diff --git a/apr-util-1.6.1-r1907242.patch b/apr-util-1.6.1-r1907242.patch new file mode 100644 index 0000000..906c690 --- /dev/null +++ b/apr-util-1.6.1-r1907242.patch @@ -0,0 +1,26 @@ +--- a/memcache/apr_memcache.c 2023/02/03 15:06:16 1907241 ++++ b/memcache/apr_memcache.c 2023/02/03 15:12:10 1907242 +@@ -290,9 +290,9 @@ + apr_status_t rv = APR_SUCCESS; + apr_sockaddr_t *sa; + #if APR_HAVE_SOCKADDR_UN +- apr_int32_t family = conn->ms->host[0] != '/' ? APR_INET : APR_UNIX; ++ apr_int32_t family = conn->ms->host[0] != '/' ? APR_UNSPEC : APR_UNIX; + #else +- apr_int32_t family = APR_INET; ++ apr_int32_t family = APR_UNSPEC; + #endif + + rv = apr_sockaddr_info_get(&sa, conn->ms->host, family, conn->ms->port, 0, conn->p); +@@ -328,9 +328,9 @@ + apr_pool_t *tp; + apr_memcache_server_t *ms = params; + #if APR_HAVE_SOCKADDR_UN +- apr_int32_t family = ms->host[0] != '/' ? APR_INET : APR_UNIX; ++ apr_int32_t family = ms->host[0] != '/' ? APR_UNSPEC : APR_UNIX; + #else +- apr_int32_t family = APR_INET; ++ apr_int32_t family = APR_UNSPEC; + #endif + + rv = apr_pool_create(&np, pool); diff --git a/apr-util.spec b/apr-util.spec index a775c8f..fd467ef 100644 --- a/apr-util.spec +++ b/apr-util.spec @@ -24,6 +24,8 @@ Source0: http://www.apache.org/dist/apr/%{name}-%{version}.tar.bz2 Patch1: apr-util-1.2.7-pkgconf.patch Patch4: apr-util-1.4.1-private.patch Patch5: apr-util-mariadb-upstream.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2063562 +Patch6: apr-util-1.6.1-r1907242.patch # Security patches: # https://bugzilla.redhat.com/show_bug.cgi?id=2169652 @@ -137,6 +139,7 @@ This package provides the NSS crypto support for the apr-util. %patch1 -p1 -b .pkgconf %patch4 -p1 -b .private %patch5 -p1 -b .maria +%patch6 -p1 -b .r1907242 %patch100 -p1 -b .CVE-2022-25147 @@ -248,6 +251,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/aclocal/*.m4 %changelog +* Mon Jun 12 2023 Luboš Uhliarik - 1.6.1-7 +- Resolves: #2063562 - mod_auth_openidc fails with IPv6 OIDCMemCacheServers + * Wed May 31 2023 Luboš Uhliarik - 1.6.1-7 - Resolves: #2196573 - CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64