| Message ID | 20240421125525.3491120-1-matthias.fischer@ipfire.org |
|---|---|
| State | Staged |
| Commit | 9fbb9c39fb13dbfbe90c3038fcb5abbe771ad91f |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4VMpJv0MLDz3wkf for <patchwork@web04.haj.ipfire.org>; Sun, 21 Apr 2024 12:55:43 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4VMpJq6Pjrz1YM; Sun, 21 Apr 2024 12:55:39 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4VMpJq58Vjz32t7; Sun, 21 Apr 2024 12:55:39 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4VMpJl1nl8z2xlt for <development@lists.ipfire.org>; Sun, 21 Apr 2024 12:55:35 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4VMpJk1QH7zPQ for <development@lists.ipfire.org>; Sun, 21 Apr 2024 12:55:34 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1713704134; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ClaLPRzdVs58nnJlHGYL9BOg79q5wa3iv/sePxijnXo=; b=SepsAtB5Cd3djczVcUYbuOp5L2J9F5iA2wyH6YVVkvxNrfZhUFJCPi9wlTS7Ruy0BrWrk+ fiZP6ebgFpfN+DBg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1713704134; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ClaLPRzdVs58nnJlHGYL9BOg79q5wa3iv/sePxijnXo=; b=XLhzjOJdJvwzJ04imYmDChziSDSXJt0ZaUz7f4Q1KcenzO/EDfREydKLGssaghsQ9/gx1Z eHpzWQsW0v7aYpF9EB6JKpC/1adJBg9TVksUEyPQObFH3cSGqRRawVwN+hum7pbQUNNDVO sqbyBZh5ZbjOW0xEI1vxk8A9Up6zLwkj4nfjV6CAM+CAdKu9yiQdfkbNGWag9jeyIEFDmO RwZJ8H4AJuWG2Kn181McPAUiU8KSbS/BZjbYKwJpXk1jpgkYkMDLDV+HqOBqaOQi+Und67 ejwCTGGjMGeiWRW6Hvu33mymkHilWwOVRGRMjvIZdH/dzcWSdeuOy5wc/TAsyA== From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] apache: Update to 2.4.59 Date: Sun, 21 Apr 2024 14:55:25 +0200 Message-Id: <20240421125525.3491120-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: JLNOCZRJP2MZX4A7534QYR2NNYQJEHYI X-Message-ID-Hash: JLNOCZRJP2MZX4A7534QYR2NNYQJEHYI X-MailFrom: matthias.fischer@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> Archived-At: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/JLNOCZRJP2MZX4A7534QYR2NNYQJEHYI/> List-Archive: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Owner: <mailto:development-owner@lists.ipfire.org> List-Post: <mailto:development@lists.ipfire.org> List-Subscribe: <mailto:development-join@lists.ipfire.org> List-Unsubscribe: <mailto:development-leave@lists.ipfire.org> |
| Series |
apache: Update to 2.4.59
|
|
Commit Message
Matthias Fischer
April 21, 2024, 12:55 p.m. UTC
For details see:
https://dlcdn.apache.org/httpd/CHANGES_2.4.59
Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709
Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch)
has been removed - is now included.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
lfs/apache2 | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
Comments
Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/. Reviewed-by: Peter Müller <peter.mueller@ipfire.org> > For details see: > https://dlcdn.apache.org/httpd/CHANGES_2.4.59 > > Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709 > > Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch) > has been removed - is now included. > > Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> > --- > lfs/apache2 | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) > > diff --git a/lfs/apache2 b/lfs/apache2 > index c1973e6d5..0851471fe 100644 > --- a/lfs/apache2 > +++ b/lfs/apache2 > @@ -1,7 +1,7 @@ > ############################################################################### > # # > # IPFire.org - A linux based firewall # > -# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> # > +# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> # > # # > # This program is free software: you can redistribute it and/or modify # > # it under the terms of the GNU General Public License as published by # > @@ -25,7 +25,7 @@ > > include Config > > -VER = 2.4.58 > +VER = 2.4.59 > > THISAPP = httpd-$(VER) > DL_FILE = $(THISAPP).tar.bz2 > @@ -45,7 +45,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2 > +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c > > install : $(TARGET) > > @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > @$(PREBUILD) > @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) > - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch > ### Add IPFire's layout, too > echo "# IPFire layout" >> $(DIR_APP)/config.layout > echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
Hello, > On 21 Apr 2024, at 22:08, Peter Müller <peter.mueller@ipfire.org> wrote: > > Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/. Arne is managing this update. I am not sure that too many chefs in the kitchen will help too much. -Michael > Reviewed-by: Peter Müller <peter.mueller@ipfire.org> > >> For details see: >> https://dlcdn.apache.org/httpd/CHANGES_2.4.59 >> >> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709 >> >> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch) >> has been removed - is now included. >> >> Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> >> --- >> lfs/apache2 | 7 +++---- >> 1 file changed, 3 insertions(+), 4 deletions(-) >> >> diff --git a/lfs/apache2 b/lfs/apache2 >> index c1973e6d5..0851471fe 100644 >> --- a/lfs/apache2 >> +++ b/lfs/apache2 >> @@ -1,7 +1,7 @@ >> ############################################################################### >> # # >> # IPFire.org - A linux based firewall # >> -# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> # >> +# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> # >> # # >> # This program is free software: you can redistribute it and/or modify # >> # it under the terms of the GNU General Public License as published by # >> @@ -25,7 +25,7 @@ >> >> include Config >> >> -VER = 2.4.58 >> +VER = 2.4.59 >> >> THISAPP = httpd-$(VER) >> DL_FILE = $(THISAPP).tar.bz2 >> @@ -45,7 +45,7 @@ objects = $(DL_FILE) >> >> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >> >> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2 >> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c >> >> install : $(TARGET) >> >> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : >> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> @$(PREBUILD) >> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch >> ### Add IPFire's layout, too >> echo "# IPFire layout" >> $(DIR_APP)/config.layout >> echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
Hello Michael, > Hello, > >> On 21 Apr 2024, at 22:08, Peter Müller <peter.mueller@ipfire.org> wrote: >> >> Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/. > > Arne is managing this update. I am not sure that too many chefs in the kitchen will help too much. apologies. I shall keep my paws away from the "next" branch then. :-) All the best, Peter Müller > > -Michael > >> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> >> >>> For details see: >>> https://dlcdn.apache.org/httpd/CHANGES_2.4.59 >>> >>> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709 >>> >>> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch) >>> has been removed - is now included. >>> >>> Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> >>> --- >>> lfs/apache2 | 7 +++---- >>> 1 file changed, 3 insertions(+), 4 deletions(-) >>> >>> diff --git a/lfs/apache2 b/lfs/apache2 >>> index c1973e6d5..0851471fe 100644 >>> --- a/lfs/apache2 >>> +++ b/lfs/apache2 >>> @@ -1,7 +1,7 @@ >>> ############################################################################### >>> # # >>> # IPFire.org - A linux based firewall # >>> -# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> # >>> +# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> # >>> # # >>> # This program is free software: you can redistribute it and/or modify # >>> # it under the terms of the GNU General Public License as published by # >>> @@ -25,7 +25,7 @@ >>> >>> include Config >>> >>> -VER = 2.4.58 >>> +VER = 2.4.59 >>> >>> THISAPP = httpd-$(VER) >>> DL_FILE = $(THISAPP).tar.bz2 >>> @@ -45,7 +45,7 @@ objects = $(DL_FILE) >>> >>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>> >>> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2 >>> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c >>> >>> install : $(TARGET) >>> >>> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : >>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >>> @$(PREBUILD) >>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) >>> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch >>> ### Add IPFire's layout, too >>> echo "# IPFire layout" >> $(DIR_APP)/config.layout >>> echo "<Layout IPFire>" >> $(DIR_APP)/config.layout >
Please just send patches so that we can review things before they are being pushed into any repository. > On 22 Apr 2024, at 12:44, Peter Müller <peter.mueller@ipfire.org> wrote: > > Hello Michael, > >> Hello, >> >>> On 21 Apr 2024, at 22:08, Peter Müller <peter.mueller@ipfire.org> wrote: >>> >>> Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/. >> >> Arne is managing this update. I am not sure that too many chefs in the kitchen will help too much. > > apologies. I shall keep my paws away from the "next" branch then. :-) > > All the best, > Peter Müller > >> >> -Michael >> >>> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> >>> >>>> For details see: >>>> https://dlcdn.apache.org/httpd/CHANGES_2.4.59 >>>> >>>> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709 >>>> >>>> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch) >>>> has been removed - is now included. >>>> >>>> Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> >>>> --- >>>> lfs/apache2 | 7 +++---- >>>> 1 file changed, 3 insertions(+), 4 deletions(-) >>>> >>>> diff --git a/lfs/apache2 b/lfs/apache2 >>>> index c1973e6d5..0851471fe 100644 >>>> --- a/lfs/apache2 >>>> +++ b/lfs/apache2 >>>> @@ -1,7 +1,7 @@ >>>> ############################################################################### >>>> # # >>>> # IPFire.org - A linux based firewall # >>>> -# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> # >>>> +# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> # >>>> # # >>>> # This program is free software: you can redistribute it and/or modify # >>>> # it under the terms of the GNU General Public License as published by # >>>> @@ -25,7 +25,7 @@ >>>> >>>> include Config >>>> >>>> -VER = 2.4.58 >>>> +VER = 2.4.59 >>>> >>>> THISAPP = httpd-$(VER) >>>> DL_FILE = $(THISAPP).tar.bz2 >>>> @@ -45,7 +45,7 @@ objects = $(DL_FILE) >>>> >>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>>> >>>> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2 >>>> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c >>>> >>>> install : $(TARGET) >>>> >>>> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : >>>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >>>> @$(PREBUILD) >>>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) >>>> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch >>>> ### Add IPFire's layout, too >>>> echo "# IPFire layout" >> $(DIR_APP)/config.layout >>>> echo "<Layout IPFire>" >> $(DIR_APP)/config.layout >>
diff --git a/lfs/apache2 b/lfs/apache2 index c1973e6d5..0851471fe 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,7 +25,7 @@ include Config -VER = 2.4.58 +VER = 2.4.59 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2 +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c install : $(TARGET) @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "<Layout IPFire>" >> $(DIR_APP)/config.layout