import httpd-2.4.53-11.el9_2.4

This commit is contained in:
CentOS Sources 2023-05-09 05:30:01 +00:00 committed by Stepan Oksanichenko
parent 0ee71a8f08
commit 2361b91abe
2 changed files with 36 additions and 11 deletions

View File

@ -0,0 +1,14 @@
diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index e488aa6..8267f1b 100644
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -3121,7 +3121,7 @@ PROXY_DECLARE(apr_status_t) ap_proxy_check_connection(const char *scheme,
"%s: backend socket is disconnected.", scheme);
}
else {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, server, APLOGNO(03408)
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, server, APLOGNO(03408)
"%s: reusable backend connection is not empty: "
"forcibly closed", scheme);
}

View File

@ -13,7 +13,7 @@
Summary: Apache HTTP Server Summary: Apache HTTP Server
Name: httpd Name: httpd
Version: 2.4.53 Version: 2.4.53
Release: 7%{?dist}.5 Release: 11%{?dist}.4
URL: https://httpd.apache.org/ URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@ -114,6 +114,8 @@ Patch66: httpd-2.4.51-r1892413+.patch
Patch67: httpd-2.4.51-r1811831.patch Patch67: httpd-2.4.51-r1811831.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2098056 # https://bugzilla.redhat.com/show_bug.cgi?id=2098056
Patch68: httpd-2.4.53-r1878890.patch Patch68: httpd-2.4.53-r1878890.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2151313
Patch69: httpd-2.4.53-proxy-util-loglevel.patch
# Security fixes # Security fixes
# https://bugzilla.redhat.com/show_bug.cgi?id=2094997 # https://bugzilla.redhat.com/show_bug.cgi?id=2094997
@ -168,7 +170,7 @@ Requires: httpd-filesystem = %{version}-%{release}
Requires(pre): httpd-filesystem Requires(pre): httpd-filesystem
Conflicts: apr < 1.5.0-1 Conflicts: apr < 1.5.0-1
Conflicts: httpd < 2.4.53-3 Conflicts: httpd < 2.4.53-3
Conflicts: mod_http2 < 1.15.19-3%{?dist}.4 Conflicts: mod_http2 < 1.15.19-4%{?dist}.3
Obsoletes: mod_proxy_uwsgi < 2.0.17.1-2 Obsoletes: mod_proxy_uwsgi < 2.0.17.1-2
%description core %description core
@ -221,7 +223,7 @@ Epoch: 1
BuildRequires: openssl-devel BuildRequires: openssl-devel
Requires(pre): httpd-filesystem Requires(pre): httpd-filesystem
Requires: httpd-core = 0:%{version}-%{release}, httpd-mmn = %{mmnisa} Requires: httpd-core = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
Requires: sscg >= 2.2.0, /usr/bin/hostname Requires: sscg >= 3.0.0-7, /usr/bin/hostname
# Require an OpenSSL which supports PROFILE=SYSTEM # Require an OpenSSL which supports PROFILE=SYSTEM
Conflicts: openssl-libs < 1:1.0.1h-4 Conflicts: openssl-libs < 1:1.0.1h-4
@ -305,6 +307,7 @@ written in the Lua programming language.
%patch66 -p1 -b .r1892413+ %patch66 -p1 -b .r1892413+
%patch67 -p1 -b .r1811831 %patch67 -p1 -b .r1811831
%patch68 -p1 -b .r1878890 %patch68 -p1 -b .r1878890
%patch69 -p1 -b .proxyutil-loglevel
%patch200 -p1 -b .CVE-2022-26377 %patch200 -p1 -b .CVE-2022-26377
%patch201 -p1 -b .CVE-2022-28615 %patch201 -p1 -b .CVE-2022-28615
@ -876,18 +879,26 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd %{_rpmconfigdir}/macros.d/macros.httpd
%changelog %changelog
* Thu Mar 16 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7.5 * Sat Mar 18 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-11.4
- Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with - Resolves: #2177752 - CVE-2023-25690 httpd: HTTP request splitting with
mod_rewrite and mod_proxy mod_rewrite and mod_proxy
* Tue Jan 31 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7.1 * Mon Jan 30 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-11
- Resolves: #2165975 - prevent sscg creating /dhparams.pem - Resolves: #2162500 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write
- Resolves: #2165970 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write
of zero byte of zero byte
- Resolves: #2165973 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162486 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting
- Resolves: #2165974 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request - Resolves: #2162510 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request
smuggling smuggling
* Tue Jan 24 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-10
- Resolves: #2160667 - prevent sscg creating /dhparams.pem
* Thu Dec 08 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-9
- Resolves: #2143176 - Dependency from mod_http2 on httpd broken
* Tue Dec 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-8
- Resolves: #2151313 - reduce AH03408 log level from WARNING to INFO
* Wed Jul 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7 * Wed Jul 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7
- Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request - Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request
smuggling smuggling