[Buildroot] [PATCH 1/1] package/apache: security bump to version 2.4.23
Bernd Kuhls
bernd.kuhls at t-online.de
Thu Jul 7 05:08:00 UTC 2016
Fixes CVE-2016-4979:
TLS/SSL X.509 client certificate auth bypass with HTTP/2
http://httpd.apache.org/security/vulnerabilities_24.html
Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
---
package/apache/apache.hash | 4 ++--
package/apache/apache.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/apache/apache.hash b/package/apache/apache.hash
index 062a549..e4710b0 100644
--- a/package/apache/apache.hash
+++ b/package/apache/apache.hash
@@ -1,2 +1,2 @@
-# From http://www.apache.org/dist/httpd/httpd-2.4.20.tar.bz2.sha1
-sha1 cefe8ea4a3f81c7a08e36c80ebbd792c67ab361b httpd-2.4.20.tar.bz2
+# From http://www.apache.org/dist/httpd/httpd-2.4.23.tar.bz2.sha1
+sha1 5101be34ac4a509b245adb70a56690a84fcc4e7f httpd-2.4.23.tar.bz2
diff --git a/package/apache/apache.mk b/package/apache/apache.mk
index 6d9a324..e78545a 100644
--- a/package/apache/apache.mk
+++ b/package/apache/apache.mk
@@ -4,7 +4,7 @@
#
################################################################################
-APACHE_VERSION = 2.4.20
+APACHE_VERSION = 2.4.23
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = http://archive.apache.org/dist/httpd
APACHE_LICENSE = Apache-2.0
--
2.8.1
More information about the buildroot
mailing list