From ab8ba3f534ee7315327131a6530548f0959cd3ffabf4a1c5d373d8f0ef8de3ae Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Wed, 21 Aug 2019 10:24:31 +0000 Subject: [PATCH] Accepting request 723497 from home:stroeder:branches:Apache update to 2.4.41 OBS-URL: https://build.opensuse.org/request/show/723497 OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=585 --- apache2.changes | 16 ++++++++++++++++ apache2.spec | 2 +- httpd-2.4.39.tar.bz2 | 3 --- httpd-2.4.39.tar.bz2.asc | 11 ----------- httpd-2.4.41.tar.bz2 | 3 +++ httpd-2.4.41.tar.bz2.asc | 11 +++++++++++ 6 files changed, 31 insertions(+), 15 deletions(-) delete mode 100644 httpd-2.4.39.tar.bz2 delete mode 100644 httpd-2.4.39.tar.bz2.asc create mode 100644 httpd-2.4.41.tar.bz2 create mode 100644 httpd-2.4.41.tar.bz2.asc diff --git a/apache2.changes b/apache2.changes index 5d6bd62..931f071 100644 --- a/apache2.changes +++ b/apache2.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Thu Aug 15 09:05:22 UTC 2019 - Michael Ströder + +- version update to 2.4.41 with security fixes: + * low: Limited cross-site scripting in mod_proxy + error page (CVE-2019-10092) + * low: mod_rewrite potential open redirect (CVE-2019-10098) + * moderate: mod_http2, read-after-free in h2 + connection shutdown (CVE-2019-10082) + * moderate: mod_http2, memory corruption on + early pushes (CVE-2019-10081) + * moderate: mod_http2, DoS attack by exhausting + h2 workers. (CVE-2019-9517) + * moderate: mod_remoteip: Stack buffer overflow and + NULL pointer dereference (CVE-2019-10097) + ------------------------------------------------------------------- Wed Jun 26 07:34:16 UTC 2019 - pgajdos@suse.com diff --git a/apache2.spec b/apache2.spec index 4f3ac80..e2e3331 100644 --- a/apache2.spec +++ b/apache2.spec @@ -65,7 +65,7 @@ %define build_http2 0 %endif Name: apache2 -Version: 2.4.39 +Version: 2.4.41 Release: 0 Summary: The Apache Web Server Version 2.4 License: Apache-2.0 diff --git a/httpd-2.4.39.tar.bz2 b/httpd-2.4.39.tar.bz2 deleted file mode 100644 index e6cb5e5..0000000 --- a/httpd-2.4.39.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b4ca9d05773aa59b54d66cd8f4744b945289f084d3be17d7981d1783a5decfa2 -size 7030539 diff --git a/httpd-2.4.39.tar.bz2.asc b/httpd-2.4.39.tar.bz2.asc deleted file mode 100644 index e9383dc..0000000 --- a/httpd-2.4.39.tar.bz2.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEueghOu+4Ya81pB8smV41IhrYTf8FAlybkZUACgkQmV41IhrY -Tf95uwgAxLwIsW7SFVXjYND69EBKwUPddPgvLTXCC8Qb7v49nkGLQbNp7Emiolsq -CcgIjUNtKCgOSI/diAH0Ii2e3FpdvmZKgxWKqGXAn5xUSq4Sp9McQb1S46x925gU -J+Qqm4e3+JiY3nBntPx3K2j8/33hX/QMDxOTqnYE+m/l5uyL713Ed2LeJe6Dc4oE -PxAmNm2TEdWfAG0/ZIzhGkZEoEjLQLTKJ6MVpEFeF7UKVJVc2aeA6a8FOilIoCXX -k0/fFc8ljjogy4tia3EiKZCW3VRVYeZa7IiSlTRo8UhUKPAF8h4/I8T35Mq1n3mV -KPMrkTtxb9N3o91KFSJHaXuIKxrltw== -=lnVM ------END PGP SIGNATURE----- diff --git a/httpd-2.4.41.tar.bz2 b/httpd-2.4.41.tar.bz2 new file mode 100644 index 0000000..5ef8401 --- /dev/null +++ b/httpd-2.4.41.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:133d48298fe5315ae9366a0ec66282fa4040efa5d566174481077ade7d18ea40 +size 7072373 diff --git a/httpd-2.4.41.tar.bz2.asc b/httpd-2.4.41.tar.bz2.asc new file mode 100644 index 0000000..3f99550 --- /dev/null +++ b/httpd-2.4.41.tar.bz2.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEueghOu+4Ya81pB8smV41IhrYTf8FAl1NdwkACgkQmV41IhrY +Tf/7cQf/YbevWNKn+DaPX+3pZ8BblqhMYzYZLDavSejV4dKzXoF0FA2IkMxq9Gh7 +y6cbLaycTOewkV2HZmtBhBLJRDlOLISKmkzXdq2qZJq9UR3aGFXnpZfRfaLBPExx +XX0H0con4n8qvcPTAfOSc6uT64HR9kZlAzPjr2I2nsZht3rDsXw+pvA0AhpfpqPS +7FSVMTXb7WUvMJauJdLetV2l8vY5P9LGDGMc7YPSfjGY3nrZJJv1DqCChF52SHph +6C0FPDjrewIIzUyJLKTkBH+dK6Wx1Lv4blBqOX+FK0Zj79zSwcNkZJDxoEdpYjyk +cPCTuAUKTV9e29TN1elZgP2ES75H4Q== +=vwtE +-----END PGP SIGNATURE-----