From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] apache: Update to 2.4.59 Date: Mon, 22 Apr 2024 12:44:43 +0100 Message-ID: <9EFE1EB4-D50C-4AB4-BA43-06BB52F4F5EF@ipfire.org> In-Reply-To: <8782225a-f2de-4bf6-b4d3-3950fccefaa1@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2612638096813728309==" List-Id: --===============2612638096813728309== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Please just send patches so that we can review things before they are being p= ushed into any repository. > On 22 Apr 2024, at 12:44, Peter M=C3=BCller wr= ote: >=20 > Hello Michael, >=20 >> Hello, >>=20 >>> On 21 Apr 2024, at 22:08, Peter M=C3=BCller = wrote: >>>=20 >>> Thank you! I'll take the liberty of merging this and removing the now-obs= olete patch file from src/. >>=20 >> Arne is managing this update. I am not sure that too many chefs in the kit= chen will help too much. >=20 > apologies. I shall keep my paws away from the "next" branch then. :-) >=20 > All the best, > Peter M=C3=BCller >=20 >>=20 >> -Michael >>=20 >>> Reviewed-by: Peter M=C3=BCller >>>=20 >>>> For details see: >>>> https://dlcdn.apache.org/httpd/CHANGES_2.4.59 >>>>=20 >>>> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709 >>>>=20 >>>> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on= _xmlstring_header.patch) >>>> has been removed - is now included. >>>>=20 >>>> Signed-off-by: Matthias Fischer >>>> --- >>>> lfs/apache2 | 7 +++---- >>>> 1 file changed, 3 insertions(+), 4 deletions(-) >>>>=20 >>>> diff --git a/lfs/apache2 b/lfs/apache2 >>>> index c1973e6d5..0851471fe 100644 >>>> --- a/lfs/apache2 >>>> +++ b/lfs/apache2 >>>> @@ -1,7 +1,7 @@ >>>> ########################################################################= ####### >>>> # = # >>>> # IPFire.org - A linux based firewall = # >>>> -# Copyright (C) 2007-2023 IPFire Team = # >>>> +# Copyright (C) 2007-2024 IPFire Team = # >>>> # = # >>>> # This program is free software: you can redistribute it and/or modify = # >>>> # it under the terms of the GNU General Public License as published by = # >>>> @@ -25,7 +25,7 @@ >>>>=20 >>>> include Config >>>>=20 >>>> -VER =3D 2.4.58 >>>> +VER =3D 2.4.59 >>>>=20 >>>> THISAPP =3D httpd-$(VER) >>>> DL_FILE =3D $(THISAPP).tar.bz2 >>>> @@ -45,7 +45,7 @@ objects =3D $(DL_FILE) >>>>=20 >>>> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) >>>>=20 >>>> -$(DL_FILE)_BLAKE2 =3D 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff4= 4f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9d= e2 >>>> +$(DL_FILE)_BLAKE2 =3D 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce1= 17c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d987= 8c >>>>=20 >>>> install : $(TARGET) >>>>=20 >>>> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) : >>>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >>>> @$(PREBUILD) >>>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) >>>> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod= _xml2enc_remove_dependency_on_xmlstring_header.patch >>>> ### Add IPFire's layout, too >>>> echo "# IPFire layout" >> $(DIR_APP)/config.layout >>>> echo "" >> $(DIR_APP)/config.layout >>=20 --===============2612638096813728309==--