| Message ID | 20210918134743.8100-1-matthias.fischer@ipfire.org |
|---|---|
| State | Superseded |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4HBXFj0vbCz3xW9 for <patchwork@web04.haj.ipfire.org>; Sat, 18 Sep 2021 13:47:53 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4HBXFg69Y4zZF; Sat, 18 Sep 2021 13:47:51 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4HBXFg4TPdz31LK; Sat, 18 Sep 2021 13:47:51 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4HBXFf2jPhz2xLY for <development@lists.ipfire.org>; Sat, 18 Sep 2021 13:47:50 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4HBXFd6FPhzZF for <development@lists.ipfire.org>; Sat, 18 Sep 2021 13:47:49 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1631972870; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=v1O4sUlPy6FJ8wETjddJ/gGfMAdzk9P36gJUuaoxOVg=; b=6SIfqsoLdvo24dNI7WNsfMEHy/CBFvUzPxSlMOFjR8nfbcLkghgniGjngkpboR7BHTMfGH Vkx+EBOJch7zsCBw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1631972870; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=v1O4sUlPy6FJ8wETjddJ/gGfMAdzk9P36gJUuaoxOVg=; b=royCSdG5qm4UqtfNaiWtA6Mc0km94YOsrN9ma9h4xa8flM7tClCTqZBrvAFEwsNBV5KCi3 6ZmgPZb78r3WkCq7ttw0+BG9aOh8qOS5vXf2GROQr61KRSIplvEH0zl1F2E8SdjubywxN8 IZfm31cBs3htnfWd5JQybazfpNPKs/fuw5kveOCs42vFLFcsVur1lzSDZ3WXgkAQt7rdTt oQht4b+oQy+69BlQWwF9UQtq9x6JOSldA0ObyCWj/gIqrtgKyaEdlkJYskzvdGt/xXefPD VM/p1D31t5n7tP36pWEv8q4T8dBshgEM2r+CRljEHGDxly7QpWNIsEhEbVYXRQ== From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] apache: Update to 2.4.49 Date: Sat, 18 Sep 2021 15:47:43 +0200 Message-Id: <20210918134743.8100-1-matthias.fischer@ipfire.org> X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
apache: Update to 2.4.49
|
|
Commit Message
Matthias Fischer
Sept. 18, 2021, 1:47 p.m. UTC
For details see:
https://dlcdn.apache.org//httpd/CHANGES_2.4.49
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
lfs/apache2 | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
Hi Matthias,
thanks for submitting this.
Skimming through https://httpd.apache.org/security/vulnerabilities_24.html, I think IPFire is
vulnerable to CVE-2021-34798 ("moderate: NULL pointer dereference in httpd core") only. CVE-2021-39275
would require 3rd party modules, which we don't use, and the rest applies to mod_proxy, which
we don't use either IMHO.
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Thanks, and best regards,
Peter Müller
> For details see:
> https://dlcdn.apache.org//httpd/CHANGES_2.4.49
>
> Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
> ---
> lfs/apache2 | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lfs/apache2 b/lfs/apache2
> index ff9de7eb7..e63489e8f 100644
> --- a/lfs/apache2
> +++ b/lfs/apache2
> @@ -25,7 +25,7 @@
>
> include Config
>
> -VER = 2.4.48
> +VER = 2.4.49
>
> THISAPP = httpd-$(VER)
> DL_FILE = $(THISAPP).tar.bz2
> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_MD5 = a7088cec171b0d00bf43394ce64d3909
> +$(DL_FILE)_MD5 = f294efbeabcf6027fccc7983a6daa55f
>
> install : $(TARGET)
>
>
diff --git a/lfs/apache2 b/lfs/apache2 index ff9de7eb7..e63489e8f 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,7 +25,7 @@ include Config -VER = 2.4.48 +VER = 2.4.49 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = a7088cec171b0d00bf43394ce64d3909 +$(DL_FILE)_MD5 = f294efbeabcf6027fccc7983a6daa55f install : $(TARGET)