From d42a4048ef24e0f358b61b68bc7baf13fbb88f59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= Date: Thu, 11 Jul 2024 15:28:24 +0200 Subject: [PATCH] new version 2.0.29 Resolves: RHEL-45807 - mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387) --- .gitignore | 1 + mod_http2.spec | 9 +++++++-- sources | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index b643127..ee73dd0 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ /mod_http2-2.0.22.tar.gz /mod_http2-2.0.25.tar.gz /mod_http2-2.0.26.tar.gz +/mod_http2-2.0.29.tar.gz diff --git a/mod_http2.spec b/mod_http2.spec index 0e619ba..937c010 100644 --- a/mod_http2.spec +++ b/mod_http2.spec @@ -2,8 +2,8 @@ %{!?_httpd_mmn: %global _httpd_mmn %(cat %{_includedir}/httpd/.mmn 2>/dev/null || echo 0-0)} Name: mod_http2 -Version: 2.0.26 -Release: 4%{?dist} +Version: 2.0.29 +Release: 1%{?dist} Summary: module implementing HTTP/2 for Apache 2 License: Apache-2.0 URL: https://icing.github.io/mod_h2/ @@ -47,6 +47,11 @@ echo "LoadModule proxy_http2_module modules/mod_proxy_http2.so" > %{buildroot}%{ %{_httpd_moddir}/mod_proxy_http2.so %changelog +* Thu Jul 11 2024 Luboš Uhliarik - 2.0.29-1 +- new version 2.0.29 +- Resolves: RHEL-45807 - mod_http2: DoS by null pointer in websocket over + HTTP/2 (CVE-2024-36387) + * Mon Jun 24 2024 Troy Dawson - 2.0.26-4 - Bump release for June 2024 mass rebuild diff --git a/sources b/sources index b717e24..7565ecb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (mod_http2-2.0.26.tar.gz) = 2851bbfd2c067faf24c8194ba72d59e154684788a5f01854b2d8f3faf29b7b7beba750ac0fd81db943f391147f5f36dd144a988aed23b0ece15e6628e82469f4 +SHA512 (mod_http2-2.0.29.tar.gz) = 2922976e1aa8e7a580c00de9ecdbda16f42e0d73b1a0c4118b0894bd0a7fd46b3849b93fa759b586f32e020471b1942d8c4c97a61e6207153aacf11e1f5f0831