From: Arne Fitzenreiter Date: Sun, 30 Sep 2012 20:34:41 +0000 (+0200) Subject: apache: update to 2.2.23. X-Git-Tag: v2.11-core63~1^2~2 X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=102d54873b6089cf6ff40d55dcd8e620f426c4a3 apache: update to 2.2.23. Fixed in Apache httpd 2.2.23 low: XSS in mod_negotiation when untrusted uploads are supported CVE-2012-2687 Note: This issue is also known as CVE-2008-0455. low: insecure LD_LIBRARY_PATH handling CVE-2012-0883 http://httpd.apache.org/security/vulnerabilities_22.html --- diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2 index 01e9bbe4c0..802ddcb72a 100644 --- a/config/rootfiles/common/apache2 +++ b/config/rootfiles/common/apache2 @@ -439,6 +439,7 @@ etc/httpd/conf/mime.types #srv/web/ipfire/manual/images/mod_rewrite_fig2.gif #srv/web/ipfire/manual/images/mod_rewrite_fig2.png #srv/web/ipfire/manual/images/pixel.gif +#srv/web/ipfire/manual/images/rewrite_backreferences.png #srv/web/ipfire/manual/images/rewrite_rule_flow.png #srv/web/ipfire/manual/images/right.gif #srv/web/ipfire/manual/images/ssl_intro_fig1.gif @@ -1051,6 +1052,7 @@ etc/httpd/conf/mime.types #srv/web/ipfire/manual/style/css/manual-zip-100pc.css #srv/web/ipfire/manual/style/css/manual-zip.css #srv/web/ipfire/manual/style/css/manual.css +#srv/web/ipfire/manual/style/css/prettify.css #srv/web/ipfire/manual/style/faq.dtd #srv/web/ipfire/manual/style/lang #srv/web/ipfire/manual/style/lang.dtd @@ -1058,6 +1060,8 @@ etc/httpd/conf/mime.types #srv/web/ipfire/manual/style/latex/atbeginend.sty #srv/web/ipfire/manual/style/manualpage.dtd #srv/web/ipfire/manual/style/modulesynopsis.dtd +#srv/web/ipfire/manual/style/scripts +#srv/web/ipfire/manual/style/scripts/prettify.js #srv/web/ipfire/manual/style/sitemap.dtd #srv/web/ipfire/manual/style/version.ent #srv/web/ipfire/manual/style/xsl @@ -1326,7 +1330,7 @@ usr/lib/apr-util-1/apr_dbd_sqlite3.so #usr/lib/libapr-1.la usr/lib/libapr-1.so usr/lib/libapr-1.so.0 -usr/lib/libapr-1.so.0.4.5 +usr/lib/libapr-1.so.0.4.6 #usr/lib/libaprutil-1.a #usr/lib/libaprutil-1.la usr/lib/libaprutil-1.so @@ -1349,17 +1353,17 @@ usr/sbin/httpd #usr/sbin/httxt2dbm #usr/sbin/logresolve #usr/sbin/rotatelogs -#usr/share/man/man1/ab.1 -#usr/share/man/man1/apxs.1 #usr/share/man/man1/dbmmanage.1 #usr/share/man/man1/htdbm.1 #usr/share/man/man1/htdigest.1 #usr/share/man/man1/htpasswd.1 #usr/share/man/man1/httxt2dbm.1 -#usr/share/man/man1/logresolve.1 +#usr/share/man/man8/ab.8 #usr/share/man/man8/apachectl.8 +#usr/share/man/man8/apxs.8 #usr/share/man/man8/htcacheclean.8 #usr/share/man/man8/httpd.8 +#usr/share/man/man8/logresolve.8 #usr/share/man/man8/rotatelogs.8 #usr/share/man/man8/suexec.8 var/log/httpd diff --git a/config/rootfiles/core/63/filelists/apache2 b/config/rootfiles/core/63/filelists/apache2 new file mode 120000 index 0000000000..eef95efa72 --- /dev/null +++ b/config/rootfiles/core/63/filelists/apache2 @@ -0,0 +1 @@ +../../../common/apache2 \ No newline at end of file diff --git a/config/rootfiles/core/63/update.sh b/config/rootfiles/core/63/update.sh index 9b3fec5c98..f0764aebd3 100644 --- a/config/rootfiles/core/63/update.sh +++ b/config/rootfiles/core/63/update.sh @@ -26,7 +26,7 @@ # # Remove old core updates from pakfire cache to save space... -core=62 +core=63 for (( i=1; i<=$core; i++ )) do rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire @@ -37,6 +37,7 @@ rm -f /etc/dhcpd.conf # #Stop services +/etc/init.d/apache stop # #Extract files @@ -44,6 +45,7 @@ extract_files # #Start services +/etc/init.d/apache start # #Update Language cache diff --git a/lfs/apache2 b/lfs/apache2 index bcc9155aee..c3d9156029 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,7 +25,7 @@ include Config -VER = 2.2.22 +VER = 2.2.23 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -47,7 +47,7 @@ objects = $(DL_FILE) \ $(DL_FILE) = $(DL_FROM)/$(DL_FILE) httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch -$(DL_FILE)_MD5 = 9fe3093194c8a57f085ff7c3fc43715f +$(DL_FILE)_MD5 = ca133de0e4b4b15316990a97186b9993 httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822 install : $(TARGET) @@ -133,10 +133,9 @@ else cd $(DIR_APP) && make install chown -v root:root /usr/lib/apache/httpd.exp \ /usr/sbin/{apxs,apachectl,dbmmanage,envvars{,-std}} \ - /usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm}}.1 \ - /usr/share/man/man1/logresolve.1 \ - /usr/share/man/man8/{apachectl,htcacheclean,httpd}.8 \ - /usr/share/man/man8/{rotatelogs,suexec}.8 + /usr/share/man/man1/{dbmmanage,ht{dbm,digest,passwd,txt2dbm}}.1 \ + /usr/share/man/man8/{ab,apachectl,apxs,htcacheclean,httpd}.8 \ + /usr/share/man/man8/{logresolve,rotatelogs,suexec}.8 @rm -rf $(DIR_APP) endif @$(POSTBUILD)