From: Peter Seiderer <ps.report@gmx.net>
To: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 1/1] package/apache: security bump version to 2.4.53
Date: Mon, 14 Mar 2022 21:28:25 +0100 [thread overview]
Message-ID: <20220314212825.72645f04@gmx.net> (raw)
In-Reply-To: <20220314184353.2639955-1-bernd.kuhls@t-online.de>
Hello Bernd,
On Mon, 14 Mar 2022 19:43:53 +0100, Bernd Kuhls <bernd.kuhls@t-online.de> wrote:
> Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.53
>
> Fixes CVE-2022-22719, CVE-2022-22720, CVE-2022-22721 & CVE-2022-23943.
From the Changelog:
*) Support pcre2 (10.x) library in place of the now end-of-life pcre (8.x)
for regular expression evaluation. This depends on locating pcre2-config.
[William Rowe, Petr Pisar <ppisar redhat.com>, Rainer Jung]
Time to switch from pcre dependency to pcre2?
Regards,
Peter
>
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ---
> package/apache/apache.hash | 6 +++---
> package/apache/apache.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/apache/apache.hash b/package/apache/apache.hash
> index 014d920772..11dcdefe46 100644
> --- a/package/apache/apache.hash
> +++ b/package/apache/apache.hash
> @@ -1,5 +1,5 @@
> -# From https://downloads.apache.org/httpd/httpd-2.4.52.tar.bz2.{sha256,sha512}
> -sha256 0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9 httpd-2.4.52.tar.bz2
> -sha512 97c021c576022a9d32f4a390f62e07b5f550973aef2f299fd52defce1a9fa5d27bd4a676e7bf214373ba46063d34aecce42de62fdd93678a4e925cfcbb2afdf6 httpd-2.4.52.tar.bz2
> +# From https://downloads.apache.org/httpd/httpd-2.4.53.tar.bz2.{sha256,sha512}
> +sha256 d0bbd1121a57b5f2a6ff92d7b96f8050c5a45d3f14db118f64979d525858db63 httpd-2.4.53.tar.bz2
> +sha512 07ef59594251a30a864cc9cc9a58ab788c2d006cef85b728f29533243927c63cb063e0867f2a306f37324c3adb9cf7dcb2402f3516b05c2c6f32469d475dd756 httpd-2.4.53.tar.bz2
> # Locally computed
> sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE
> diff --git a/package/apache/apache.mk b/package/apache/apache.mk
> index b280d4dc3a..d3857d00ad 100644
> --- a/package/apache/apache.mk
> +++ b/package/apache/apache.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -APACHE_VERSION = 2.4.52
> +APACHE_VERSION = 2.4.53
> APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
> APACHE_SITE = https://downloads.apache.org/httpd
> APACHE_LICENSE = Apache-2.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2022-03-14 20:28 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-14 18:43 [Buildroot] [PATCH 1/1] package/apache: security bump version to 2.4.53 Bernd Kuhls
2022-03-14 20:28 ` Peter Seiderer [this message]
2022-03-23 21:47 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220314212825.72645f04@gmx.net \
--to=ps.report@gmx.net \
--cc=bernd.kuhls@t-online.de \
--cc=buildroot@buildroot.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.