From a914d94a9964e222a536034a9d796fe0d3c85d92 Mon Sep 17 00:00:00 2001 From: chengyechun Date: Thu, 9 Mar 2023 21:11:42 +0800 Subject: [PATCH] sync upstream patch --- ...ock-database-read-only-when-possible.patch | 39 +++++++++++++++++++ httpd.spec | 9 ++++- 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 backport-open-the-lock-database-read-only-when-possible.patch diff --git a/backport-open-the-lock-database-read-only-when-possible.patch b/backport-open-the-lock-database-read-only-when-possible.patch new file mode 100644 index 0000000..605052b --- /dev/null +++ b/backport-open-the-lock-database-read-only-when-possible.patch @@ -0,0 +1,39 @@ +From ddfd4663dcd327963124b03567dbd1f0880d67f4 Mon Sep 17 00:00:00 2001 +From: covener +Date: Wed, 30 Nov 2022 2:24:32 AM GMT+0800 +Subject: [PATCH] mod_dav:open the lock database read only when possible + +Conflict:NA +Reference:https://github.com/apache/httpd/commit/ddfd4663dcd327963124b03567dbd1f0880d67f4 + +--- + modules/dav/main/mod_dav.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c +index 2cbfc06..76d9a51 100644 +--- a/modules/dav/main/mod_dav.c ++++ b/modules/dav/main/mod_dav.c +@@ -1405,8 +1405,7 @@ static dav_error *dav_gen_supported_live_props(request_rec *r, + dav_error *err; + + /* open lock database, to report on supported lock properties */ +- /* ### should open read-only */ +- if ((err = dav_open_lockdb(r, 0, &lockdb)) != NULL) { ++ if ((err = dav_open_lockdb(r, 1, &lockdb)) != NULL) { + return dav_push_error(r->pool, err->status, 0, + "The lock database could not be opened, " + "preventing the reporting of supported lock " +@@ -2171,8 +2170,7 @@ static int dav_method_propfind(request_rec *r) + apr_pool_create(&ctx.scratchpool, r->pool); + apr_pool_tag(ctx.scratchpool, "mod_dav-scratch"); + +- /* ### should open read-only */ +- if ((err = dav_open_lockdb(r, 0, &ctx.w.lockdb)) != NULL) { ++ if ((err = dav_open_lockdb(r, 1, &ctx.w.lockdb)) != NULL) { + err = dav_push_error(r->pool, err->status, 0, + "The lock database could not be opened, " + "preventing access to the various lock " +-- +2.27.0 + diff --git a/httpd.spec b/httpd.spec index 93b3aac..f1082e6 100644 --- a/httpd.spec +++ b/httpd.spec @@ -8,7 +8,7 @@ Name: httpd Summary: Apache HTTP Server Version: 2.4.51 -Release: 13 +Release: 14 License: ASL 2.0 URL: https://httpd.apache.org/ Source0: https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2 @@ -97,6 +97,7 @@ Patch43: backport-mod_md-do-not-interfere-with-requests-to-well-known-a Patch44: backport-CVE-2022-36760.patch Patch45: backport-CVE-2006-20001.patch Patch46: backport-CVE-2022-37436.patch +Patch47: backport-open-the-lock-database-read-only-when-possible.patch BuildRequires: gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel BuildRequires: zlib-devel libselinux-devel lua-devel brotli-devel @@ -529,6 +530,12 @@ exit $rv %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Thu Mar 9 2023 chengyechun - 2.4.51-14 +- Type:bugfix +- ID:NA +- SUG:restart +- DESC:mod_dav:open the lock database read-only when possible + * Thu Feb 2 2023 seuzw <930zhaowei@163.com> - 2.4.51-13 - Type:cves - ID:CVE-2022-36760,CVE-2006-20001,CVE-2022-37436 -- Gitee