diff options
author | Roy Li <rongqing.li@windriver.com> | 2015-08-07 14:07:49 +0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2015-08-24 13:54:02 +0200 |
commit | fe0833e87e853024c9162fae17cbaf2fbfc6a53f (patch) | |
tree | 7d635c56d8c0e16c0c2da46943f9f56692107eef /meta-webserver | |
parent | ae8dc15ef65396cb37df124ec9fb0e3e7a5caf39 (diff) | |
download | meta-openembedded-contrib-fe0833e87e853024c9162fae17cbaf2fbfc6a53f.tar.gz |
apache: upgrade to 2.4.16
2.4.16 includes fixes for CVE-2015-3185, CVE-2015-0253 and CVE-2015-3183
remove a backport patch 0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-webserver')
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2-native_2.4.16.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2-native_2.4.12.bb) | 4 | ||||
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2/0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch | 58 | ||||
-rw-r--r-- | meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2_2.4.12.bb) | 5 |
3 files changed, 4 insertions, 63 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.12.bb b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.16.bb index 1704bd927f..59109dd1c4 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.12.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.16.bb @@ -15,8 +15,8 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \ S = "${WORKDIR}/httpd-${PV}" LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" -SRC_URI[md5sum] = "b8dc8367a57a8d548a9b4ce16d264a13" -SRC_URI[sha256sum] = "ad6d39edfe4621d8cc9a2791f6f8d6876943a9da41ac8533d77407a2e630eae4" +SRC_URI[md5sum] = "2b19cd338fd526dd5a63c57b1e9bfee2" +SRC_URI[sha256sum] = "ac660b47aaa7887779a6430404dcb40c0b04f90ea69e7bd49a40552e9ff13743" EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \ diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch b/meta-webserver/recipes-httpd/apache2/apache2/0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch deleted file mode 100644 index 264fde7104..0000000000 --- a/meta-webserver/recipes-httpd/apache2/apache2/0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef Mon Sep 17 00:00:00 2001 -From: Eric Covener <covener@apache.org> -Date: Wed, 4 Feb 2015 14:44:23 +0000 -Subject: [PATCH] *) SECURITY: CVE-2015-0228 (cve.mitre.org) mod_lua: A - maliciously crafted websockets PING after a script calls r:wsupgrade() - can cause a child process crash. [Edward Lu <Chaosed0 gmail.com>] - -Upstream-Status: BackPort - -Discovered by Guido Vranken <guidovranken gmail.com> - -Submitted by: Edward Lu -Committed by: covener - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1657261 13f79535-47bb-0310-9956-ffa450edef68 - -Signed-off-by: Roy Li <rongqing.li@windriver.com> ---- - modules/lua/lua_request.c | 6 +++++- - 2 files changed, 10 insertions(+), 1 deletion(-) - -diff --git a/modules/lua/lua_request.c b/modules/lua/lua_request.c -index dded599..1200c55 100644 ---- a/modules/lua/lua_request.c -+++ b/modules/lua/lua_request.c -@@ -2227,6 +2227,7 @@ static int lua_websocket_read(lua_State *L) - { - apr_socket_t *sock; - apr_status_t rv; -+ int do_read = 1; - int n = 0; - apr_size_t len = 1; - apr_size_t plen = 0; -@@ -2244,6 +2245,8 @@ static int lua_websocket_read(lua_State *L) - mask_bytes = apr_pcalloc(r->pool, 4); - sock = ap_get_conn_socket(r->connection); - -+ while (do_read) { -+ do_read = 0; - /* Get opcode and FIN bit */ - if (plaintext) { - rv = apr_socket_recv(sock, &byte, &len); -@@ -2377,10 +2380,11 @@ static int lua_websocket_read(lua_State *L) - frame[0] = 0x8A; - frame[1] = 0; - apr_socket_send(sock, frame, &plen); /* Pong! */ -- lua_websocket_read(L); /* read the next frame instead */ -+ do_read = 1; - } - } - } -+ } - return 0; - } - --- -1.9.1 - diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.12.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb index 7306e88269..a44babdc6f 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.12.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb @@ -21,12 +21,11 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \ file://init \ file://apache2-volatile.conf \ file://apache2.service \ - file://0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" -SRC_URI[md5sum] = "b8dc8367a57a8d548a9b4ce16d264a13" -SRC_URI[sha256sum] = "ad6d39edfe4621d8cc9a2791f6f8d6876943a9da41ac8533d77407a2e630eae4" +SRC_URI[md5sum] = "2b19cd338fd526dd5a63c57b1e9bfee2" +SRC_URI[sha256sum] = "ac660b47aaa7887779a6430404dcb40c0b04f90ea69e7bd49a40552e9ff13743" S = "${WORKDIR}/httpd-${PV}" |