From 0ff43a37a3345354d54c9b64a0669cf4f61f9903 Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Thu, 23 Aug 2018 18:05:06 -0700 Subject: [PATCH] apache: Update to 2.4.37 Fixes at least: CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1312 Added CPE ID for proper CVE tracking. Signed-off-by: Rosen Penev --- net/apache/Makefile | 18 ++++++++++-------- net/apache/patches/001-Makefile_in.patch | 2 +- net/apache/patches/003-logdir_fix.patch | 2 +- .../patches/010-reproducible-builds.patch | 2 +- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/net/apache/Makefile b/net/apache/Makefile index 9b13383469..900f866f2d 100644 --- a/net/apache/Makefile +++ b/net/apache/Makefile @@ -8,21 +8,23 @@ include $(TOPDIR)/rules.mk PKG_NAME:=apache -PKG_VERSION:=2.4.28 -PKG_RELEASE:=2 +PKG_VERSION:=2.4.37 +PKG_RELEASE:=1 PKG_SOURCE_NAME:=httpd -PKG_MAINTAINER:=Thomas Heil -PKG_LICENSE:=Apache License PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=@APACHE/httpd/ -PKG_HASH:=c1197a3a62a4ab5c584ab89b249af38cf28b4adee9c0106b62999fd29f920666 +PKG_HASH:=3498dc5c6772fac2eb7307dc7963122ffe243b5e806e0be4fb51974ff759d726 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION) +PKG_MAINTAINER:=Thomas Heil +PKG_LICENSE:=Apache License +PKG_CPE_ID:=cpe:/a:apache:http_server + PKG_INSTALL:=1 -PKG_CONFIG_DEPENDS := \ +PKG_CONFIG_DEPENDS:= \ CONFIG_APACHE_HTTP2 ADDITIONAL_MODULES:= @@ -40,7 +42,7 @@ define Package/apache/Default CATEGORY:=Network SUBMENU:=Web Servers/Proxies TITLE:=The Apache Web Server - URL:=http://httpd.apache.org/ + URL:=https://httpd.apache.org/ endef define Package/apache/Default/description @@ -103,7 +105,7 @@ $(call Package/apache/Default/description) This package contains the icons from Apache. endef -TARGET_CFLAGS += $(FPIC) +TARGET_CFLAGS += $(FPIC) -Wno-error TARGET_CPPFLAGS += -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE TARGET_LDFLAGS += -lpthread diff --git a/net/apache/patches/001-Makefile_in.patch b/net/apache/patches/001-Makefile_in.patch index 0bccfd3bd2..4daf14f448 100644 --- a/net/apache/patches/001-Makefile_in.patch +++ b/net/apache/patches/001-Makefile_in.patch @@ -1,6 +1,6 @@ --- a/server/Makefile.in +++ b/server/Makefile.in -@@ -26,7 +26,10 @@ gen_test_char: $(gen_test_char_OBJECTS) +@@ -29,7 +29,10 @@ gen_test_char: $(gen_test_char_OBJECTS) $(LINK) $(EXTRA_LDFLAGS) $(gen_test_char_OBJECTS) $(EXTRA_LIBS) test_char.h: gen_test_char diff --git a/net/apache/patches/003-logdir_fix.patch b/net/apache/patches/003-logdir_fix.patch index fd22410d7c..19fcbf7d6b 100644 --- a/net/apache/patches/003-logdir_fix.patch +++ b/net/apache/patches/003-logdir_fix.patch @@ -26,7 +26,7 @@ Index: httpd-2.4.25/config.layout proxycachedir: ${localstatedir}/proxy -@@ -150,7 +150,7 @@ +@@ -174,7 +174,7 @@ includedir: ${prefix}/include localstatedir: /var${prefix} runtimedir: ${localstatedir}/run diff --git a/net/apache/patches/010-reproducible-builds.patch b/net/apache/patches/010-reproducible-builds.patch index 7a5324b625..0289da1cbe 100644 --- a/net/apache/patches/010-reproducible-builds.patch +++ b/net/apache/patches/010-reproducible-builds.patch @@ -31,7 +31,7 @@ Index: apache2/server/Makefile.in CLEAN_TARGETS = gen_test_char test_char.h \ ApacheCoreOS2.def httpd.exp export_files \ -@@ -80,8 +81,8 @@ httpd.exp: exports.c export_vars.h +@@ -85,8 +86,8 @@ httpd.exp: exports.c export_vars.h @echo "#! ." > $@ @echo "* This file was AUTOGENERATED at build time." >> $@ @echo "* Please do not edit by hand." >> $@ -- 2.30.2