mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
apache2: Fix CVE-2018-11763
mod_http2: connection IO event handling reworked. Instead of reacting on incoming bytes, the state machine now acts on incoming frames that are affecting it. This reduces state transitions. Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
@@ -10,6 +10,7 @@ inherit autotools pkgconfig native
|
||||
|
||||
SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
|
||||
file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
|
||||
file://CVE-2018-11763.patch \
|
||||
"
|
||||
|
||||
S = "${WORKDIR}/httpd-${PV}"
|
||||
|
||||
Reference in New Issue
Block a user