rpms/mod_http2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

new version 1.15.19

Browse Source 
Resolves: #1968014 - CVE-2021-31618 httpd: NULL pointer dereference on
  specially crafted HTTP/2 request
This commit is contained in:
Luboš Uhliarik 2021-06-11 13:56:42 +02:00
parent 650a68faaa
commit d38f866d67
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
mod_http2.spec
View File

@ -2,17 +2,18 @@
%{!?_httpd_mmn: %global _httpd_mmn %(cat %{_includedir}/httpd/.mmn 2>/dev/null || echo 0-0)} %{!?_httpd_mmn: %global _httpd_mmn %(cat %{_includedir}/httpd/.mmn 2>/dev/null || echo 0-0)}
Name: mod_http2 Name: mod_http2
Version: 1.15.14 Version: 1.15.19
Release: 3%{?dist} Release: 1%{?dist}
Summary: module implementing HTTP/2 for Apache 2 Summary: module implementing HTTP/2 for Apache 2
License: ASL 2.0 License: ASL 2.0
URL: https://icing.github.io/mod_h2/ URL: https://icing.github.io/mod_h2/
Source0: https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2-%{version}.tar.gz Source0: https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2-%{version}.tar.gz
Patch1: mod_http2-1.14.1-buildfix.patch Patch1: mod_http2-1.14.1-buildfix.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2 BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2
Requires: httpd-mmn = %{_httpd_mmn} BuildRequires: autoconf, libtool, /usr/bin/hostname
Requires: httpd-mmn = %{_httpd_mmn}
Conflicts: httpd < 2.4.25-8 Conflicts: httpd < 2.4.25-8
%description %description
@ -24,6 +25,7 @@ top of libnghttp2 for httpd 2.4 servers.
%patch1 -p1 -b .buildfix %patch1 -p1 -b .buildfix
%build %build
autoreconf -i
%configure --with-apxs=%{_httpd_apxs} %configure --with-apxs=%{_httpd_apxs}
%make_build %make_build
@ -45,6 +47,11 @@ echo "LoadModule proxy_http2_module modules/mod_proxy_http2.so" > %{buildroot}%{
%{_httpd_moddir}/mod_proxy_http2.so %{_httpd_moddir}/mod_proxy_http2.so
%changelog %changelog
* Fri Jun 11 2021 Luboš Uhliarik <luhliari@redhat.com> - 1.15.19-1
- new version 1.15.19
- Resolves: #1968014 - CVE-2021-31618 httpd: NULL pointer dereference on
specially crafted HTTP/2 request
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.14-3 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.14-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (mod_http2-1.15.14.tar.gz) = 6108604714e900b2b982c5dfc27d6c878961e11b62a13b7b6259a823f89ea2fb2278db75ac87c76cca8ad16dafb2ac8aff32b42368b74a030285ab9905bf10e9 SHA512 (mod_http2-1.15.19.tar.gz) = 6b03dd027cbf6560cf58066ff1a1348462eb3daef6edc48e680a18007e4e987d348f5ddef90378c13453c642c80c88f7af388336b08d06d110795ba08548c093