Several security fixes in those new versions so definitely worth updating. :+1:
Reviewed-by: Adolf Belka adolf.belka@ipfire.org
On 08/10/2021 19:12, Matthias Fischer wrote:
For details see (2.49): https://dlcdn.apache.org//httpd/CHANGES_2.4.49
For 2.51: https://dlcdn.apache.org//httpd/CHANGES_2.4.51
"SECURITY: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (cve.mitre.org) It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient..."
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org
lfs/apache2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/apache2 b/lfs/apache2 index ff9de7eb7..b4064cee0 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,7 +25,7 @@
include Config
-VER = 2.4.48 +VER = 2.4.51
THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a7088cec171b0d00bf43394ce64d3909 +$(DL_FILE)_MD5 = d2793fc1c8cb8ba355cee877d1f2d46d
install : $(TARGET)