diff --git a/backport-fix-memory-leak-in-calc_sha256_hash.patch b/backport-fix-memory-leak-in-calc_sha256_hash.patch new file mode 100644 index 0000000000000000000000000000000000000000..e16fc2a2540655dd2f3a75603ad672eeaef38a91 --- /dev/null +++ b/backport-fix-memory-leak-in-calc_sha256_hash.patch @@ -0,0 +1,27 @@ +From ff558f52f528dd21eb0a77de74d828e1459cdd62 Mon Sep 17 00:00:00 2001 +From: Joe Orton +Date: Fri, 7 Jul 2023 08:04:38 PM GMT+0800 +Subject: [PATCH] fix memory leak in calc_sha256_hash + +Conflict:NA +Reference:https://github.com/apache/httpd/commmit/ff558f52f528dd21eb0a77de74d828e1459cdd62 + +--- + modules/http2/h2_push.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/modules/http2/h2_push.c b/modules/http2/h2_push.c +index 462c470..dd0928b 100644 +--- a/modules/http2/h2_push.c ++++ b/modules/http2/h2_push.c +@@ -502,6 +502,7 @@ static void calc_sha256_hash(h2_push_diary *diary, apr_uint64_t *phash, h2_push + sha256_update(md, push->req->authority); + sha256_update(md, push->req->path); + EVP_DigestFinal(md, hash, &len); ++ EVP_MD_CTX_destroy(md); + + val = 0; + for (i = 0; i != len; ++i) +-- +2.23.0 + diff --git a/httpd.spec b/httpd.spec index f7d9b1adda308375e85b638c2532e400ef155986..6c2e56bff85aad7839704bf2c8e74ea1b0a07104 100644 --- a/httpd.spec +++ b/httpd.spec @@ -8,7 +8,7 @@ Name: httpd Summary: Apache HTTP Server Version: 2.4.51 -Release: 17 +Release: 18 License: ASL 2.0 URL: https://httpd.apache.org/ Source0: https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2 @@ -108,6 +108,7 @@ Patch54: backport-Fix-double-encoding-of-the-uri-path-of-the-request.pa Patch55: backport-do-not-match-the-extention-against-possible-query-string.patch Patch56: backport-Do-not-double-encode-encoded-slashes.patch Patch57: backport-Check-before-forwarding-that-a-nocanon-path-has-not-been-rewritten.patch +Patch58: backport-fix-memory-leak-in-calc_sha256_hash.patch BuildRequires: gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel BuildRequires: zlib-devel libselinux-devel lua-devel brotli-devel @@ -544,6 +545,12 @@ exit $rv %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Mon Aug 14 2023 chengyechun - 2.4.51-18 +- Type:bugfix +- ID:NA +- SUG:NA +- DESCfix memory leak in calc_sha256_hash + * Sun Jun 25 2023 zhanghao - 2.4.51-17 - Type:bugfix - ID: