diff options
author | Mingli Yu <mingli.yu@windriver.com> | 2018-10-29 00:25:49 -0700 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2018-11-02 10:05:06 -0700 |
commit | e9e214875fa9109ce49a31c5d964e31fccf02282 (patch) | |
tree | 390ee87ec7fafe6d09da71db5cbe51b4be65909a /meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb | |
parent | 5f94a97b0cffe81278e6835e5cdaa0e43816f46d (diff) | |
download | meta-openembedded-contrib-e9e214875fa9109ce49a31c5d964e31fccf02282.tar.gz |
apache2: Fix CVE-2018-11763
mod_http2: connection IO event handling reworked.
Instead of reacting on incoming bytes, the state
machine now acts on incoming frames that are affecting
it. This reduces state transitions.
Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb')
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb index a92ec5458c..a87e3847f3 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb @@ -16,6 +16,7 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \ file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ file://configure-allow-to-disable-selinux-support.patch \ + file://CVE-2018-11763.patch \ file://init \ file://apache2-volatile.conf \ file://apache2.service \ |