From: Siddharth Doshi <sdo...@mvista.com> CVE's Fixed by upgrade: CVE-2024-36387 apache2/httpd: DoS by null pointer in websocket over HTTP/2 CVE-2024-38472 apache2/httpd: UNC SSRF on WIndows CVE-2024-38473 apache2/httpd: Encoding problem in mod_proxy CVE-2024-38474 apache2/httpd: Substitution encoding issue in mod_rewrite CVE-2024-38475 apache2/httpd: Improper escaping of output in mod_rewrite CVE-2024-38476 apache2/httpd: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect CVE-2024-38477 apache2/httpd: null pointer dereference in mod_proxy CVE-2024-39573 apache2/httpd: Potential SSRF in mod_rewrite
Other Changes between 2.4.59 -> 2.4.60 ====================================== https://github.com/apache/httpd/blob/2.4.60/CHANGES Signed-off-by: Siddharth Doshi <sdo...@mvista.com> --- .../apache2/{apache2_2.4.59.bb => apache2_2.4.60.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.59.bb => apache2_2.4.60.bb} (99%) diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.60.bb similarity index 99% rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.60.bb index 6dfecef8d..48bb773dd 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.60.bb @@ -27,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323" +SRC_URI[sha256sum] = "7b1ec7ec5635da7cb01550513215a90f8b2f52bb7c90cf3e97ede936d3e55b0f" S = "${WORKDIR}/httpd-${PV}" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#111214): https://lists.openembedded.org/g/openembedded-devel/message/111214 Mute This Topic: https://lists.openembedded.org/mt/107004951/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-