mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 16:27:27 +00:00
apache2: Fix CVE-2018-11763
mod_http2: connection IO event handling reworked. Instead of reacting on incoming bytes, the state machine now acts on incoming frames that are affecting it. This reduces state transitions. Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
@@ -16,6 +16,7 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
|
||||
file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \
|
||||
file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
|
||||
file://configure-allow-to-disable-selinux-support.patch \
|
||||
file://CVE-2018-11763.patch \
|
||||
file://init \
|
||||
file://apache2-volatile.conf \
|
||||
file://apache2.service \
|
||||
|
||||
Reference in New Issue
Block a user