forked from pool/apache2
Accepting request 924154 from Apache
- version update to 2.4.51 *) SECURITY: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (cve.mitre.org) *) core: Add ap_unescape_url_ex() for better decoding control, and deprecate unused AP_NORMALIZE_DROP_PARAMETERS flag. (forwarded request 924064 from stroeder) OBS-URL: https://build.opensuse.org/request/show/924154 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=186
This commit is contained in:
commit
c5e8f6233e
@ -1,3 +1,59 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Oct 7 17:30:44 UTC 2021 - Michael Ströder <michael@stroeder.com>
|
||||||
|
|
||||||
|
- version update to 2.4.51
|
||||||
|
*) SECURITY: CVE-2021-42013: Path Traversal and Remote Code
|
||||||
|
Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
|
||||||
|
fix of CVE-2021-41773) (cve.mitre.org)
|
||||||
|
*) core: Add ap_unescape_url_ex() for better decoding control, and deprecate
|
||||||
|
unused AP_NORMALIZE_DROP_PARAMETERS flag.
|
||||||
|
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Oct 4 15:23:51 UTC 2021 - Michael Ströder <michael@stroeder.com>
|
||||||
|
|
||||||
|
- version update to 2.4.50
|
||||||
|
*) core: AP_NORMALIZE_DECODE_UNRESERVED should normalize the second dot in
|
||||||
|
the uri-path when it's preceded by a dot. [Yann Ylavic]
|
||||||
|
*) mod_md: when MDMessageCmd for a 'challenge-setup:<type>:<dnsname>'
|
||||||
|
fails (!= 0 exit), the renewal process is aborted and an error is
|
||||||
|
reported for the MDomain. This provides scripts that distribute
|
||||||
|
information in a cluster to abort early with bothering an ACME
|
||||||
|
server to validate a dns name that will not work. The common
|
||||||
|
retry logic will make another attempt in the future, as with
|
||||||
|
other failures.
|
||||||
|
Fixed a bug when adding private key specs to an already working
|
||||||
|
MDomain, see <https://github.com/icing/mod_md/issues/260>.
|
||||||
|
[Stefan Eissing]
|
||||||
|
*) mod_proxy: Handle UDS URIs with empty hostname ("unix:///...") as if they
|
||||||
|
had no hostname ("unix:/..."). [Yann Ylavic]
|
||||||
|
*) mod_md: fixed a bug in handling multiple parallel OCSP requests. These could
|
||||||
|
run into an assertion which terminated (and restarted) the child process where
|
||||||
|
the task was running. Eventually, all OCSP responses were collected, but not
|
||||||
|
in the way that things are supposed to work.
|
||||||
|
See also <https://bz.apache.org/bugzilla/show_bug.cgi?id=65567>.
|
||||||
|
The bug was possibly triggered when more than one OCSP status needed updating
|
||||||
|
at the same time. For example for several renewed certificates after a server
|
||||||
|
reload.
|
||||||
|
*) mod_rewrite: Fix UDS ("unix:") scheme for [P] rules. PR 57691 + 65590.
|
||||||
|
[Janne Peltonen <janne.peltonen sange.fi>]
|
||||||
|
*) event mpm: Correctly count active child processes in parent process if
|
||||||
|
child process dies due to MaxConnectionsPerChild.
|
||||||
|
PR 65592 [Ruediger Pluem]
|
||||||
|
*) mod_http2: when a server is restarted gracefully, any idle h2 worker
|
||||||
|
threads are shut down immediately.
|
||||||
|
Also, change OpenSSL API use for deprecations in OpenSSL 3.0.
|
||||||
|
Adds all other, never proposed code changes to make a clean
|
||||||
|
sync of http2 sources. [Stefan Eissing]
|
||||||
|
*) mod_dav: Correctly handle errors returned by dav providers on REPORT
|
||||||
|
requests. [Ruediger Pluem]
|
||||||
|
*) core: do not install core input/output filters on secondary
|
||||||
|
connections. [Stefan Eissing]
|
||||||
|
*) core: Add ap_pre_connection() as a wrapper to ap_run_pre_connection()
|
||||||
|
and use it to prevent that failures in running the pre_connection
|
||||||
|
hook cause crashes afterwards. [Ruediger Pluem]
|
||||||
|
*) mod_speling: Add CheckBasenameMatch PR 44221. [Christophe Jaillet]
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Sep 17 08:37:29 UTC 2021 - pgajdos@suse.com
|
Fri Sep 17 08:37:29 UTC 2021 - pgajdos@suse.com
|
||||||
|
|
||||||
|
@ -115,7 +115,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: apache2%{psuffix}
|
Name: apache2%{psuffix}
|
||||||
Version: 2.4.49
|
Version: 2.4.51
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: The Apache HTTPD Server
|
Summary: The Apache HTTPD Server
|
||||||
License: Apache-2.0
|
License: Apache-2.0
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:65b965d6890ea90d9706595e4b7b9365b5060bec8ea723449480b4769974133b
|
|
||||||
size 7199599
|
|
@ -1,17 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
Comment: GPGTools - https://gpgtools.org
|
|
||||||
|
|
||||||
iQIzBAABCgAdFiEEJvUe+agvSstD8ZA+03fJ59GUTGYFAmE7YfoACgkQ03fJ59GU
|
|
||||||
TGbbug//aZ9SUOjopIEfyop/AcVdDhgXJjs0ZRQEA4DpDRWwn5//8agKAoZpe8ao
|
|
||||||
UEqb89zTISkxEIwwUAnF5Df9g1cP6iF+pgfGQS2tNB0EIYVnOQCubd7Dj6WWr9GY
|
|
||||||
bzA7qTgO9Y7jwyYzHlwMX1chZ49wRjoQdzQbCIjNPxRA0PdOSZn6NlcEJSfodgqH
|
|
||||||
XQM8/akvPQ1SFwmN990ObcWMjRopwDovlRvHtyKfTSgtNjbL4Qe4PVGp9K5RYCoM
|
|
||||||
M0QyIZokOMxpNmAh37FAd2siBSyXrJZFlgpXkXnQ6mn7EHU/+yh2XiTo/XJ0CjMf
|
|
||||||
yytcC1l9DIW7VIH9HogdZQ9E4cvFjMLve03YbAOhzjOYdmCjU+v1gwUC6m0NV+H8
|
|
||||||
XV573435L9BIXb4nI0TB2nbtiJiFBKcoinsps5UEX5KbAepQAC6OPqADEHQgRkCn
|
|
||||||
9PCzruJlJUm7oh2q9BRg2qc2IoePyk5Tv7MAcT6msGcSX9Lh5TkHsLIVPdId+aZ/
|
|
||||||
0Q7gIgME9Ej4k+LoiuJNmag7IgLQZxTk82CD9T59REslgDkkT2KP4/PzSgx8G5It
|
|
||||||
GmtOQUX7x4AgGtu1YSSn9mbZ73P7b76ii1vHv/eOybAY7zWe/03hXaeNn0Lcgk7Z
|
|
||||||
nBjWQfm/Pv01QgCNdpiyZ/lRj3zn4VxFMtCFNSB3ktgezxhYcWI=
|
|
||||||
=qZK9
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
httpd-2.4.51.tar.bz2
Normal file
3
httpd-2.4.51.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4
|
||||||
|
size 7653609
|
17
httpd-2.4.51.tar.bz2.asc
Normal file
17
httpd-2.4.51.tar.bz2.asc
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
Comment: GPGTools - https://gpgtools.org
|
||||||
|
|
||||||
|
iQIzBAABCgAdFiEEJvUe+agvSstD8ZA+03fJ59GUTGYFAmFe8kEACgkQ03fJ59GU
|
||||||
|
TGatthAAtWzeOD1TCIEvf5f9bAIZDK9vjEEnBZDeYMMrH1wVJGNJm48XP08O/Kbq
|
||||||
|
qhvc9201RUwkAtWEUX811ZBAYd5A8lAqetfmIuCSHerYSOU0CbhvBjKsuIJVIKWD
|
||||||
|
Wo1uPUDWk068V0HBquQtW6AEB4oo16fKPMEr1aOOxFpR+F806daJN1gt3ubPzkNJ
|
||||||
|
rZd4E6dV00eEymeUIfk0BjDqSWKHmUr+08/dtWqc7kGYGcnJzu0e5pr6cc0hOV2o
|
||||||
|
mqYm28F7eMSe5JCnAOd1LnnqtOwV81mZLxiAxR40PoFhV7IoBLo0zAJ99AHxJfA2
|
||||||
|
9RjCmZ/WYtleeDT7mC1cdATHKOPRaubklzK6Ntf7tMaRIO07hnIfIRXQveKG7h+G
|
||||||
|
Og6PGtfR9bwDGrg2f5Dr+R2fwUJO7EL31IxTYQFBUDe2Q82aNIWpdIFdte93nc+S
|
||||||
|
HqjWq3w6zq+jdSm3xvyLB0LLSOguXhcjj5VEqV+aExZPASbf+Q8bG51mSbMQhkaq
|
||||||
|
fEheFcdhu3Sm0x5xQXvEM3gX5XUr8vmrPWaacayPYfS7MinWukV0hXe5/DoYkFTt
|
||||||
|
a1pt6bHcyVfR0tB0Q3bvm59EeaxLVfogb6Eq74RlrfYiCU/Qx7bMUs3tSeIkHGmY
|
||||||
|
cNhpxzc/36i4Cf+fBDPKuJroXYV5wFoQmpnXVLAqRd6jWZcOizY=
|
||||||
|
=f5dx
|
||||||
|
-----END PGP SIGNATURE-----
|
Loading…
x
Reference in New Issue
Block a user