[PATCH] apache: Update to 2.4.59

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

* [PATCH] apache: Update to 2.4.59
@ 2024-04-21 12:55 Matthias Fischer
  2024-04-21 21:08 ` Peter Müller
  0 siblings, 1 reply; 5+ messages in thread
From: Matthias Fischer @ 2024-04-21 12:55 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 2235 bytes --]

For details see:
https://dlcdn.apache.org/httpd/CHANGES_2.4.59

Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709

Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch)
has been removed - is now included.

Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
 lfs/apache2 | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/lfs/apache2 b/lfs/apache2
index c1973e6d5..0851471fe 100644
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
+# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -25,7 +25,7 @@
 
 include Config
 
-VER        = 2.4.58
+VER        = 2.4.59
 
 THISAPP    = httpd-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2
+$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c
 
 install : $(TARGET)
 
@@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch
 	### Add IPFire's layout, too
 	echo "# IPFire layout" >> $(DIR_APP)/config.layout
 	echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
-- 
2.34.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] apache: Update to 2.4.59
  2024-04-21 12:55 [PATCH] apache: Update to 2.4.59 Matthias Fischer
@ 2024-04-21 21:08 ` Peter Müller
  2024-04-22 11:35   ` Michael Tremer
  0 siblings, 1 reply; 5+ messages in thread
From: Peter Müller @ 2024-04-21 21:08 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 2487 bytes --]

Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/.

Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>

> For details see:
> https://dlcdn.apache.org/httpd/CHANGES_2.4.59
> 
> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709
> 
> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch)
> has been removed - is now included.
> 
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
>  lfs/apache2 | 7 +++----
>  1 file changed, 3 insertions(+), 4 deletions(-)
> 
> diff --git a/lfs/apache2 b/lfs/apache2
> index c1973e6d5..0851471fe 100644
> --- a/lfs/apache2
> +++ b/lfs/apache2
> @@ -1,7 +1,7 @@
>  ###############################################################################
>  #                                                                             #
>  # IPFire.org - A linux based firewall                                         #
> -# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
> +# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
>  #                                                                             #
>  # This program is free software: you can redistribute it and/or modify        #
>  # it under the terms of the GNU General Public License as published by        #
> @@ -25,7 +25,7 @@
>  
>  include Config
>  
> -VER        = 2.4.58
> +VER        = 2.4.59
>  
>  THISAPP    = httpd-$(VER)
>  DL_FILE    = $(THISAPP).tar.bz2
> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
>  
>  $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>  
> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2
> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c
>  
>  install : $(TARGET)
>  
> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) :
>  $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>  	@$(PREBUILD)
>  	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
> -	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch
>  	### Add IPFire's layout, too
>  	echo "# IPFire layout" >> $(DIR_APP)/config.layout
>  	echo "<Layout IPFire>" >> $(DIR_APP)/config.layout

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] apache: Update to 2.4.59
  2024-04-21 21:08 ` Peter Müller
@ 2024-04-22 11:35   ` Michael Tremer
  2024-04-22 11:44     ` Peter Müller
  0 siblings, 1 reply; 5+ messages in thread
From: Michael Tremer @ 2024-04-22 11:35 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 2723 bytes --]

Hello,

> On 21 Apr 2024, at 22:08, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/.

Arne is managing this update. I am not sure that too many chefs in the kitchen will help too much.

-Michael

> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
> 
>> For details see:
>> https://dlcdn.apache.org/httpd/CHANGES_2.4.59
>> 
>> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709
>> 
>> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch)
>> has been removed - is now included.
>> 
>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>> ---
>> lfs/apache2 | 7 +++----
>> 1 file changed, 3 insertions(+), 4 deletions(-)
>> 
>> diff --git a/lfs/apache2 b/lfs/apache2
>> index c1973e6d5..0851471fe 100644
>> --- a/lfs/apache2
>> +++ b/lfs/apache2
>> @@ -1,7 +1,7 @@
>> ###############################################################################
>> #                                                                             #
>> # IPFire.org - A linux based firewall                                         #
>> -# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
>> +# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
>> #                                                                             #
>> # This program is free software: you can redistribute it and/or modify        #
>> # it under the terms of the GNU General Public License as published by        #
>> @@ -25,7 +25,7 @@
>> 
>> include Config
>> 
>> -VER        = 2.4.58
>> +VER        = 2.4.59
>> 
>> THISAPP    = httpd-$(VER)
>> DL_FILE    = $(THISAPP).tar.bz2
>> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
>> 
>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>> 
>> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2
>> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c
>> 
>> install : $(TARGET)
>> 
>> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) :
>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> @$(PREBUILD)
>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
>> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch
>> ### Add IPFire's layout, too
>> echo "# IPFire layout" >> $(DIR_APP)/config.layout
>> echo "<Layout IPFire>" >> $(DIR_APP)/config.layout


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] apache: Update to 2.4.59
  2024-04-22 11:35   ` Michael Tremer
@ 2024-04-22 11:44     ` Peter Müller
  2024-04-22 11:44       ` Michael Tremer
  0 siblings, 1 reply; 5+ messages in thread
From: Peter Müller @ 2024-04-22 11:44 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 2908 bytes --]

Hello Michael,

> Hello,
> 
>> On 21 Apr 2024, at 22:08, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/.
> 
> Arne is managing this update. I am not sure that too many chefs in the kitchen will help too much.

apologies. I shall keep my paws away from the "next" branch then. :-)

All the best,
Peter Müller

> 
> -Michael
> 
>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>
>>> For details see:
>>> https://dlcdn.apache.org/httpd/CHANGES_2.4.59
>>>
>>> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709
>>>
>>> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch)
>>> has been removed - is now included.
>>>
>>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>>> ---
>>> lfs/apache2 | 7 +++----
>>> 1 file changed, 3 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/lfs/apache2 b/lfs/apache2
>>> index c1973e6d5..0851471fe 100644
>>> --- a/lfs/apache2
>>> +++ b/lfs/apache2
>>> @@ -1,7 +1,7 @@
>>> ###############################################################################
>>> #                                                                             #
>>> # IPFire.org - A linux based firewall                                         #
>>> -# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
>>> +# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
>>> #                                                                             #
>>> # This program is free software: you can redistribute it and/or modify        #
>>> # it under the terms of the GNU General Public License as published by        #
>>> @@ -25,7 +25,7 @@
>>>
>>> include Config
>>>
>>> -VER        = 2.4.58
>>> +VER        = 2.4.59
>>>
>>> THISAPP    = httpd-$(VER)
>>> DL_FILE    = $(THISAPP).tar.bz2
>>> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
>>>
>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>
>>> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2
>>> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c
>>>
>>> install : $(TARGET)
>>>
>>> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) :
>>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>>> @$(PREBUILD)
>>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
>>> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch
>>> ### Add IPFire's layout, too
>>> echo "# IPFire layout" >> $(DIR_APP)/config.layout
>>> echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
> 

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] apache: Update to 2.4.59
  2024-04-22 11:44     ` Peter Müller
@ 2024-04-22 11:44       ` Michael Tremer
  0 siblings, 0 replies; 5+ messages in thread
From: Michael Tremer @ 2024-04-22 11:44 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 3194 bytes --]

Please just send patches so that we can review things before they are being pushed into any repository.

> On 22 Apr 2024, at 12:44, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> Hello Michael,
> 
>> Hello,
>> 
>>> On 21 Apr 2024, at 22:08, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>> 
>>> Thank you! I'll take the liberty of merging this and removing the now-obsolete patch file from src/.
>> 
>> Arne is managing this update. I am not sure that too many chefs in the kitchen will help too much.
> 
> apologies. I shall keep my paws away from the "next" branch then. :-)
> 
> All the best,
> Peter Müller
> 
>> 
>> -Michael
>> 
>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>> 
>>>> For details see:
>>>> https://dlcdn.apache.org/httpd/CHANGES_2.4.59
>>>> 
>>>> Fixes CVE-2024-27316 / CVE-2024-24795 / CVE-2023-38709
>>>> 
>>>> Previously applied patch (apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch)
>>>> has been removed - is now included.
>>>> 
>>>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>>>> ---
>>>> lfs/apache2 | 7 +++----
>>>> 1 file changed, 3 insertions(+), 4 deletions(-)
>>>> 
>>>> diff --git a/lfs/apache2 b/lfs/apache2
>>>> index c1973e6d5..0851471fe 100644
>>>> --- a/lfs/apache2
>>>> +++ b/lfs/apache2
>>>> @@ -1,7 +1,7 @@
>>>> ###############################################################################
>>>> #                                                                             #
>>>> # IPFire.org - A linux based firewall                                         #
>>>> -# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                     #
>>>> +# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
>>>> #                                                                             #
>>>> # This program is free software: you can redistribute it and/or modify        #
>>>> # it under the terms of the GNU General Public License as published by        #
>>>> @@ -25,7 +25,7 @@
>>>> 
>>>> include Config
>>>> 
>>>> -VER        = 2.4.58
>>>> +VER        = 2.4.59
>>>> 
>>>> THISAPP    = httpd-$(VER)
>>>> DL_FILE    = $(THISAPP).tar.bz2
>>>> @@ -45,7 +45,7 @@ objects = $(DL_FILE)
>>>> 
>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>> 
>>>> -$(DL_FILE)_BLAKE2 = 2105b8fada99f1dda55201ed89ed5326f0edb078d352cbff44f02cde80d129b65b63e07366a9a744ba474be5687fa8d3d2d8ddc64ac914b47166607f3f4a9de2
>>>> +$(DL_FILE)_BLAKE2 = 836e3538a120d71c016149397a4efd61ae6acd8a8fb9d2ce117c7d86209c4b40c0be3c464007891f28c58182e9d40a8793abe9e94e642354492954af91d9878c
>>>> 
>>>> install : $(TARGET)
>>>> 
>>>> @@ -75,7 +75,6 @@ $(subst %,%_BLAKE2,$(objects)) :
>>>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>>>> @$(PREBUILD)
>>>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
>>>> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/apache-2.4.58_mod_xml2enc_remove_dependency_on_xmlstring_header.patch
>>>> ### Add IPFire's layout, too
>>>> echo "# IPFire layout" >> $(DIR_APP)/config.layout
>>>> echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
>> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2024-04-22 11:44 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-21 12:55 [PATCH] apache: Update to 2.4.59 Matthias Fischer
2024-04-21 21:08 ` Peter Müller
2024-04-22 11:35   ` Michael Tremer
2024-04-22 11:44     ` Peter Müller
2024-04-22 11:44       ` Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox