[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#51050] [PATCH] gnu: Apache httpd: Update to 2.4.50 [Fixes CVE-2021-
|
From: |
Leo Famulari |
|
Subject: |
[bug#51050] [PATCH] gnu: Apache httpd: Update to 2.4.50 [Fixes CVE-2021-{41524, 41773}]. |
|
Date: |
Tue, 5 Oct 2021 21:05:16 -0400 |
This update includes an important fix for an actively exploited path traversal
vulnerability (CVE-2021-41773), which allows attackers to access files outside
the "document root":
https://httpd.apache.org/security/vulnerabilities_24.html
* gnu/packages/web.scm (httpd): Update to 2.4.50.
---
gnu/packages/web.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 0ea362c452..5819973c66 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -252,14 +252,14 @@
(define-public httpd
(package
(name "httpd")
- (version "2.4.49")
+ (version "2.4.50")
(source (origin
(method url-fetch)
(uri (string-append "mirror://apache/httpd/httpd-"
version ".tar.bz2"))
(sha256
(base32
- "0fqkfjcpdd40ji2279wfxh5hddb5jdxlnpjr0sbhva8fi7b6bfb5"))))
+ "03w9nc7v0rqljxazikbrlgbw7lq72i8n7n9ynlp6h1n6f301fa3a"))))
(build-system gnu-build-system)
(native-inputs `(("pcre" ,pcre "bin"))) ;for 'pcre-config'
(inputs `(("apr" ,apr)
--
2.33.0
- [bug#51050] [PATCH] gnu: Apache httpd: Update to 2.4.50 [Fixes CVE-2021-{41524, 41773}].,
Leo Famulari <=