[Buildroot] [PATCH v1 1/2] package/apache: security bump to version 2.4.50
Peter Seiderer
ps.report at gmx.net
Tue Oct 5 19:09:27 UTC 2021
Fixes CVE-2021-41524 and CVE-2021-41773, for details see [1] and [2].
[1] https://downloads.apache.org/httpd/CHANGES_2.4.50
[2] https://httpd.apache.org/security/vulnerabilities_24.html
Signed-off-by: Peter Seiderer <ps.report at gmx.net>
---
package/apache/apache.hash | 6 +++---
package/apache/apache.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/apache/apache.hash b/package/apache/apache.hash
index 49efefebb9..abcb79f14d 100644
--- a/package/apache/apache.hash
+++ b/package/apache/apache.hash
@@ -1,5 +1,5 @@
-# From http://archive.apache.org/dist/httpd/httpd-2.4.49.tar.bz2.{sha256,sha512}
-sha256 65b965d6890ea90d9706595e4b7b9365b5060bec8ea723449480b4769974133b httpd-2.4.49.tar.bz2
-sha512 418e277232cf30a81d02b8554e31aaae6433bbea842bdb81e47a609469395cc4891183fb6ee02bd669edb2392c2007869b19da29f5998b8fd5c7d3142db310dd httpd-2.4.49.tar.bz2
+# From https://archive.apache.org/dist/httpd/httpd-2.4.50.tar.bz2.{sha256,sha512}
+sha256 6a2817c070c606682eb53ed963511407d3c3d7a379cdf855971467b00fb3890f httpd-2.4.50.tar.bz2
+sha512 b1afbaf44e503b822ff2b443881dcb44a93aa55d496f88ae399a2e7def05f78590f266a16da1f2c0aac88e463b76fba20843b1e20a102e76c8269de6fae3e158 httpd-2.4.50.tar.bz2
# Locally computed
sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE
diff --git a/package/apache/apache.mk b/package/apache/apache.mk
index ae2fb70535..e355ff71bf 100644
--- a/package/apache/apache.mk
+++ b/package/apache/apache.mk
@@ -4,7 +4,7 @@
#
################################################################################
-APACHE_VERSION = 2.4.49
+APACHE_VERSION = 2.4.50
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = http://archive.apache.org/dist/httpd
APACHE_LICENSE = Apache-2.0
--
2.33.0
More information about the buildroot
mailing list