diff options
author | Derek Straka <derek@asterius.io> | 2016-12-21 18:38:58 -0500 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2016-12-26 08:24:54 +0100 |
commit | 9148d8b8243236c61c2d5a45c807fa0bd4387da6 (patch) | |
tree | fe445d9d57e43011f21a9dea81bf42828caa9744 | |
parent | e873c0e6e30029729fa18b5b7cb0af58dfbf47d3 (diff) | |
download | meta-openembedded-9148d8b8243236c61c2d5a45c807fa0bd4387da6.tar.gz |
apache2: update to version 2.4.25
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2-native_2.4.25.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2-native_2.4.23.bb) | 4 | ||||
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch | 25 | ||||
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2_2.4.25.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb) | 5 |
3 files changed, 4 insertions, 30 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.23.bb b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.25.bb index b227f191d..ca8ebaf95 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.23.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.25.bb | |||
@@ -15,8 +15,8 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \ | |||
15 | S = "${WORKDIR}/httpd-${PV}" | 15 | S = "${WORKDIR}/httpd-${PV}" |
16 | 16 | ||
17 | LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" | 17 | LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" |
18 | SRC_URI[md5sum] = "04f19c60e810c028f5240a062668a688" | 18 | SRC_URI[md5sum] = "2826f49619112ad5813c0be5afcc7ddb" |
19 | SRC_URI[sha256sum] = "0c1694b2aad7765896faf92843452ee2555b9591ae10d4f19b245f2adfe85e58" | 19 | SRC_URI[sha256sum] = "f87ec2df1c9fee3e6bfde3c8b855a3ddb7ca1ab20ca877bd0e2b6bf3f05c80b2" |
20 | 20 | ||
21 | EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ | 21 | EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ |
22 | --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \ | 22 | --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \ |
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch b/meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch deleted file mode 100644 index dbcdfc6df..000000000 --- a/meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch +++ /dev/null | |||
@@ -1,25 +0,0 @@ | |||
1 | This patch has been copied from https://www.apache.org/security/asf-httpoxy-response.txt | ||
2 | as a mitigation of CVE-2016-5387. | ||
3 | |||
4 | Upstream-Status: Backport - fixed in 2.4.24 | ||
5 | |||
6 | Signed-off-by: Joe Slater<jslater@windriver.com> | ||
7 | |||
8 | |||
9 | --- a/server/util_script.c (revision 1752426) | ||
10 | +++ b/server/util_script.c (working copy) | ||
11 | @@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r | ||
12 | else if (!strcasecmp(hdrs[i].key, "Content-length")) { | ||
13 | apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val); | ||
14 | } | ||
15 | + /* HTTP_PROXY collides with a popular envvar used to configure | ||
16 | + * proxies, don't let clients set/override it. But, if you must... | ||
17 | + */ | ||
18 | +#ifndef SECURITY_HOLE_PASS_PROXY | ||
19 | + else if (!strcasecmp(hdrs[i].key, "Proxy")) { | ||
20 | + ; | ||
21 | + } | ||
22 | +#endif | ||
23 | /* | ||
24 | * You really don't want to disable this check, since it leaves you | ||
25 | * wide open to CGIs stealing passwords and people viewing them | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.25.bb index b78ff5163..3bd8579a8 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.25.bb | |||
@@ -17,15 +17,14 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \ | |||
17 | file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \ | 17 | file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \ |
18 | file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ | 18 | file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ |
19 | file://configure-allow-to-disable-selinux-support.patch \ | 19 | file://configure-allow-to-disable-selinux-support.patch \ |
20 | file://cve-2016-5387.patch \ | ||
21 | file://init \ | 20 | file://init \ |
22 | file://apache2-volatile.conf \ | 21 | file://apache2-volatile.conf \ |
23 | file://apache2.service \ | 22 | file://apache2.service \ |
24 | " | 23 | " |
25 | 24 | ||
26 | LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" | 25 | LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" |
27 | SRC_URI[md5sum] = "04f19c60e810c028f5240a062668a688" | 26 | SRC_URI[md5sum] = "2826f49619112ad5813c0be5afcc7ddb" |
28 | SRC_URI[sha256sum] = "0c1694b2aad7765896faf92843452ee2555b9591ae10d4f19b245f2adfe85e58" | 27 | SRC_URI[sha256sum] = "f87ec2df1c9fee3e6bfde3c8b855a3ddb7ca1ab20ca877bd0e2b6bf3f05c80b2" |
29 | 28 | ||
30 | S = "${WORKDIR}/httpd-${PV}" | 29 | S = "${WORKDIR}/httpd-${PV}" |
31 | 30 | ||