-
Notifications
You must be signed in to change notification settings - Fork 736
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ChangeLog: https://downloads.apache.org/httpd/CHANGES_2.4.53 Security fixes: CVE-2022-23943 CVE-2022-22721 CVE-2022-22720 CVE-2022-22719 Refresh patches. Signed-off-by: Yi Zhao <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit 81bbe65) Signed-off-by: Armin Kuster <[email protected]> (cherry picked from commit d6c8d3a1bad2276001c3bdc09de4dee107357a1d) [Fixup for hardknott context, overrides] Signed-off-by: Armin Kuster <[email protected]>
- Loading branch information
Showing
11 changed files
with
61 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,44 +1,43 @@ | ||
| From d2cedfa3394365689a3f7c8cfe8e0dd56b29bed9 Mon Sep 17 00:00:00 2001 | ||
| From ba9015386cbc044e111d7c266f13e2be045e4bf1 Mon Sep 17 00:00:00 2001 | ||
| From: Koen Kooi <[email protected]> | ||
| Date: Tue, 17 Jun 2014 09:10:57 +0200 | ||
| Subject: [PATCH] configure: use pkg-config for PCRE detection | ||
|
|
||
| Upstream-Status: Pending | ||
| Upstream-Status: Inappropriate [embedded specific] | ||
|
|
||
| Signed-off-by: Koen Kooi <[email protected]> | ||
| --- | ||
| configure.in | 27 +++++---------------------- | ||
| 1 file changed, 5 insertions(+), 22 deletions(-) | ||
| configure.in | 26 +++++--------------------- | ||
| 1 file changed, 5 insertions(+), 21 deletions(-) | ||
|
|
||
| diff --git a/configure.in b/configure.in | ||
| index 9feaceb..dc6ea15 100644 | ||
| index 38c1d0a..c799aec 100644 | ||
| --- a/configure.in | ||
| +++ b/configure.in | ||
| @@ -215,28 +215,11 @@ fi | ||
| AC_ARG_WITH(pcre, | ||
| APACHE_HELP_STRING(--with-pcre=PATH,Use external PCRE library)) | ||
| @@ -221,27 +221,11 @@ else if which $with_pcre 2>/dev/null; then :; else | ||
| fi | ||
| fi | ||
|
|
||
| -AC_PATH_PROG(PCRE_CONFIG, pcre-config, false) | ||
| -if test -d "$with_pcre" && test -x "$with_pcre/bin/pcre-config"; then | ||
| - PCRE_CONFIG=$with_pcre/bin/pcre-config | ||
| -elif test -x "$with_pcre"; then | ||
| - PCRE_CONFIG=$with_pcre | ||
| -fi | ||
| -AC_CHECK_TARGET_TOOLS(PCRE_CONFIG, [pcre2-config pcre-config], | ||
| - [`which $with_pcre 2>/dev/null`], $with_pcre) | ||
| - | ||
| -if test "$PCRE_CONFIG" != "false"; then | ||
| -if test "x$PCRE_CONFIG" != "x"; then | ||
| - if $PCRE_CONFIG --version >/dev/null 2>&1; then :; else | ||
| - AC_MSG_ERROR([Did not find pcre-config script at $PCRE_CONFIG]) | ||
| - AC_MSG_ERROR([Did not find working script at $PCRE_CONFIG]) | ||
| - fi | ||
| - case `$PCRE_CONFIG --version` in | ||
| - [1[0-9].*]) | ||
| - AC_DEFINE(HAVE_PCRE2, 1, [Detected PCRE2]) | ||
| - ;; | ||
| - [[1-5].*]) | ||
| - AC_MSG_ERROR([Need at least pcre version 6.0]) | ||
| - ;; | ||
| - esac | ||
| - AC_MSG_NOTICE([Using external PCRE library from $PCRE_CONFIG]) | ||
| - APR_ADDTO(PCRE_INCLUDES, [`$PCRE_CONFIG --cflags`]) | ||
| - APR_ADDTO(PCRE_LIBS, [`$PCRE_CONFIG --libs`]) | ||
| - APR_ADDTO(PCRE_LIBS, [`$PCRE_CONFIG --libs8 2>/dev/null || $PCRE_CONFIG --libs`]) | ||
| -else | ||
| - AC_MSG_ERROR([pcre-config for libpcre not found. PCRE is required and available from http://pcre.org/]) | ||
| - AC_MSG_ERROR([pcre(2)-config for libpcre not found. PCRE is required and available from http://pcre.org/]) | ||
| -fi | ||
| +PKG_CHECK_MODULES([PCRE], [libpcre], [ | ||
| + AC_DEFINE([HAVE_PCRE], [1], [Define if you have PCRE library]) | ||
|
|
@@ -49,5 +48,5 @@ index 9feaceb..dc6ea15 100644 | |
|
|
||
| AC_MSG_NOTICE([]) | ||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,8 +1,8 @@ | ||
| From 7df207ad4d0dcda2ad36e5642296e0dec7e13647 Mon Sep 17 00:00:00 2001 | ||
| From 5074ab3425e5f1e01fd9cfa2d9b7300ea1b3f38f Mon Sep 17 00:00:00 2001 | ||
| From: Paul Eggleton <[email protected]> | ||
| Date: Tue, 17 Jul 2012 11:27:39 +0100 | ||
| Subject: [PATCH] apache2: bump up the core size limit if CoreDumpDirectory | ||
| is configured | ||
| Subject: [PATCH] apache2: bump up the core size limit if CoreDumpDirectory is | ||
| configured | ||
|
|
||
| Bump up the core size limit if CoreDumpDirectory is | ||
| configured. | ||
|
|
@@ -11,16 +11,15 @@ Upstream-Status: Pending | |
|
|
||
| Note: upstreaming was discussed but there are competing desires; | ||
| there are portability oddities here too. | ||
|
|
||
| --- | ||
| server/core.c | 19 +++++++++++++++++++ | ||
| 1 file changed, 19 insertions(+) | ||
|
|
||
| diff --git a/server/core.c b/server/core.c | ||
| index eacb54f..7aa841f 100644 | ||
| index 090e397..3020090 100644 | ||
| --- a/server/core.c | ||
| +++ b/server/core.c | ||
| @@ -4965,6 +4965,25 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte | ||
| @@ -5107,6 +5107,25 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte | ||
| } | ||
| apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper, | ||
| apr_pool_cleanup_null); | ||
|
|
@@ -47,5 +46,5 @@ index eacb54f..7aa841f 100644 | |
| } | ||
|
|
||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,22 +1,21 @@ | ||
| From ddd560024a6d526187fd126f306b59533ca3f7e2 Mon Sep 17 00:00:00 2001 | ||
| From 9c03ed909b8da0e1a288f53fda535a3f15bcf791 Mon Sep 17 00:00:00 2001 | ||
| From: Paul Eggleton <[email protected]> | ||
| Date: Tue, 17 Jul 2012 11:27:39 +0100 | ||
| Subject: [PATCH] apache2: do not export apr/apr-util symbols when using | ||
| shared libapr | ||
| Subject: [PATCH] apache2: do not export apr/apr-util symbols when using shared | ||
| libapr | ||
|
|
||
| There is no need to "suck in" the apr/apr-util symbols when using | ||
| a shared libapr{,util}, it just bloats the symbol table; so don't. | ||
|
|
||
| Upstream-Status: Pending | ||
|
|
||
| Note: EXPORT_DIRS change is conditional on using shared apr | ||
|
|
||
| --- | ||
| server/Makefile.in | 3 --- | ||
| 1 file changed, 3 deletions(-) | ||
|
|
||
| diff --git a/server/Makefile.in b/server/Makefile.in | ||
| index 1fa3344..f635d76 100644 | ||
| index 8111877..8c0c396 100644 | ||
| --- a/server/Makefile.in | ||
| +++ b/server/Makefile.in | ||
| @@ -60,9 +60,6 @@ export_files: | ||
|
|
@@ -30,5 +29,5 @@ index 1fa3344..f635d76 100644 | |
|
|
||
| exports.c: export_files | ||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From dfa834ebd449df299f54e98f0fb3a7bb4008fb03 Mon Sep 17 00:00:00 2001 | ||
| From 37699e9be04d83c5923644e298f400e077f76e85 Mon Sep 17 00:00:00 2001 | ||
| From: Paul Eggleton <[email protected]> | ||
| Date: Tue, 17 Jul 2012 11:27:39 +0100 | ||
| Subject: [PATCH] Log the SELinux context at startup. | ||
|
|
@@ -8,17 +8,16 @@ Log the SELinux context at startup. | |
| Upstream-Status: Inappropriate [other] | ||
|
|
||
| Note: unlikely to be any interest in this upstream | ||
|
|
||
| --- | ||
| configure.in | 5 +++++ | ||
| server/core.c | 26 ++++++++++++++++++++++++++ | ||
| 2 files changed, 31 insertions(+) | ||
|
|
||
| diff --git a/configure.in b/configure.in | ||
| index dc6ea15..caa6f54 100644 | ||
| index c799aec..76811e7 100644 | ||
| --- a/configure.in | ||
| +++ b/configure.in | ||
| @@ -466,6 +466,11 @@ getloadavg | ||
| @@ -491,6 +491,11 @@ getloadavg | ||
| dnl confirm that a void pointer is large enough to store a long integer | ||
| APACHE_CHECK_VOID_PTR_LEN | ||
|
|
||
|
|
@@ -31,10 +30,10 @@ index dc6ea15..caa6f54 100644 | |
| [AC_TRY_RUN(#define _GNU_SOURCE | ||
| #include <unistd.h> | ||
| diff --git a/server/core.c b/server/core.c | ||
| index 7aa841f..79f34db 100644 | ||
| index 3020090..8fef5fd 100644 | ||
| --- a/server/core.c | ||
| +++ b/server/core.c | ||
| @@ -59,6 +59,10 @@ | ||
| @@ -65,6 +65,10 @@ | ||
| #include <unistd.h> | ||
| #endif | ||
|
|
||
|
|
@@ -45,7 +44,7 @@ index 7aa841f..79f34db 100644 | |
| /* LimitRequestBody handling */ | ||
| #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) | ||
| #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) | ||
| @@ -4984,6 +4988,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte | ||
| @@ -5126,6 +5130,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte | ||
| } | ||
| #endif | ||
|
|
||
|
|
@@ -75,5 +74,5 @@ index 7aa841f..79f34db 100644 | |
| } | ||
|
|
||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From 7db1b650bb4b01a5194a34cd7573f915656a595b Mon Sep 17 00:00:00 2001 | ||
| From e59aab44a28c654e518080693d573ca472ca5a08 Mon Sep 17 00:00:00 2001 | ||
| From: Yulong Pei <[email protected]> | ||
| Date: Thu, 1 Sep 2011 01:03:14 +0800 | ||
| Subject: [PATCH] replace lynx to curl in apachectl script | ||
|
|
@@ -48,5 +48,5 @@ index 3281c2e..6ab4ba5 100644 | |
| *) | ||
| $HTTPD "$@" | ||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From 4f4d7d6b88b6e440263ebeb22dfb40c52bb30fd8 Mon Sep 17 00:00:00 2001 | ||
| From fb09f1fe4525058b16b3d4edb2e3ae693154026e Mon Sep 17 00:00:00 2001 | ||
| From: Zhenhua Luo <[email protected]> | ||
| Date: Fri, 25 Jan 2013 18:10:50 +0800 | ||
| Subject: [PATCH] apache2: fix the race issue of parallel installation | ||
|
|
@@ -31,5 +31,5 @@ index e2d5bb6..dde5ae0 100755 | |
| pathcomp="$pathcomp/" | ||
| done | ||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From 964ef2c1af74984602f46e7db938d3b95b148385 Mon Sep 17 00:00:00 2001 | ||
| From 0686564f64130f230870db8b4846973e3edbd646 Mon Sep 17 00:00:00 2001 | ||
| From: Wenzong Fan <[email protected]> | ||
| Date: Mon, 1 Dec 2014 02:08:27 -0500 | ||
| Subject: [PATCH] apache2: allow to disable selinux support | ||
|
|
@@ -11,10 +11,10 @@ Signed-off-by: Wenzong Fan <[email protected]> | |
| 1 file changed, 10 insertions(+), 4 deletions(-) | ||
|
|
||
| diff --git a/configure.in b/configure.in | ||
| index caa6f54..eab2090 100644 | ||
| index 76811e7..4df3ff3 100644 | ||
| --- a/configure.in | ||
| +++ b/configure.in | ||
| @@ -466,10 +466,16 @@ getloadavg | ||
| @@ -491,10 +491,16 @@ getloadavg | ||
| dnl confirm that a void pointer is large enough to store a long integer | ||
| APACHE_CHECK_VOID_PTR_LEN | ||
|
|
||
|
|
@@ -36,5 +36,5 @@ index caa6f54..eab2090 100644 | |
| AC_CACHE_CHECK([for gettid()], ac_cv_gettid, | ||
| [AC_TRY_RUN(#define _GNU_SOURCE | ||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From 5412077c398dec74321388fe6e593a44c4c80de6 Mon Sep 17 00:00:00 2001 | ||
| From 443d15b91d4e4979d92405610303797663f31102 Mon Sep 17 00:00:00 2001 | ||
| From: echo <[email protected]> | ||
| Date: Tue, 28 Apr 2009 03:11:06 +0000 | ||
| Subject: [PATCH] Fix perl install directory to /usr/bin | ||
|
|
@@ -11,16 +11,15 @@ error: | |
| bad interpreter: No such file or directory | ||
|
|
||
| Signed-off-by: Changqing Li <[email protected]> | ||
|
|
||
| --- | ||
| configure.in | 5 +---- | ||
| 1 file changed, 1 insertion(+), 4 deletions(-) | ||
|
|
||
| diff --git a/configure.in b/configure.in | ||
| index d828512..be7bd25 100644 | ||
| index 4df3ff3..4eeb609 100644 | ||
| --- a/configure.in | ||
| +++ b/configure.in | ||
| @@ -855,10 +855,7 @@ AC_DEFINE_UNQUOTED(SERVER_CONFIG_FILE, "${rel_sysconfdir}/${progname}.conf", | ||
| @@ -903,10 +903,7 @@ AC_DEFINE_UNQUOTED(SERVER_CONFIG_FILE, "${rel_sysconfdir}/${progname}.conf", | ||
| AC_DEFINE_UNQUOTED(AP_TYPES_CONFIG_FILE, "${rel_sysconfdir}/mime.types", | ||
| [Location of the MIME types config file, relative to the Apache root directory]) | ||
|
|
||
|
|
@@ -32,3 +31,6 @@ index d828512..be7bd25 100644 | |
| AC_SUBST(perlbin) | ||
|
|
||
| dnl If we are running on BSD/OS, we need to use the BSD .include syntax. | ||
| -- | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,10 @@ | ||
| From 705c0a7e9d9c1e64ee09fc0b54f6b5a4e27de1ca Mon Sep 17 00:00:00 2001 | ||
| From 43a4ad04e0d8771267a73f98b5918bcd10b167ec Mon Sep 17 00:00:00 2001 | ||
| From: Trevor Gamblin <[email protected]> | ||
| Date: Fri, 17 Apr 2020 06:31:35 -0700 | ||
| Subject: [PATCH] support/apxs.in: force destdir to be empty string | ||
|
|
||
| If destdir is assigned to anything other than the empty string, the | ||
| search path for apache2 config files is appended to itself, and | ||
| If destdir is assigned to anything other than the empty string, the | ||
| search path for apache2 config files is appended to itself, and | ||
| related packages like apache-websocket will be unable to locate them: | ||
|
|
||
| | cannot open | ||
|
|
@@ -24,7 +24,7 @@ Signed-off-by: Trevor Gamblin <[email protected]> | |
| 1 file changed, 6 insertions(+), 4 deletions(-) | ||
|
|
||
| diff --git a/support/apxs.in b/support/apxs.in | ||
| index 65e1288527..9d96e33728 100644 | ||
| index b2705fa..781f2ab 100644 | ||
| --- a/support/apxs.in | ||
| +++ b/support/apxs.in | ||
| @@ -28,10 +28,12 @@ package apxs; | ||
|
|
@@ -45,5 +45,5 @@ index 65e1288527..9d96e33728 100644 | |
| my %config_vars = (); | ||
|
|
||
| -- | ||
| 2.17.1 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,16 +1,15 @@ | ||
| From b62c4cd2295c98b2ebe12641e5f01590bd96ae94 Mon Sep 17 00:00:00 2001 | ||
| From d9993cbc33565c0acd29b0127d651dafa2a16975 Mon Sep 17 00:00:00 2001 | ||
| From: Paul Eggleton <[email protected]> | ||
| Date: Tue, 17 Jul 2012 11:27:39 +0100 | ||
| Subject: [PATCH] apache2: do not use relative path for gen_test_char | ||
|
|
||
| Upstream-Status: Inappropriate [embedded specific] | ||
|
|
||
| --- | ||
| server/Makefile.in | 2 +- | ||
| 1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
|
||
| diff --git a/server/Makefile.in b/server/Makefile.in | ||
| index f635d76..0d48924 100644 | ||
| index 8c0c396..3544f55 100644 | ||
| --- a/server/Makefile.in | ||
| +++ b/server/Makefile.in | ||
| @@ -29,7 +29,7 @@ gen_test_char: $(gen_test_char_OBJECTS) | ||
|
|
@@ -23,5 +22,5 @@ index f635d76..0d48924 100644 | |
| util.lo: test_char.h | ||
|
|
||
| -- | ||
| 2.7.4 | ||
| 2.25.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters