diff --git a/httpd-2.4.43-socket-activation.patch b/httpd-2.4.43-socket-activation.patch index 511f4768c2b77b08ec2f2bbb702ff5749bbc00f2..bd2b423ffa3261e06bc332d6c6e7a1a57c1246dd 100644 --- a/httpd-2.4.43-socket-activation.patch +++ b/httpd-2.4.43-socket-activation.patch @@ -223,7 +223,7 @@ index 5242c2a..e2e028a 100644 + static const char *alloc_listener(process_rec *process, const char *addr, apr_port_t port, const char* proto, - void *slave) + const char *scope_id, void *slave, @@ -495,7 +621,7 @@ static int open_listeners(apr_pool_t *pool) } } @@ -295,6 +295,6 @@ index 5242c2a..e2e028a 100644 + } +#endif + - return alloc_listener(cmd->server->process, host, port, proto, NULL); + return alloc_listener(cmd->server->process, host, port, proto, + scope_id, NULL, cmd->temp_pool); } - diff --git a/httpd-2.4.54-selinux.patch b/httpd-2.4.54-selinux.patch index 3868b3bdd2532307cc685cfe366f4636f28c44bc..dd352fe49dab8e48a175fe73dd71b83a7d20a27d 100644 --- a/httpd-2.4.54-selinux.patch +++ b/httpd-2.4.54-selinux.patch @@ -11,9 +11,9 @@ index 74015ca..8c0ee10 100644 + APR_ADDTO(HTTPD_LIBS, [-lselinux]) +]) + - AC_CACHE_CHECK([for gettid()], ac_cv_gettid, - [AC_TRY_RUN(#define _GNU_SOURCE - #include + if test $ac_cv_func_gettid = no; then + # On Linux before glibc 2.30, gettid() is only usable via syscall() + AC_CACHE_CHECK([for gettid() via syscall], ap_cv_gettid, diff --git a/server/core.c b/server/core.c index a6fa2fb..cf4cba4 100644 --- a/server/core.c diff --git a/httpd-2.4.58.tar.bz2 b/httpd-2.4.62.tar.bz2 similarity index 49% rename from httpd-2.4.58.tar.bz2 rename to httpd-2.4.62.tar.bz2 index 9e972b50a056a43dcea3e28e4811a510134ae331..fa3f2c8eae9c4fb2bb5ecc2568dadce757a509f3 100644 Binary files a/httpd-2.4.58.tar.bz2 and b/httpd-2.4.62.tar.bz2 differ diff --git a/httpd.spec b/httpd.spec index 28e239bcc732315223f239b2dd430ee0b51d7e97..d5b0f5ab3925b1601adf4989f7a4e1b30e7a9000 100644 --- a/httpd.spec +++ b/httpd.spec @@ -1,4 +1,4 @@ -%define anolis_release 3 +%define anolis_release 1 %define contentdir %{_datadir}/%{name} %define docroot /var/www %define suexec_caller apache @@ -14,7 +14,7 @@ Summary: Apache HTTP Server Name: httpd -Version: 2.4.58 +Version: 2.4.62 Release: %{anolis_release}%{?dist} License: ASL 2.0 URL: https://httpd.apache.org/ @@ -70,29 +70,29 @@ Patch0005: httpd-2.4.43-mod_systemd.patch Patch0006: httpd-2.4.53-export.patch Patch0007: httpd-2.4.43-corelimit.patch Patch0008: httpd-2.4.54-selinux.patch -Patch0009: httpd-2.4.43-gettid.patch +#Patch0009: httpd-2.4.43-gettid.patch Patch0010: httpd-2.4.54-icons.patch Patch0011: httpd-2.4.43-cachehardmax.patch Patch0012: httpd-2.4.43-socket-activation.patch Patch0013: httpd-2.4.43-sslciphdefault.patch Patch0014: httpd-2.4.43-sslprotdefault.patch -Patch0015: httpd-2.4.43-r1861793+.patch -Patch0016: httpd-2.4.48-r1828172+.patch +#Patch0015: httpd-2.4.43-r1861793+.patch +#Patch0016: httpd-2.4.48-r1828172+.patch Patch0017: httpd-2.4.43-logjournal.patch Patch0018: httpd-2.4.53-separate-systemd-fns.patch Patch0019: httpd-2.4.43-enable-sslv3.patch -Patch0021: httpd-2.4.46-htcacheclean-dont-break.patch -Patch0022: httpd-2.4.51-r1894152.patch +#Patch0021: httpd-2.4.46-htcacheclean-dont-break.patch +#Patch0022: httpd-2.4.51-r1894152.patch # modify for anolis Patch1000: 1000-httpd-anolis-rebrand.patch #https://github.com/apache/httpd/commit/1feb5e04a4f7b5f3f13cd40f9635144319dcf24a -Patch1001: fix-cve-2024-38475.patch +#Patch1001: fix-cve-2024-38475.patch #https://github.com/apache/httpd/commit/12542a80324b69ad6a1a489e1b697398551a5fe0 -Patch1002: fix-cve-2024-38472.patch +#Patch1002: fix-cve-2024-38472.patch #https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388 -Patch1003: fix-cve-2024-39573.patch +#Patch1003: fix-cve-2024-39573.patch BuildRequires: gcc > 12.0 BuildRequires: autoconf @@ -765,6 +765,9 @@ exit $rv %changelog +* Mon Nov 25 2024 yangxinyu - 2.4.62-1 +- new version 2.4.62 + * Fri Aug 02 2024 yangxinyu - 2.4.58-3 - fix-cve-2024-38475/38472/39573