diff options
| author |   Soumya Sambu <soumya.sambu@windriver.com> | 2024-04-19 13:22:31 +0000 |
|---|---|---|
| committer |   Khem Raj <raj.khem@gmail.com> | 2024-04-19 14:31:32 -0700 |
| commit | c341cdb58cf7c6de809b2004ad6fd9e50ee16203 (patch) | |
| tree | 01f00978bf2945d51182198c988cedfc4f6096a4 /meta-webserver | |
| parent | 5f2f51409e0a68b920d5e8b3569b5554d4bf3b55 (diff) | |
| download | meta-openembedded-c341cdb58cf7c6de809b2004ad6fd9e50ee16203.tar.gz | |
apache2: Upgrade v2.4.58 -> v2.4.59
This upgrade incorporates the fixes for CVE-2024-27316,
CVE-2024-24795,CVE-2023-38709 and other bugfixes.
Adjusted 0004-apache2-log-the-SELinux-context-at-startup.patch
and 0007-apache2-allow-to-disable-selinux-support.patch to
align with upgraded version.
Changelog:
https://downloads.apache.org/httpd/CHANGES_2.4.59
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-webserver')
| -rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch | 17 | ||||
| -rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch | 10 | ||||
| -rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb) | 2 |
3 files changed, 15 insertions, 14 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch index 3b080f54f6..1abbe0c41f 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch +++ b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch @@ -8,17 +8,16 @@ Log the SELinux context at startup. Upstream-Status: Inappropriate [other] Note: unlikely to be any interest in this upstream - --- configure.in | 5 +++++ server/core.c | 26 ++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/configure.in b/configure.in -index ea6cec3..92b74b7 100644 +index 352711a..f58620f 100644 --- a/configure.in +++ b/configure.in -@@ -491,6 +491,11 @@ getloadavg +@@ -514,6 +514,11 @@ gettid dnl confirm that a void pointer is large enough to store a long integer APACHE_CHECK_VOID_PTR_LEN @@ -27,11 +26,11 @@ index ea6cec3..92b74b7 100644 + APR_ADDTO(AP_LIBS, [-lselinux]) +]) + - AC_CACHE_CHECK([for gettid()], ac_cv_gettid, - [AC_TRY_RUN(#define _GNU_SOURCE - #include <unistd.h> + if test $ac_cv_func_gettid = no; then + # On Linux before glibc 2.30, gettid() is only usable via syscall() + AC_CACHE_CHECK([for gettid() via syscall], ap_cv_gettid, diff --git a/server/core.c b/server/core.c -index 4da7209..d3ca25b 100644 +index 30b317e..81f145f 100644 --- a/server/core.c +++ b/server/core.c @@ -65,6 +65,10 @@ @@ -45,7 +44,7 @@ index 4da7209..d3ca25b 100644 /* LimitRequestBody handling */ #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */ -@@ -5126,6 +5130,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte +@@ -5139,6 +5143,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte } #endif @@ -74,3 +73,5 @@ index 4da7209..d3ca25b 100644 return OK; } +-- +2.40.0 diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch index 3ff6894409..7163dc2b80 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch +++ b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch @@ -11,10 +11,10 @@ Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/configure.in b/configure.in -index 76811e7..4df3ff3 100644 +index f58620f..b5971b7 100644 --- a/configure.in +++ b/configure.in -@@ -491,10 +491,16 @@ getloadavg +@@ -514,10 +514,16 @@ gettid dnl confirm that a void pointer is large enough to store a long integer APACHE_CHECK_VOID_PTR_LEN @@ -33,8 +33,8 @@ index 76811e7..4df3ff3 100644 + ]) +fi - AC_CACHE_CHECK([for gettid()], ac_cv_gettid, - [AC_TRY_RUN(#define _GNU_SOURCE + if test $ac_cv_func_gettid = no; then + # On Linux before glibc 2.30, gettid() is only usable via syscall() -- -2.25.1 +2.40.0 diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb index a6cdfd1659..b96e8b4e17 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb @@ -27,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5" +SRC_URI[sha256sum] = "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323" S = "${WORKDIR}/httpd-${PV}" |