apache2: security update to version 2.4.52
Fixes CVEs: - CVE-2021-44790 - CVE-2021-44224 Refreshed patches Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This commit is contained in:
Josef Schlehofer
Rosen Penev
parent
52ef207494
commit
6c6c99ffb5
2 changed files with 6 additions and 6 deletions
|
|
@ -8,13 +8,13 @@
|
||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=apache
|
PKG_NAME:=apache
|
||||||
PKG_VERSION:=2.4.51
|
PKG_VERSION:=2.4.52
|
||||||
PKG_RELEASE:=1
|
PKG_RELEASE:=1
|
||||||
PKG_SOURCE_NAME:=httpd
|
PKG_SOURCE_NAME:=httpd
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2
|
PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2
|
||||||
PKG_SOURCE_URL:=@APACHE/httpd/
|
PKG_SOURCE_URL:=@APACHE/httpd/
|
||||||
PKG_HASH:=20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4
|
PKG_HASH:=0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9
|
||||||
|
|
||||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
|
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
--- a/modules/md/md_crypt.c
|
--- a/modules/md/md_crypt.c
|
||||||
+++ b/modules/md/md_crypt.c
|
+++ b/modules/md/md_crypt.c
|
||||||
@@ -1095,23 +1095,23 @@ const char *md_cert_get_serial_number(co
|
@@ -1139,23 +1139,23 @@ const char *md_cert_get_serial_number(co
|
||||||
|
|
||||||
int md_cert_is_valid_now(const md_cert_t *cert)
|
int md_cert_is_valid_now(const md_cert_t *cert)
|
||||||
{
|
{
|
||||||
|
|
@ -42,7 +42,7 @@
|
||||||
"a newer library (%s, version currently loaded is %s)"
|
"a newer library (%s, version currently loaded is %s)"
|
||||||
--- a/modules/ssl/ssl_engine_io.c
|
--- a/modules/ssl/ssl_engine_io.c
|
||||||
+++ b/modules/ssl/ssl_engine_io.c
|
+++ b/modules/ssl/ssl_engine_io.c
|
||||||
@@ -1280,9 +1280,9 @@ static apr_status_t ssl_io_filter_handsh
|
@@ -1316,9 +1316,9 @@ static apr_status_t ssl_io_filter_handsh
|
||||||
if (dc->proxy->ssl_check_peer_expire != FALSE) {
|
if (dc->proxy->ssl_check_peer_expire != FALSE) {
|
||||||
if (!cert
|
if (!cert
|
||||||
|| (X509_cmp_current_time(
|
|| (X509_cmp_current_time(
|
||||||
|
|
@ -56,7 +56,7 @@
|
||||||
"SSL Proxy: Peer certificate is expired");
|
"SSL Proxy: Peer certificate is expired");
|
||||||
--- a/modules/ssl/ssl_engine_log.c
|
--- a/modules/ssl/ssl_engine_log.c
|
||||||
+++ b/modules/ssl/ssl_engine_log.c
|
+++ b/modules/ssl/ssl_engine_log.c
|
||||||
@@ -161,10 +161,10 @@ static void ssl_log_cert_error(const cha
|
@@ -171,10 +171,10 @@ static void ssl_log_cert_error(const cha
|
||||||
BIO_puts(bio, "(ERROR)");
|
BIO_puts(bio, "(ERROR)");
|
||||||
|
|
||||||
BIO_puts(bio, " / notbefore: ");
|
BIO_puts(bio, " / notbefore: ");
|
||||||
|
|
@ -90,7 +90,7 @@
|
||||||
else if (*var && strcEQ(var+1, "_DN")) {
|
else if (*var && strcEQ(var+1, "_DN")) {
|
||||||
--- a/modules/ssl/ssl_private.h
|
--- a/modules/ssl/ssl_private.h
|
||||||
+++ b/modules/ssl/ssl_private.h
|
+++ b/modules/ssl/ssl_private.h
|
||||||
@@ -99,6 +99,9 @@
|
@@ -102,6 +102,9 @@
|
||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
#include <openssl/x509_vfy.h>
|
#include <openssl/x509_vfy.h>
|
||||||
#include <openssl/ocsp.h>
|
#include <openssl/ocsp.h>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue