For details see: https://dlcdn.apache.org/httpd/CHANGES_2.4.59 Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709 Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch) has been removed - is now included. Signed-off-by: Matthias Fischer --- lfs/apache2 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lfs/apache2 b/lfs/apache2 index c1973e6d5..0851471fe 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team # +# Copyright (C) 2007-2024 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,7 +25,7 @@ include Config -VER = 2.4.58 +VER = 2.4.59 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2 +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c install : $(TARGET) @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "" >> $(DIR_APP)/config.layout -- 2.34.1