[PATCH] apache: Update to 2.4.51

[PATCH] apache: Update to 2.4.51

[Matthias Fischer]

[-- Attachment #1: Type: text/plain, Size: 994 bytes --]

For details see (2.49):
https://dlcdn.apache.org//httpd/CHANGES_2.4.49

For 2.51:
https://dlcdn.apache.org//httpd/CHANGES_2.4.51

"SECURITY: CVE-2021-42013: Path Traversal and Remote Code
Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
fix of CVE-2021-41773) (cve.mitre.org)
It was found that the fix for CVE-2021-41773 in Apache HTTP
Server 2.4.50 was insufficient..."

Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
 lfs/apache2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/apache2 b/lfs/apache2
index ff9de7eb7..b4064cee0 100644
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -25,7 +25,7 @@
 
 include Config
 
-VER        = 2.4.48
+VER        = 2.4.51
 
 THISAPP    = httpd-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = a7088cec171b0d00bf43394ce64d3909
+$(DL_FILE)_MD5 = d2793fc1c8cb8ba355cee877d1f2d46d
 
 install : $(TARGET)
 
-- 
2.18.0

Re: [PATCH] apache: Update to 2.4.51

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 1293 bytes --]

Several security fixes in those new versions so definitely worth updating. :+1:

Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org>

On 08/10/2021 19:12, Matthias Fischer wrote:
> For details see (2.49):
> https://dlcdn.apache.org//httpd/CHANGES_2.4.49
>
> For 2.51:
> https://dlcdn.apache.org//httpd/CHANGES_2.4.51
>
> "SECURITY: CVE-2021-42013: Path Traversal and Remote Code
> Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
> fix of CVE-2021-41773) (cve.mitre.org)
> It was found that the fix for CVE-2021-41773 in Apache HTTP
> Server 2.4.50 was insufficient..."
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
>   lfs/apache2 | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lfs/apache2 b/lfs/apache2
> index ff9de7eb7..b4064cee0 100644
> --- a/lfs/apache2
> +++ b/lfs/apache2
> @@ -25,7 +25,7 @@
>   
>   include Config
>   
> -VER        = 2.4.48
> +VER        = 2.4.51
>   
>   THISAPP    = httpd-$(VER)
>   DL_FILE    = $(THISAPP).tar.bz2
> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
>   
>   $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>   
> -$(DL_FILE)_MD5 = a7088cec171b0d00bf43394ce64d3909
> +$(DL_FILE)_MD5 = d2793fc1c8cb8ba355cee877d1f2d46d
>   
>   install : $(TARGET)
>   

Re: [PATCH] apache: Update to 2.4.51

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 1257 bytes --]

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 8 Oct 2021, at 18:12, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
> 
> For details see (2.49):
> https://dlcdn.apache.org//httpd/CHANGES_2.4.49
> 
> For 2.51:
> https://dlcdn.apache.org//httpd/CHANGES_2.4.51
> 
> "SECURITY: CVE-2021-42013: Path Traversal and Remote Code
> Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
> fix of CVE-2021-41773) (cve.mitre.org)
> It was found that the fix for CVE-2021-41773 in Apache HTTP
> Server 2.4.50 was insufficient..."
> 
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> lfs/apache2 | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/lfs/apache2 b/lfs/apache2
> index ff9de7eb7..b4064cee0 100644
> --- a/lfs/apache2
> +++ b/lfs/apache2
> @@ -25,7 +25,7 @@
> 
> include Config
> 
> -VER        = 2.4.48
> +VER        = 2.4.51
> 
> THISAPP    = httpd-$(VER)
> DL_FILE    = $(THISAPP).tar.bz2
> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_MD5 = a7088cec171b0d00bf43394ce64d3909
> +$(DL_FILE)_MD5 = d2793fc1c8cb8ba355cee877d1f2d46d
> 
> install : $(TARGET)
> 
> -- 
> 2.18.0
>