Compare commits
2 Commits
f517a04176
...
004eed36d6
Author | SHA1 | Date |
---|---|---|
Joe Orton | 004eed36d6 | |
Johnny Hughes | b28aedde41 |
|
@ -0,0 +1 @@
|
||||||
|
4a38471de821288b0300148016f2b03dfee8adf2 httpd-2.4.37.tar.bz2
|
|
@ -0,0 +1,39 @@
|
||||||
|
# ./pullrev.sh 1884505 1915625
|
||||||
|
http://svn.apache.org/viewvc?view=revision&revision=1884505
|
||||||
|
http://svn.apache.org/viewvc?view=revision&revision=1915625
|
||||||
|
|
||||||
|
--- httpd-2.4.57/modules/filters/mod_xml2enc.c
|
||||||
|
+++ httpd-2.4.57/modules/filters/mod_xml2enc.c
|
||||||
|
@@ -329,7 +329,7 @@
|
||||||
|
apr_bucket* bstart;
|
||||||
|
apr_size_t insz = 0;
|
||||||
|
int pending_meta = 0;
|
||||||
|
- char *ctype;
|
||||||
|
+ char *mtype;
|
||||||
|
char *p;
|
||||||
|
|
||||||
|
if (!ctx || !f->r->content_type) {
|
||||||
|
@@ -338,13 +338,17 @@
|
||||||
|
return ap_pass_brigade(f->next, bb) ;
|
||||||
|
}
|
||||||
|
|
||||||
|
- ctype = apr_pstrdup(f->r->pool, f->r->content_type);
|
||||||
|
- for (p = ctype; *p; ++p)
|
||||||
|
- if (isupper(*p))
|
||||||
|
- *p = tolower(*p);
|
||||||
|
+ /* Extract the media type, ignoring parameters in content-type. */
|
||||||
|
+ mtype = apr_pstrdup(f->r->pool, f->r->content_type);
|
||||||
|
+ if ((p = ap_strchr(mtype, ';')) != NULL) *p = '\0';
|
||||||
|
+ ap_str_tolower(mtype);
|
||||||
|
|
||||||
|
- /* only act if starts-with "text/" or contains "xml" */
|
||||||
|
- if (strncmp(ctype, "text/", 5) && !strstr(ctype, "xml")) {
|
||||||
|
+ /* Accept text/ types, plus any XML media type per RFC 7303. */
|
||||||
|
+ if (!(strncmp(mtype, "text/", 5) == 0
|
||||||
|
+ || strcmp(mtype, "application/xml") == 0
|
||||||
|
+ || (strlen(mtype) > 7 /* minimum 'a/b+xml' length */
|
||||||
|
+ && (p = strstr(mtype, "+xml")) != NULL
|
||||||
|
+ && strlen(p) == 4 /* ensures +xml is a suffix */))) {
|
||||||
|
ap_remove_output_filter(f);
|
||||||
|
return ap_pass_brigade(f->next, bb) ;
|
||||||
|
}
|
14
httpd.spec
14
httpd.spec
|
@ -3,7 +3,7 @@
|
||||||
%define suexec_caller apache
|
%define suexec_caller apache
|
||||||
%define mmn 20120211
|
%define mmn 20120211
|
||||||
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
|
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
|
||||||
%define vstring %(source /etc/os-release; echo ${REDHAT_SUPPORT_PRODUCT})
|
%define vstring %(source /etc/os-release; echo ${NAME})
|
||||||
%if 0%{?fedora} > 26 || 0%{?rhel} > 7
|
%if 0%{?fedora} > 26 || 0%{?rhel} > 7
|
||||||
%global mpm event
|
%global mpm event
|
||||||
%else
|
%else
|
||||||
|
@ -13,7 +13,7 @@
|
||||||
Summary: Apache HTTP Server
|
Summary: Apache HTTP Server
|
||||||
Name: httpd
|
Name: httpd
|
||||||
Version: 2.4.37
|
Version: 2.4.37
|
||||||
Release: 62%{?dist}
|
Release: 63%{?dist}
|
||||||
URL: https://httpd.apache.org/
|
URL: https://httpd.apache.org/
|
||||||
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
||||||
Source2: httpd.logrotate
|
Source2: httpd.logrotate
|
||||||
|
@ -169,6 +169,8 @@ Patch91: httpd-2.4.37-add-SNI-support.patch
|
||||||
Patch92: httpd-2.4.37-mod_status-duplicate-key.patch
|
Patch92: httpd-2.4.37-mod_status-duplicate-key.patch
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2221083
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2221083
|
||||||
Patch93: httpd-2.4.37-r1885607.patch
|
Patch93: httpd-2.4.37-r1885607.patch
|
||||||
|
# https://issues.redhat.com/browse/RHEL-14321
|
||||||
|
Patch94: httpd-2.4.57-r1884505+.patch
|
||||||
|
|
||||||
# Security fixes
|
# Security fixes
|
||||||
Patch200: httpd-2.4.37-r1851471.patch
|
Patch200: httpd-2.4.37-r1851471.patch
|
||||||
|
@ -437,6 +439,7 @@ interface for storing and accessing per-user session data.
|
||||||
%patch91 -p1 -b .SNI
|
%patch91 -p1 -b .SNI
|
||||||
%patch92 -p1 -b .mod_status-dupl
|
%patch92 -p1 -b .mod_status-dupl
|
||||||
%patch93 -p1 -b .r1885607
|
%patch93 -p1 -b .r1885607
|
||||||
|
%patch94 -p1 -b .r1884505+
|
||||||
|
|
||||||
%patch200 -p1 -b .r1851471
|
%patch200 -p1 -b .r1851471
|
||||||
%patch201 -p1 -b .CVE-2019-0211
|
%patch201 -p1 -b .CVE-2019-0211
|
||||||
|
@ -983,6 +986,13 @@ rm -rf $RPM_BUILD_ROOT
|
||||||
%{_rpmconfigdir}/macros.d/macros.httpd
|
%{_rpmconfigdir}/macros.d/macros.httpd
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 14 2024 Joe Orton <jorton@redhat.com> - 2.4.37-63
|
||||||
|
- mod_xml2enc: fix media type handling
|
||||||
|
Resolves: RHEL-14321
|
||||||
|
|
||||||
|
* Thu Aug 17 2023 Johnny Hughes <jhughes@redhat.com> - 2.4.37-62
|
||||||
|
- change for CentOS Stream Branding
|
||||||
|
|
||||||
* Thu Jul 27 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-62
|
* Thu Jul 27 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-62
|
||||||
- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi
|
- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi
|
||||||
CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked
|
CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked
|
||||||
|
|
Loading…
Reference in New Issue