| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
libxml2 restructured includes, thus another include is now required
otherwise build fails.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
|
|
| |
Bump apache to release 2.4.57 and refresh patch automatically.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes CVEs:
- CVE-2021-44790
- CVE-2021-44224
Refreshed patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes (see [1] for details):
CVE-2021-33193
CVE-2021-41524
CVE-2021-41773
CVE-2021-42013
[1] https://httpd.apache.org/security/vulnerabilities_24.html
Patch 020-openssl-deprecated.patch refreshed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed patch.
Fixes:
CVE-2019-17567
CVE-2020-13938
CVE-2020-13950
CVE-2020-35452
CVE-2021-26690
CVE-2021-26691
CVE-2021-30641
CVE-2021-31618
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This minor version bump fixes:
CVE-2020-1934
CVE-2020-1927
Upstream added cross-compile compatibility to apxs, so we can drop a sed
script. Upstream also added the OpenWrt layout, so we can drop our local
copy.
The OpenSSL patch to remove deprecated symbols doesn't apply anymore and
gets removed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This adds extra packages for certain modules (basically the ones that
incur further dependencies), support files etc. This is pretty much
follows Alpine's example.
This updates the httpd.conf patch to _not_ uncomment MIMEMagicFile
(because the module isn't loaded by default) and removes that changes
that aren't needed anymore (because of the added module support). The
patch now only changes the default user.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This gets rid of flags. For instance $(FPIC) shouldn't be forced onto
applications (see [1]).
And CONFIGURE_ARGS + CONFIGURE_VARS are broken out of Build/Configure.
This way more arguments can be added easily in the future.
The target is changed from apache to apache2 (which is used by upstream
by default). the CONFIGURE_ARGS are changed where need to enable
modules.
This also renames one patch that fixes scoreboard location (the name
004-pidfile_fix.patch didn't describe what it's doing).
Now with the OpenWrt layout in place 003-logdir_fix.patch can be
removed.
[1] https://wiki.gentoo.org/wiki/Project:Hardened/Position_Independent_Code_internals
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
| |
- version bump
- update license description
- add PKG_BUILD_PARALLEL:=1
- remove two cross-compile patches and replace them with the
cross-compile patch from buildroot (adds autoreconf to get this going)
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes at least:
CVE-2017-15710
CVE-2017-15715
CVE-2018-1283
CVE-2018-1312
Added CPE ID for proper CVE tracking.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Remove build timestamp [0] and correct sorting [1].
Thanks to debian for the patch.
[0] https://reproducible-builds.org/docs/timestamps/
[1] https://reproducible-builds.org/docs/stable-inputs/
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
| |
|
|
|
|
| |
- refresh patches
Signed-off-by: heil <heil@terminal-consulting.de>
|
| |
|
|
|
|
|
| |
SSLv3 support is deactivated in LEDE now, which causes a build problem
in apache.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
information, update source-url update to v2.2.27
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
|