mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-15 16:07:26 +00:00
apache: add fix for CVE-2014-0117 Security Advisory
The patch comes from upstream: http://svn.apache.org/viewvc?view=revision&revision=1610674 SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse proxy configuration, a remote attacker could send a carefully crafted request which could crash a server process, resulting in denial of service. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this issue. Submitted by: Edward Lu, breser, covener Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com>
This commit is contained in:
@@ -19,7 +19,9 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \
|
||||
file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
|
||||
file://init \
|
||||
file://apache2-volatile.conf \
|
||||
file://apache2.service"
|
||||
file://apache2.service \
|
||||
file://apache-CVE-2014-0117.patch \
|
||||
"
|
||||
|
||||
LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83"
|
||||
SRC_URI[md5sum] = "44543dff14a4ebc1e9e2d86780507156"
|
||||
|
||||
Reference in New Issue
Block a user