apache2: Upgrade v2.4.58 -> v2.4.59

This upgrade incorporates the fixes for CVE-2024-27316, CVE-2024-24795,CVE-2023-38709 and other bugfixes. Adjusted 0004-apache2-log-the-SELinux-context-at-startup.patch and 0007-apache2-allow-to-disable-selinux-support.patch to align with upgraded version. Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.59 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-01-01 13:58:06 +00:00 · 2024-04-19 13:22:31 +00:00 · 2024-04-19 13:22:31 +00:00 · c341cdb58c
commit c341cdb58c
parent 5f2f51409e
3 changed files with 15 additions and 14 deletions
--- a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
@ -8,17 +8,16 @@ Log the SELinux context at startup.
 Upstream-Status: Inappropriate [other]

 Note: unlikely to be any interest in this upstream
-
 ---
 configure.in  |  5 +++++
 server/core.c | 26 ++++++++++++++++++++++++++
 2 files changed, 31 insertions(+)

 diff --git a/configure.in b/configure.in
-index ea6cec3..92b74b7 100644
+index 352711a..f58620f 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -491,6 +491,11 @@ getloadavg
+@@ -514,6 +514,11 @@ gettid
 dnl confirm that a void pointer is large enough to store a long integer
 APACHE_CHECK_VOID_PTR_LEN
 
@ -27,11 +26,11 @@ index ea6cec3..92b74b7 100644
 +   APR_ADDTO(AP_LIBS, [-lselinux])
 +])
 +
- AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
- [AC_TRY_RUN(#define _GNU_SOURCE
- #include <unistd.h>
+ if test $ac_cv_func_gettid = no; then
+   # On Linux before glibc 2.30, gettid() is only usable via syscall()
+   AC_CACHE_CHECK([for gettid() via syscall], ap_cv_gettid,
 diff --git a/server/core.c b/server/core.c
-index 4da7209..d3ca25b 100644
+index 30b317e..81f145f 100644
 --- a/server/core.c
 +++ b/server/core.c
@@ -65,6 +65,10 @@
@ -45,7 +44,7 @@ index 4da7209..d3ca25b 100644
 /* LimitRequestBody handling */
 #define AP_LIMIT_REQ_BODY_UNSET         ((apr_off_t) -1)
 #define AP_DEFAULT_LIMIT_REQ_BODY       ((apr_off_t) 1<<30) /* 1GB */
-@@ -5126,6 +5130,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
+@@ -5139,6 +5143,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
     }
 #endif
 
@ -74,3 +73,5 @@ index 4da7209..d3ca25b 100644
     return OK;
 }
 
+--
+2.40.0
--- a/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch
@ -11,10 +11,10 @@ Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
 1 file changed, 10 insertions(+), 4 deletions(-)

 diff --git a/configure.in b/configure.in
-index 76811e7..4df3ff3 100644
+index f58620f..b5971b7 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -491,10 +491,16 @@ getloadavg
+@@ -514,10 +514,16 @@ gettid
 dnl confirm that a void pointer is large enough to store a long integer
 APACHE_CHECK_VOID_PTR_LEN
 
@ -33,8 +33,8 @@ index 76811e7..4df3ff3 100644
 +    ])
 +fi
 
- AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
- [AC_TRY_RUN(#define _GNU_SOURCE
+ if test $ac_cv_func_gettid = no; then
+   # On Linux before glibc 2.30, gettid() is only usable via syscall()
 -- 
-2.25.1
+2.40.0

--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
@ -27,7 +27,7 @@ SRC_URI:append:class-target = " \
           "

 LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5"
+SRC_URI[sha256sum] = "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323"

 S = "${WORKDIR}/httpd-${PV}"