aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-httpd/apache2/apache2
AgeCommit message (Collapse)Author
2017-03-16recipes: delete obsolete patchesOleksandr Kravchuk
Deleted bunch of patches which are not used anymore by any recipe. Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2016-12-26apache2: update to version 2.4.25Derek Straka
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2016-11-23apache2: cve-2016-5387Joe Slater
Handle HTTP_PROXY envirnoment variable. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2016-01-04apache2: Upgrade 2.4.16 -> 2.4.18fan.xin
1. Upgrade apache2 from 2.4.16 to 2.4.18 The changes in 2.4.18 is shown in following URL. http://ftp.meisei-u.ac.jp/mirror/apache/dist//httpd/CHANGES_2.4.18 2. Delete patch file npn-patch-2.4.7.patch due to this patch file can not be applied to the apache2 2.4.18's source code. The NPN support was removed with r1676004. NPN is now quite unlikely to find its way into a stable release. https://bz.apache.org/bugzilla/show_bug.cgi?id=52210 Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-08-24apache: upgrade to 2.4.16Roy Li
2.4.16 includes fixes for CVE-2015-3185, CVE-2015-0253 and CVE-2015-3183 remove a backport patch 0001-SECURITY-CVE-2015-0228-cve.mitre.org.patch Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-05-13apache2: upgrade to 2.4.12Roy Li
Remove apache-CVE-2014-0117.patch which apache2 2.4.12 has it Update the apache-ssl-ltmain-rpath.patch Backport the patch to fix CVE-2015-0228 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-10-31apache: add fix for CVE-2014-0117 Security AdvisoryKang Kai
The patch comes from upstream: http://svn.apache.org/viewvc?view=revision&revision=1610674 SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse proxy configuration, a remote attacker could send a carefully crafted request which could crash a server process, resulting in denial of service. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this issue. Submitted by: Edward Lu, breser, covener Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com>
2014-08-10apache2: do not patch generated filePaul Eggleton
We already patch configure.ac and we're not bypassing autoreconf, so we don't need to patch configure as well. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-03-06apache2: update to 2.4.7Paul Eggleton
* LIC_FILES_CHKSUM changed because of the introduction of an extra blank line in the LICENSE file (!) * Refreshed TLS Next Protocol Negotiation support patch for conflict with 2.4.7. Thanks to Hongxu Jia for doing this work. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-27 21:58:09 +0000