Status: Accepted [https://svn.apache.org/viewvc?view=revision&revision=1909241]
---
- modules/mappers/config9.m4 | 5 +++++
- 1 file changed, 5 insertions(+)
-diff --git a/modules/mappers/config9.m4 b/modules/mappers/config9.m4
-index 55a97ab993..7120b729b7 100644
--- a/modules/mappers/config9.m4
-+++ b/modules/mappers/config9.m4
-@@ -14,6 +14,11 @@ APACHE_MODULE(userdir, mapping of requests to user-specific directories, , , mos
- APACHE_MODULE(alias, mapping of requests to different filesystem parts, , , yes)
- APACHE_MODULE(rewrite, rule based URL manipulation, , , most)
- 
-+if test "x$enable_rewrite" != "xno"; then
-+    # mod_rewrite needs test_char.h
-+    APR_ADDTO(INCLUDES, [-I\$(top_builddir)/server])
-+fi
-+
- APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current])
- 
- APACHE_MODPATH_FINISH
-- 
-2.25.1
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/CVE-2023-45802.patch b/meta-webserver/recipes-httpd/apache2/apache2/CVE-2023-45802.patch
deleted file mode 100644
index ee26e701f..000000000
--- a/meta-webserver/recipes-httpd/apache2/apache2/CVE-2023-45802.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-From decce82a706abd78dfc32821a03ad93841d7758a Mon Sep 17 00:00:00 2001
-From: Stefan Eissing <icing@apache.org>
-Date: Mon, 16 Oct 2023 09:05:00 +0000
-Subject: [PATCH] Merge of /httpd/httpd/trunk:r1912999
- * mod_http2: improved early cleanup of streams.
-git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1913000 13f79535-47bb-0310-9956-ffa450edef68
---
-Upstream-Status: Backport from [https://github.com/apache/httpd/commit/decce82a706abd78dfc32821a03ad93841d7758a]
-CVE: CVE-2023-45802
-Signed-off-by: Ashish Sharma <asharma@mvista.com>
- changes-entries/h2_cleanup.txt |  2 ++
- modules/http2/h2_mplx.c        | 26 ++++++++++++++++++++++----
- modules/http2/h2_mplx.h        |  3 ++-
- modules/http2/h2_session.c     | 18 +++++++++++++++++-
- modules/http2/h2_stream.c      |  2 +-
- 5 files changed, 44 insertions(+), 7 deletions(-)
- create mode 100644 changes-entries/h2_cleanup.txt
-diff --git a/changes-entries/h2_cleanup.txt b/changes-entries/h2_cleanup.txt
-new file mode 100644
-index 00000000000..5366b4adfc6
--- /dev/null
-+++ b/changes-entries/h2_cleanup.txt
-@@ -0,0 +1,2 @@
-+ * mod_http2: improved early cleanup of streams.
-+   [Stefan Eissing]
-diff --git a/modules/http2/h2_mplx.c b/modules/http2/h2_mplx.c
-index 4637a5f66ef..2aeea42b5df 100644
--- a/modules/http2/h2_mplx.c
-+++ b/modules/http2/h2_mplx.c
-@@ -1119,14 +1119,32 @@ static int reset_is_acceptable(h2_stream *stream)
-     return 1; /* otherwise, be forgiving */
- }
- 
-apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id)
-+apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id, h2_stream *stream)
- {
-    h2_stream *stream;
-     apr_status_t status = APR_SUCCESS;
-+    int registered;
- 
-     H2_MPLX_ENTER_ALWAYS(m);
-    stream = h2_ihash_get(m->streams, stream_id);
-    if (stream && !reset_is_acceptable(stream)) {
-+    registered = (h2_ihash_get(m->streams, stream_id) != NULL);
-+    if (!stream) {
-+      /* a RST might arrive so late, we have already forgotten
-+       * about it. Seems ok. */
-+      ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c1,
-+                    H2_MPLX_MSG(m, "RST on unknown stream %d"), stream_id);
-+      AP_DEBUG_ASSERT(!registered);
-+    }
-+    else if (!registered) {
-+      /* a RST on a stream that mplx has not been told about, but
-+       * which the session knows. Very early and annoying. */
-+      ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c1,
-+                    H2_STRM_MSG(stream, "very early RST, drop"));
-+      h2_stream_set_monitor(stream, NULL);
-+      h2_stream_rst(stream, H2_ERR_STREAM_CLOSED);
-+      h2_stream_dispatch(stream, H2_SEV_EOS_SENT);
-+      m_stream_cleanup(m, stream);
-+      m_be_annoyed(m);
-+    }
-+    else if (!reset_is_acceptable(stream)) {
-         m_be_annoyed(m);
-     }
-     H2_MPLX_LEAVE(m);
-diff --git a/modules/http2/h2_mplx.h b/modules/http2/h2_mplx.h
-index a2e73d9d7c3..860f9160397 100644
--- a/modules/http2/h2_mplx.h
-+++ b/modules/http2/h2_mplx.h
-@@ -201,7 +201,8 @@ int h2_mplx_c1_all_streams_want_send_data(h2_mplx *m);
-  * any processing going on and remove from processing
-  * queue.
-  */
-apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id);
-+apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id,
-+                                   struct h2_stream *stream);
- 
- /**
-  * Get readonly access to a stream for a secondary connection.
-diff --git a/modules/http2/h2_session.c b/modules/http2/h2_session.c
-index 066c73ad98b..b6f6e7c01fb 100644
--- a/modules/http2/h2_session.c
-+++ b/modules/http2/h2_session.c
-@@ -402,6 +402,10 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
-                           H2_SSSN_STRM_MSG(session, frame->hd.stream_id,
-                           "RST_STREAM by client, error=%d"),
-                           (int)frame->rst_stream.error_code);
-+            if (stream) {
-+                rv = h2_stream_recv_frame(stream, NGHTTP2_RST_STREAM, frame->hd.flags,
-+                    frame->hd.length + H2_FRAME_HDR_LEN);
-+            }
-             if (stream && stream->initiated_on) {
-                 /* A stream reset on a request we sent it. Normal, when the
-                  * client does not want it. */
-@@ -410,7 +414,8 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
-             else {
-                 /* A stream reset on a request it sent us. Could happen in a browser
-                  * when the user navigates away or cancels loading - maybe. */
-                h2_mplx_c1_client_rst(session->mplx, frame->hd.stream_id);
-+                h2_mplx_c1_client_rst(session->mplx, frame->hd.stream_id,
-+                                      stream);
-             }
-             ++session->streams_reset;
-             break;
-@@ -812,6 +817,17 @@ static apr_status_t session_cleanup(h2_session *session, const char *trigger)
-                       "goodbye, clients will be confused, should not happen"));
-     }
- 
-+    if (!h2_iq_empty(session->ready_to_process)) {
-+        int sid;
-+        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
-+                      H2_SSSN_LOG(APLOGNO(), session,
-+                      "cleanup, resetting %d streams in ready-to-process"),
-+                      h2_iq_count(session->ready_to_process));
-+        while ((sid = h2_iq_shift(session->ready_to_process)) > 0) {
-+          h2_mplx_c1_client_rst(session->mplx, sid, get_stream(session, sid));
-+        }
-+    }
-+
-     transit(session, trigger, H2_SESSION_ST_CLEANUP);
-     h2_mplx_c1_destroy(session->mplx);
-     session->mplx = NULL;
-diff --git a/modules/http2/h2_stream.c b/modules/http2/h2_stream.c
-index c419e2d8591..f6c92024519 100644
--- a/modules/http2/h2_stream.c
-+++ b/modules/http2/h2_stream.c
-@@ -125,7 +125,7 @@ static int trans_on_event[][H2_SS_MAX] = {
- { S_XXX, S_ERR,  S_ERR,  S_CL_L, S_CLS,  S_XXX,  S_XXX,  S_XXX, },/* EV_CLOSED_L*/
- { S_ERR, S_ERR,  S_ERR,  S_CL_R, S_ERR,  S_CLS,  S_NOP,  S_NOP, },/* EV_CLOSED_R*/
- { S_CLS, S_CLS,  S_CLS,  S_CLS,  S_CLS,  S_CLS,  S_NOP,  S_NOP, },/* EV_CANCELLED*/
-{ S_NOP, S_XXX,  S_XXX,  S_XXX,  S_XXX,  S_CLS,  S_CLN,  S_XXX, },/* EV_EOS_SENT*/
-+{ S_NOP, S_XXX,  S_XXX,  S_XXX,  S_XXX,  S_CLS,  S_CLN,  S_NOP, },/* EV_EOS_SENT*/
- { S_NOP, S_XXX,  S_CLS,  S_XXX,  S_XXX,  S_CLS,  S_XXX,  S_XXX, },/* EV_IN_ERROR*/
- };
- 
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb
index 2484f90eb..746db4ac0 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb
@@ -15,8 +15,6 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
           file://0007-apache2-allow-to-disable-selinux-support.patch \
           file://0008-Fix-perl-install-directory-to-usr-bin.patch \
           file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \
-           file://0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch \
-           file://CVE-2023-45802.patch \
          "
 SRC_URI:append:class-target = " \
@@ -28,7 +26,7 @@ SRC_URI:append:class-target = " \
           "
 LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[sha256sum] = "dbccb84aee95e095edfbb81e5eb926ccd24e6ada55dcd83caecb262e5cf94d2a"
+SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5"
 S = "${WORKDIR}/httpd-${PV}"
author	Hitendra Prajapati <hprajapati@mvista.com>	2024-01-09 10:43:26 +0530
committer	Armin Kuster <akuster808@gmail.com>	2024-03-03 16:38:27 -0500
commit	10d8982782b32a3940d2b2b57927ae6978e0f472 (patch)
tree	c1b43b8524f5a105370dad784383182778822ae2
parent	daa4619fe3fbf8c28f342c4a7163a84a330f7653 (diff)
download	meta-openembedded-10d8982782b32a3940d2b2b57927ae6978e0f472.tar.gz

diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch b/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch deleted file mode 100644 index 996eabf58..000000000 --- a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch +++ /dev/null
@@ -1,31 +0,0 @@
1	From 5c9257fa34335ff83f7c01581cf953111072a457 Mon Sep 17 00:00:00 2001
2	From: Valeria Petrov <valeria.petrov@spinetix.com>
3	Date: Tue, 18 Apr 2023 15:38:53 +0200
4	Subject: [PATCH] * modules/mappers/config9.m4: Add 'server' directory to
5	include path if mod_rewrite is enabled.
6
7	Upstream-Status: Accepted [https://svn.apache.org/viewvc?view=revision&revision=1909241]
8
9	---
10	modules/mappers/config9.m4 \| 5 +++++
11	1 file changed, 5 insertions(+)
12
13	diff --git a/modules/mappers/config9.m4 b/modules/mappers/config9.m4
14	index 55a97ab993..7120b729b7 100644
15	--- a/modules/mappers/config9.m4
16	+++ b/modules/mappers/config9.m4
17	@@ -14,6 +14,11 @@ APACHE_MODULE(userdir, mapping of requests to user-specific directories, , , mos
18	APACHE_MODULE(alias, mapping of requests to different filesystem parts, , , yes)
19	APACHE_MODULE(rewrite, rule based URL manipulation, , , most)
20
21	+if test "x$enable_rewrite" != "xno"; then
22	+ # mod_rewrite needs test_char.h
23	+ APR_ADDTO(INCLUDES, [-I\$(top_builddir)/server])
24	+fi
25	+
26	APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current])
27
28	APACHE_MODPATH_FINISH
29	--
30	2.25.1
31


diff --git a/meta-webserver/recipes-httpd/apache2/apache2/CVE-2023-45802.patch b/meta-webserver/recipes-httpd/apache2/apache2/CVE-2023-45802.patch deleted file mode 100644 index ee26e701f..000000000 --- a/meta-webserver/recipes-httpd/apache2/apache2/CVE-2023-45802.patch +++ /dev/null
@@ -1,141 +0,0 @@
1	From decce82a706abd78dfc32821a03ad93841d7758a Mon Sep 17 00:00:00 2001
2	From: Stefan Eissing <icing@apache.org>
3	Date: Mon, 16 Oct 2023 09:05:00 +0000
4	Subject: [PATCH] Merge of /httpd/httpd/trunk:r1912999
5
6	* mod_http2: improved early cleanup of streams.
7
8
9
10	git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1913000 13f79535-47bb-0310-9956-ffa450edef68
11	---
12	Upstream-Status: Backport from [https://github.com/apache/httpd/commit/decce82a706abd78dfc32821a03ad93841d7758a]
13	CVE: CVE-2023-45802
14	Signed-off-by: Ashish Sharma <asharma@mvista.com>
15	changes-entries/h2_cleanup.txt \| 2 ++
16	modules/http2/h2_mplx.c \| 26 ++++++++++++++++++++++----
17	modules/http2/h2_mplx.h \| 3 ++-
18	modules/http2/h2_session.c \| 18 +++++++++++++++++-
19	modules/http2/h2_stream.c \| 2 +-
20	5 files changed, 44 insertions(+), 7 deletions(-)
21	create mode 100644 changes-entries/h2_cleanup.txt
22
23	diff --git a/changes-entries/h2_cleanup.txt b/changes-entries/h2_cleanup.txt
24	new file mode 100644
25	index 00000000000..5366b4adfc6
26	--- /dev/null
27	+++ b/changes-entries/h2_cleanup.txt
28	@@ -0,0 +1,2 @@
29	+ * mod_http2: improved early cleanup of streams.
30	+ [Stefan Eissing]
31	diff --git a/modules/http2/h2_mplx.c b/modules/http2/h2_mplx.c
32	index 4637a5f66ef..2aeea42b5df 100644
33	--- a/modules/http2/h2_mplx.c
34	+++ b/modules/http2/h2_mplx.c
35	@@ -1119,14 +1119,32 @@ static int reset_is_acceptable(h2_stream *stream)
36	return 1; /* otherwise, be forgiving */
37	}
38
39	-apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id)
40	+apr_status_t h2_mplx_c1_client_rst(h2_mplx m, int stream_id, h2_stream stream)
41	{
42	- h2_stream *stream;
43	apr_status_t status = APR_SUCCESS;
44	+ int registered;
45
46	H2_MPLX_ENTER_ALWAYS(m);
47	- stream = h2_ihash_get(m->streams, stream_id);
48	- if (stream && !reset_is_acceptable(stream)) {
49	+ registered = (h2_ihash_get(m->streams, stream_id) != NULL);
50	+ if (!stream) {
51	+ /* a RST might arrive so late, we have already forgotten
52	+ * about it. Seems ok. */
53	+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c1,
54	+ H2_MPLX_MSG(m, "RST on unknown stream %d"), stream_id);
55	+ AP_DEBUG_ASSERT(!registered);
56	+ }
57	+ else if (!registered) {
58	+ /* a RST on a stream that mplx has not been told about, but
59	+ * which the session knows. Very early and annoying. */
60	+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, m->c1,
61	+ H2_STRM_MSG(stream, "very early RST, drop"));
62	+ h2_stream_set_monitor(stream, NULL);
63	+ h2_stream_rst(stream, H2_ERR_STREAM_CLOSED);
64	+ h2_stream_dispatch(stream, H2_SEV_EOS_SENT);
65	+ m_stream_cleanup(m, stream);
66	+ m_be_annoyed(m);
67	+ }
68	+ else if (!reset_is_acceptable(stream)) {
69	m_be_annoyed(m);
70	}
71	H2_MPLX_LEAVE(m);
72	diff --git a/modules/http2/h2_mplx.h b/modules/http2/h2_mplx.h
73	index a2e73d9d7c3..860f9160397 100644
74	--- a/modules/http2/h2_mplx.h
75	+++ b/modules/http2/h2_mplx.h
76	@@ -201,7 +201,8 @@ int h2_mplx_c1_all_streams_want_send_data(h2_mplx *m);
77	* any processing going on and remove from processing
78	* queue.
79	*/
80	-apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id);
81	+apr_status_t h2_mplx_c1_client_rst(h2_mplx *m, int stream_id,
82	+ struct h2_stream *stream);
83
84	/**
85	* Get readonly access to a stream for a secondary connection.
86	diff --git a/modules/http2/h2_session.c b/modules/http2/h2_session.c
87	index 066c73ad98b..b6f6e7c01fb 100644
88	--- a/modules/http2/h2_session.c
89	+++ b/modules/http2/h2_session.c
90	@@ -402,6 +402,10 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
91	H2_SSSN_STRM_MSG(session, frame->hd.stream_id,
92	"RST_STREAM by client, error=%d"),
93	(int)frame->rst_stream.error_code);
94	+ if (stream) {
95	+ rv = h2_stream_recv_frame(stream, NGHTTP2_RST_STREAM, frame->hd.flags,
96	+ frame->hd.length + H2_FRAME_HDR_LEN);
97	+ }
98	if (stream && stream->initiated_on) {
99	/* A stream reset on a request we sent it. Normal, when the
100	* client does not want it. */
101	@@ -410,7 +414,8 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
102	else {
103	/* A stream reset on a request it sent us. Could happen in a browser
104	* when the user navigates away or cancels loading - maybe. */
105	- h2_mplx_c1_client_rst(session->mplx, frame->hd.stream_id);
106	+ h2_mplx_c1_client_rst(session->mplx, frame->hd.stream_id,
107	+ stream);
108	}
109	++session->streams_reset;
110	break;
111	@@ -812,6 +817,17 @@ static apr_status_t session_cleanup(h2_session session, const char trigger)
112	"goodbye, clients will be confused, should not happen"));
113	}
114
115	+ if (!h2_iq_empty(session->ready_to_process)) {
116	+ int sid;
117	+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
118	+ H2_SSSN_LOG(APLOGNO(), session,
119	+ "cleanup, resetting %d streams in ready-to-process"),
120	+ h2_iq_count(session->ready_to_process));
121	+ while ((sid = h2_iq_shift(session->ready_to_process)) > 0) {
122	+ h2_mplx_c1_client_rst(session->mplx, sid, get_stream(session, sid));
123	+ }
124	+ }
125	+
126	transit(session, trigger, H2_SESSION_ST_CLEANUP);
127	h2_mplx_c1_destroy(session->mplx);
128	session->mplx = NULL;
129	diff --git a/modules/http2/h2_stream.c b/modules/http2/h2_stream.c
130	index c419e2d8591..f6c92024519 100644
131	--- a/modules/http2/h2_stream.c
132	+++ b/modules/http2/h2_stream.c
133	@@ -125,7 +125,7 @@ static int trans_on_event[][H2_SS_MAX] = {
134	{ S_XXX, S_ERR, S_ERR, S_CL_L, S_CLS, S_XXX, S_XXX, S_XXX, },/* EV_CLOSED_L*/
135	{ S_ERR, S_ERR, S_ERR, S_CL_R, S_ERR, S_CLS, S_NOP, S_NOP, },/* EV_CLOSED_R*/
136	{ S_CLS, S_CLS, S_CLS, S_CLS, S_CLS, S_CLS, S_NOP, S_NOP, },/* EV_CANCELLED*/
137	-{ S_NOP, S_XXX, S_XXX, S_XXX, S_XXX, S_CLS, S_CLN, S_XXX, },/* EV_EOS_SENT*/
138	+{ S_NOP, S_XXX, S_XXX, S_XXX, S_XXX, S_CLS, S_CLN, S_NOP, },/* EV_EOS_SENT*/
139	{ S_NOP, S_XXX, S_CLS, S_XXX, S_XXX, S_CLS, S_XXX, S_XXX, },/* EV_IN_ERROR*/
140	};
141


diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb index 2484f90eb..746db4ac0 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb
@@ -15,8 +15,6 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
15	file://0007-apache2-allow-to-disable-selinux-support.patch \	15	file://0007-apache2-allow-to-disable-selinux-support.patch \
16	file://0008-Fix-perl-install-directory-to-usr-bin.patch \	16	file://0008-Fix-perl-install-directory-to-usr-bin.patch \
17	file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \	17	file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \
18	file://0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch \
19	file://CVE-2023-45802.patch \
20	"	18	"
21		19
22	SRC_URI:append:class-target = " \	20	SRC_URI:append:class-target = " \
@@ -28,7 +26,7 @@ SRC_URI:append:class-target = " \
28	"	26	"
29		27
30	LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"	28	LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
31	SRC_URI[sha256sum] = "dbccb84aee95e095edfbb81e5eb926ccd24e6ada55dcd83caecb262e5cf94d2a"	29	SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5"
32		30
33	S = "${WORKDIR}/httpd-${PV}"	31	S = "${WORKDIR}/httpd-${PV}"
34		32