From: ologantr <ologantr@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] apache: update to 2.4.53.
Date: Sat, 30 Apr 2022 14:21:56 +0200 [thread overview]
Message-ID: <20220430122156.Kr1hCqiC6fOSN4r2jot8H3WzEENvXyADUn071ee7SXs@z> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-36919@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 566 bytes --]
There is an updated pull request by ologantr against master on the void-packages repository
https://github.com/ologantr/void-packages apache-update
https://github.com/void-linux/void-packages/pull/36919
apache: update to 2.4.53.
Fixes CVE-2022-23943, CVE-2022-22721, CVE-2022-22720,
CVE-2022-22719.
#### Testing the changes
- I tested the changes in this PR: **briefly**
#### Local build testing
- I built this PR locally for my native architecture (x86_64-glibc)
A patch file from https://github.com/void-linux/void-packages/pull/36919.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-apache-update-36919.patch --]
[-- Type: text/x-diff, Size: 3397 bytes --]
From 444551f222b58e3f5dee327d17c8f403465acda0 Mon Sep 17 00:00:00 2001
From: ologantr <mrphyber@protonmail.com>
Date: Sat, 30 Apr 2022 10:38:10 +0200
Subject: [PATCH] apache: update to 2.4.53.
Fixes CVE-2022-23943, CVE-2022-22721, CVE-2022-22720,
CVE-2022-22719.
---
srcpkgs/apache/patches/libressl.patch | 11 -----------
srcpkgs/apache/template | 13 ++++++++-----
2 files changed, 8 insertions(+), 16 deletions(-)
delete mode 100644 srcpkgs/apache/patches/libressl.patch
diff --git a/srcpkgs/apache/patches/libressl.patch b/srcpkgs/apache/patches/libressl.patch
deleted file mode 100644
index 300bd7ee1fa6..000000000000
--- a/srcpkgs/apache/patches/libressl.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/modules/ssl/ssl_engine_init.c.orig 2018-10-30 16:25:09.084840429 +0100
-+++ b/modules/ssl/ssl_engine_init.c 2018-10-30 16:25:55.019411636 +0100
-@@ -1492,7 +1492,7 @@
- X509_STORE_CTX *sctx;
- X509_STORE *store = SSL_CTX_get_cert_store(mctx->ssl_ctx);
-
--#if OPENSSL_VERSION_NUMBER >= 0x1010100fL
-+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)
- /* For OpenSSL >=1.1.1, turn on client cert support which is
- * otherwise turned off by default (by design).
- * https://github.com/openssl/openssl/issues/6933 */
diff --git a/srcpkgs/apache/template b/srcpkgs/apache/template
index 2cdb6ca2f449..d64f307ccdf1 100644
--- a/srcpkgs/apache/template
+++ b/srcpkgs/apache/template
@@ -1,6 +1,6 @@
# Template file for 'apache'
pkgname=apache
-version=2.4.52
+version=2.4.53
revision=1
wrksrc="httpd-${version}"
build_style=gnu-configure
@@ -19,15 +19,14 @@ configure_args="--prefix= --sbindir=/usr/bin --enable-pie --enable-modules=all
--enable-dav --enable-info --enable-cgi --enable-cgid --enable-dav-fs
--enable-dav-lock --enable-vhost-alias --enable-imagemap --enable-so
--enable-rewrite --enable-layout=XBPS --sysconfdir=/etc/${pkgname}
- --enable-mpms-shared=all --with-pcre=${XBPS_CROSS_BASE}/usr
- --with-z=${XBPS_CROSS_BASE}/usr"
+ --enable-mpms-shared=all --with-z=${XBPS_CROSS_BASE}/usr"
conf_files="
/etc/${pkgname}/extra/*.conf
/etc/${pkgname}/httpd.conf
/etc/${pkgname}/magic
/etc/${pkgname}/mime.types"
hostmakedepends="pkg-config perl apr-util-devel"
-makedepends="zlib-devel libuuid-devel pcre-devel nghttp2-devel
+makedepends="zlib-devel libuuid-devel pcre2-devel nghttp2-devel
openssl-devel db-devel gdbm-devel expat-devel libldap-devel apr-util-devel"
depends="apache-htpasswd"
short_desc="Apache http server"
@@ -36,7 +35,7 @@ license="Apache-2.0"
homepage="http://httpd.apache.org/"
changelog="http://www.apache.org/dist/httpd/CHANGES_2.4"
distfiles="https://dlcdn.apache.org/httpd/httpd-${version}.tar.bz2"
-checksum=0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9
+checksum=d0bbd1121a57b5f2a6ff92d7b96f8050c5a45d3f14db118f64979d525858db63
system_accounts="_apache"
_apache_homedir="/srv/www/$pkgname"
@@ -63,6 +62,10 @@ pre_configure() {
cat ${FILESDIR}/xbps.layout >> config.layout
if [ "$CROSS_BUILD" ]; then
+ # pcre{,2}-config detection doesn't work on cross
+ # since httpd-2.4.53, manually export PCRE_CONFIG
+ # to let configure know where it is
+ export PCRE_CONFIG="${XBPS_CROSS_BASE}/usr/bin/pcre2-config"
configure_args+=" --with-apr=$XBPS_WRAPPERDIR/apr-1-config
--with-apr-util=$XBPS_WRAPPERDIR/apu-1-config"
else
next prev parent reply other threads:[~2022-04-30 12:21 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-30 8:43 [PR PATCH] " ologantr
2022-04-30 12:21 ` ologantr [this message]
2022-04-30 18:28 ` [PR REVIEW] " paper42
2022-04-30 19:15 ` ologantr
2022-05-01 8:49 ` paper42
2022-05-01 9:03 ` paper42
2022-05-01 9:28 ` [PR PATCH] [Updated] " ologantr
2022-05-01 9:57 ` [PR PATCH] [Merged]: " paper42
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220430122156.Kr1hCqiC6fOSN4r2jot8H3WzEENvXyADUn071ee7SXs@z \
--to=ologantr@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).