diff --git a/mod_http2.spec b/mod_http2.spec index bc12964..03bcbde 100644 --- a/mod_http2.spec +++ b/mod_http2.spec @@ -2,17 +2,18 @@ %{!?_httpd_mmn: %global _httpd_mmn %(cat %{_includedir}/httpd/.mmn 2>/dev/null || echo 0-0)} Name: mod_http2 -Version: 1.15.14 -Release: 3%{?dist} +Version: 1.15.19 +Release: 1%{?dist} Summary: module implementing HTTP/2 for Apache 2 License: ASL 2.0 URL: https://icing.github.io/mod_h2/ Source0: https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2-%{version}.tar.gz Patch1: mod_http2-1.14.1-buildfix.patch -BuildRequires: make +BuildRequires: make BuildRequires: gcc -BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2 -Requires: httpd-mmn = %{_httpd_mmn} +BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2 +BuildRequires: autoconf, libtool, /usr/bin/hostname +Requires: httpd-mmn = %{_httpd_mmn} Conflicts: httpd < 2.4.25-8 %description @@ -24,6 +25,7 @@ top of libnghttp2 for httpd 2.4 servers. %patch1 -p1 -b .buildfix %build +autoreconf -i %configure --with-apxs=%{_httpd_apxs} %make_build @@ -45,6 +47,11 @@ echo "LoadModule proxy_http2_module modules/mod_proxy_http2.so" > %{buildroot}%{ %{_httpd_moddir}/mod_proxy_http2.so %changelog +* Fri Jun 11 2021 Luboš Uhliarik - 1.15.19-1 +- new version 1.15.19 +- Resolves: #1968014 - CVE-2021-31618 httpd: NULL pointer dereference on + specially crafted HTTP/2 request + * Tue Jan 26 2021 Fedora Release Engineering - 1.15.14-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild diff --git a/sources b/sources index 0bd3f9b..689d315 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (mod_http2-1.15.14.tar.gz) = 6108604714e900b2b982c5dfc27d6c878961e11b62a13b7b6259a823f89ea2fb2278db75ac87c76cca8ad16dafb2ac8aff32b42368b74a030285ab9905bf10e9 +SHA512 (mod_http2-1.15.19.tar.gz) = 6b03dd027cbf6560cf58066ff1a1348462eb3daef6edc48e680a18007e4e987d348f5ddef90378c13453c642c80c88f7af388336b08d06d110795ba08548c093