summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2019-08-13 18:05:17 -0500
committerMax Rees <maxcrees@me.com>2019-08-15 12:56:34 -0500
commit7d407425e996860cd0bca696916472fb53b70b8d (patch)
treea732c420f82857f4e094cdeb510ea6d8dc72bfcf
parent56a9ddf50ffb6d436281d7add6090b82dfac4c98 (diff)
downloadpackages-7d407425e996860cd0bca696916472fb53b70b8d.tar.gz
packages-7d407425e996860cd0bca696916472fb53b70b8d.tar.bz2
packages-7d407425e996860cd0bca696916472fb53b70b8d.tar.xz
packages-7d407425e996860cd0bca696916472fb53b70b8d.zip
user/apache-httpd: [CVE] bump to 2.4.41
-rw-r--r--user/apache-httpd/APKBUILD43
1 files changed, 25 insertions, 18 deletions
diff --git a/user/apache-httpd/APKBUILD b/user/apache-httpd/APKBUILD
index fe6dd6672..fddd11a12 100644
--- a/user/apache-httpd/APKBUILD
+++ b/user/apache-httpd/APKBUILD
@@ -2,8 +2,8 @@
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=apache-httpd
_pkgreal=httpd
-pkgver=2.4.39
-pkgrel=2
+pkgver=2.4.41
+pkgrel=0
pkgdesc="Open-source HTTP server"
url="https://httpd.apache.org"
arch="all"
@@ -11,7 +11,7 @@ license="Apache-2.0"
depends=""
install="$pkgname.pre-install $pkgname.pre-upgrade"
makedepends="apr-dev apr-util-dev autoconf automake libxml2-dev nghttp2-dev
- openssl-dev pcre-dev sed zlib-dev"
+ openssl-dev pcre-dev sed zlib-dev cmd:which"
pkgusers="apache"
pkggroups="apache"
subpackages="$pkgname-dev
@@ -21,7 +21,7 @@ subpackages="$pkgname-dev
$pkgname-ldap
$pkgname-openrc"
provides="apache2 apache2-ssl"
-source="http://archive.apache.org/dist/$_pkgreal/$_pkgreal-$pkgver.tar.bz2
+source="$pkgname-$pkgver.tar.gz::https://github.com/apache/httpd/archive/$pkgver.tar.gz
adelie.layout
apache-httpd.confd
apache-httpd.initd
@@ -36,25 +36,33 @@ source="http://archive.apache.org/dist/$_pkgreal/$_pkgreal-$pkgver.tar.bz2
builddir="$srcdir/$_pkgreal-$pkgver"
options="suid !check"
-# 2.4.30: (unreleased)
-# - CVE-2017-15710
-# - CVE-2018-1283
-# - CVE-2018-1303
-# - CVE-2018-1301
-# - CVE-2017-15715
-# - CVE-2018-1312
-# - CVE-2018-1302
-# 2.4.34:
-# - CVE-2018-8011
-# - CVE-2018-1333
+# secfixes: http_server
+# 2.4.34-r0:
+# - CVE-2017-15710
+# - CVE-2017-15715
+# - CVE-2018-1283
+# - CVE-2018-1301
+# - CVE-2018-1302
+# - CVE-2018-1303
+# - CVE-2018-1312
+# - CVE-2018-1333
+# - CVE-2018-8011
+# 2.4.41-r0:
+# - CVE-2019-9517
+# - CVE-2019-10081
+# - CVE-2019-10082
+# - CVE-2019-10092
+# - CVE-2019-10097
+# - CVE-2019-10098
prepare() {
default_prepare
cat "$srcdir"/adelie.layout >> "$builddir"/config.layout
+ ./buildconf \
+ --with-apr=apr-1-config
}
build() {
- cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -77,7 +85,6 @@ build() {
}
package() {
- cd "$builddir"
make DESTDIR="$pkgdir" -j1 install
# apache-provided configuration is awful
@@ -135,7 +142,7 @@ ldap() {
"$subpkgdir"/usr/libexec/apache2
}
-sha512sums="9742202040b3dc6344b301540f54b2d3f8e36898410d24206a7f8dcecb1bea7d7230fabc7256752724558af249facf64bffe2cf678b8f7cccb64076737abfda7 httpd-2.4.39.tar.bz2
+sha512sums="447310a625c0aaff10777c70d178853536c010a376b7e27a137461e5b83e438bc0548b90f47c21f1d047f685d082db84920bc6b1365f6e1f16698ba059df927a apache-httpd-2.4.41.tar.gz
c8bc2bb06ae51b0956e0ee673e80c444551c9b33dfcbb845106477c46d9e52786a8896022e1f00102264fecdf66e35e47fc6cf0abe9836fa536735cff4e6adf4 adelie.layout
336e81fa0d08f8fbe6243d52bd59b12cf2e925deb49b29d7a22953c5d40a951b6b753f51e5a396752cb0bbaf1cf25b1358902f375fb65639d00e62db7ae55ff2 apache-httpd.confd
5762d53f39ce7ecd730e05ddf6c063ede65cd75b9e7d67217784c80366646491ef9474306e8eb119c8fb5b4358407b07636a4e9cd82325d8df4e3e00dabc3459 apache-httpd.initd