import mod_http2-1.15.19-4.el9
This commit is contained in:
parent
914f5dd278
commit
842bfa1a51
13
SOURCES/mod_http2-1.15.19-CVE-2021-44224.patch
Normal file
13
SOURCES/mod_http2-1.15.19-CVE-2021-44224.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
diff --git a/mod_http2/h2_request.c b/mod_http2/h2_request.c
|
||||||
|
index 45df9b1..70241d4 100644
|
||||||
|
--- a/mod_http2/h2_request.c
|
||||||
|
+++ b/mod_http2/h2_request.c
|
||||||
|
@@ -371,7 +371,7 @@ request_rec *h2_request_create_rec(const h2_request *req, conn_rec *c)
|
||||||
|
ap_add_input_filter_handle(ap_http_input_filter_handle,
|
||||||
|
NULL, r, r->connection);
|
||||||
|
|
||||||
|
- if ((access_status = ap_run_post_read_request(r))) {
|
||||||
|
+ if ((access_status = ap_post_read_request(r))) {
|
||||||
|
/* Request check post hooks failed. An example of this would be a
|
||||||
|
* request for a vhost where h2 is disabled --> 421.
|
||||||
|
*/
|
@ -3,18 +3,24 @@
|
|||||||
|
|
||||||
Name: mod_http2
|
Name: mod_http2
|
||||||
Version: 1.15.19
|
Version: 1.15.19
|
||||||
Release: 2%{?dist}
|
Release: 4%{?dist}
|
||||||
Summary: module implementing HTTP/2 for Apache 2
|
Summary: module implementing HTTP/2 for Apache 2
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: https://icing.github.io/mod_h2/
|
URL: https://icing.github.io/mod_h2/
|
||||||
Source0: https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2-%{version}.tar.gz
|
Source0: https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2-%{version}.tar.gz
|
||||||
Patch1: mod_http2-1.14.1-buildfix.patch
|
Patch1: mod_http2-1.14.1-buildfix.patch
|
||||||
Patch2: mod_http2-1.15.14-openssl30.patch
|
Patch2: mod_http2-1.15.14-openssl30.patch
|
||||||
|
|
||||||
|
# Security patches:
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2034672
|
||||||
|
Patch100: mod_http2-1.15.19-CVE-2021-44224.patch
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2
|
BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2
|
||||||
BuildRequires: autoconf, libtool, /usr/bin/hostname
|
BuildRequires: autoconf, libtool, /usr/bin/hostname
|
||||||
Requires: httpd-mmn = %{_httpd_mmn}
|
Requires: httpd-mmn = %{_httpd_mmn}
|
||||||
|
Requires: httpd >= 2.4.51-7
|
||||||
Conflicts: httpd < 2.4.25-8
|
Conflicts: httpd < 2.4.25-8
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -26,6 +32,8 @@ top of libnghttp2 for httpd 2.4 servers.
|
|||||||
%patch1 -p1 -b .buildfix
|
%patch1 -p1 -b .buildfix
|
||||||
%patch2 -p1 -b .openssl30
|
%patch2 -p1 -b .openssl30
|
||||||
|
|
||||||
|
%patch100 -p1 -b .CVE-2021-44224
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -i
|
autoreconf -i
|
||||||
%configure --with-apxs=%{_httpd_apxs}
|
%configure --with-apxs=%{_httpd_apxs}
|
||||||
@ -49,6 +57,13 @@ echo "LoadModule proxy_http2_module modules/mod_proxy_http2.so" > %{buildroot}%{
|
|||||||
%{_httpd_moddir}/mod_proxy_http2.so
|
%{_httpd_moddir}/mod_proxy_http2.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Dec 05 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.19-4
|
||||||
|
- Resolves: #2143176 - Dependency from mod_http2 on httpd broken
|
||||||
|
|
||||||
|
* Mon Mar 21 2022 Luboš Uhliarik <luhliari@redhat.com> - 1.15.19-3
|
||||||
|
- Resolves: #2066311 - CVE-2021-44224 httpd: possible NULL dereference or SSRF
|
||||||
|
in forward proxy configurations
|
||||||
|
|
||||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.15.19-2
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.15.19-2
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
Related: rhbz#1991688
|
Related: rhbz#1991688
|
||||||
|
Loading…
Reference in New Issue
Block a user