diff options
| author | Josef Schlehofer <pepe.schlehofer@gmail.com> | 2022-01-28 17:05:28 +0100 |
|---|---|---|
| committer | Rosen Penev <rosenp@gmail.com> | 2022-02-02 07:24:59 -0800 |
| commit | 6c6c99ffb54f06031443c17023bd9891c449410b (patch) | |
| tree | 63bcef49a25517c6338b5097e714e5c1104f1509 /net | |
| parent | 52ef2074942a2786e97618ac07c94567f2d07194 (diff) | |
apache2: security update to version 2.4.52
Fixes CVEs:
- CVE-2021-44790
- CVE-2021-44224
Refreshed patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/apache/Makefile | 4 | ||||
| -rw-r--r-- | net/apache/patches/020-openssl-deprecated.patch | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/net/apache/Makefile b/net/apache/Makefile index d3c6d89a4..9a6c88158 100644 --- a/net/apache/Makefile +++ b/net/apache/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=apache -PKG_VERSION:=2.4.51 +PKG_VERSION:=2.4.52 PKG_RELEASE:=1 PKG_SOURCE_NAME:=httpd PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=@APACHE/httpd/ -PKG_HASH:=20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4 +PKG_HASH:=0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION) diff --git a/net/apache/patches/020-openssl-deprecated.patch b/net/apache/patches/020-openssl-deprecated.patch index b9dcf5778..c4f600fa8 100644 --- a/net/apache/patches/020-openssl-deprecated.patch +++ b/net/apache/patches/020-openssl-deprecated.patch @@ -1,6 +1,6 @@ --- a/modules/md/md_crypt.c +++ b/modules/md/md_crypt.c -@@ -1095,23 +1095,23 @@ const char *md_cert_get_serial_number(co +@@ -1139,23 +1139,23 @@ const char *md_cert_get_serial_number(co int md_cert_is_valid_now(const md_cert_t *cert) { @@ -42,7 +42,7 @@ "a newer library (%s, version currently loaded is %s)" --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c -@@ -1280,9 +1280,9 @@ static apr_status_t ssl_io_filter_handsh +@@ -1316,9 +1316,9 @@ static apr_status_t ssl_io_filter_handsh if (dc->proxy->ssl_check_peer_expire != FALSE) { if (!cert || (X509_cmp_current_time( @@ -56,7 +56,7 @@ "SSL Proxy: Peer certificate is expired"); --- a/modules/ssl/ssl_engine_log.c +++ b/modules/ssl/ssl_engine_log.c -@@ -161,10 +161,10 @@ static void ssl_log_cert_error(const cha +@@ -171,10 +171,10 @@ static void ssl_log_cert_error(const cha BIO_puts(bio, "(ERROR)"); BIO_puts(bio, " / notbefore: "); @@ -90,7 +90,7 @@ else if (*var && strcEQ(var+1, "_DN")) { --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h -@@ -99,6 +99,9 @@ +@@ -102,6 +102,9 @@ #include <openssl/x509v3.h> #include <openssl/x509_vfy.h> #include <openssl/ocsp.h> |