From 4a844a971af8d49ca848c8decd58c92bb7fb8d5c Mon Sep 17 00:00:00 2001 From: Alec Scott Date: Mon, 20 Feb 2023 07:35:16 -0800 Subject: httpd: add v2.4.55 and deprecate previous versions due to CVE-2022-31813 (#35571) --- var/spack/repos/builtin/packages/httpd/package.py | 27 +++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/var/spack/repos/builtin/packages/httpd/package.py b/var/spack/repos/builtin/packages/httpd/package.py index 432ce633f7..759d65647e 100644 --- a/var/spack/repos/builtin/packages/httpd/package.py +++ b/var/spack/repos/builtin/packages/httpd/package.py @@ -13,10 +13,29 @@ class Httpd(AutotoolsPackage): homepage = "https://httpd.apache.org/" url = "https://archive.apache.org/dist/httpd/httpd-2.4.43.tar.bz2" - version("2.4.43", sha256="a497652ab3fc81318cdc2a203090a999150d86461acff97c1065dc910fe10f43") - version("2.4.41", sha256="133d48298fe5315ae9366a0ec66282fa4040efa5d566174481077ade7d18ea40") - version("2.4.39", sha256="b4ca9d05773aa59b54d66cd8f4744b945289f084d3be17d7981d1783a5decfa2") - version("2.4.38", sha256="7dc65857a994c98370dc4334b260101a7a04be60e6e74a5c57a6dee1bc8f394a") + version("2.4.55", sha256="11d6ba19e36c0b93ca62e47e6ffc2d2f2884942694bce0f23f39c71bdc5f69ac") + + # https://nvd.nist.gov/vuln/detail/CVE-2022-31813 + version( + "2.4.43", + sha256="a497652ab3fc81318cdc2a203090a999150d86461acff97c1065dc910fe10f43", + deprecated=True, + ) + version( + "2.4.41", + sha256="133d48298fe5315ae9366a0ec66282fa4040efa5d566174481077ade7d18ea40", + deprecated=True, + ) + version( + "2.4.39", + sha256="b4ca9d05773aa59b54d66cd8f4744b945289f084d3be17d7981d1783a5decfa2", + deprecated=True, + ) + version( + "2.4.38", + sha256="7dc65857a994c98370dc4334b260101a7a04be60e6e74a5c57a6dee1bc8f394a", + deprecated=True, + ) depends_on("m4", type="build") depends_on("autoconf", type="build") -- cgit v1.2.3-60-g2f50