|
|
@@ -6,7 +6,7 @@
|
|
|
Summary: Apache HTTP Server
|
|
|
Name: %{pkgname}
|
|
|
Version: 2.2.14
|
|
|
-Release: 3%{_dist_release}
|
|
|
+Release: 5%{_dist_release}
|
|
|
URL: http://httpd.apache.org/
|
|
|
|
|
|
Vendor: Project Vine
|
|
|
@@ -46,7 +46,8 @@ Patch54: httpd-2.2.0-authnoprov.patch
|
|
|
Patch60: httpd-2.2.3-sslusername.patch
|
|
|
|
|
|
# Security fixes
|
|
|
-
|
|
|
+Patch100: apache2-2.2.14-CVE-2010-0408.patch
|
|
|
+Patch110: httpd-2.2.x-CVE-2010-0434.diff
|
|
|
|
|
|
License: Apache Software License
|
|
|
Group: System Environment/Daemons
|
|
|
@@ -124,6 +125,8 @@ Security (TLS) protocols.
|
|
|
%patch54 -p1 -b .authnoprov
|
|
|
%patch60 -p1 -b .sslusername
|
|
|
|
|
|
+%patch100 -p4 -b .CVE-2010-0408
|
|
|
+%patch110 -p0 -b .CVE-2010-0434
|
|
|
|
|
|
# copy across the migration guide and sed it's location into apachectl
|
|
|
cp $RPM_SOURCE_DIR/migration.{html,css} .
|
|
|
@@ -491,6 +494,12 @@ rm -rf $RPM_BUILD_ROOT
|
|
|
%{_libdir}/apache2/build/*.sh
|
|
|
|
|
|
%changelog
|
|
|
+* Sat Mar 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> - 2.2.14-5
|
|
|
+- add patch110 for fix CVE-2010-0434 from mdk 2010
|
|
|
+
|
|
|
+* Sun Mar 7 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> - 2.2.14-4
|
|
|
+- add patch100 for fix CVE-2010-0408 (mod_proxy_ajp)
|
|
|
+
|
|
|
* Fri Feb 5 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.2.14-3
|
|
|
- rebuilt with rpm-4.8.0-3 (on ppc)
|
|
|
|
|
|
@@ -726,3 +735,4 @@ rm -rf $RPM_BUILD_ROOT
|
|
|
* Mon May 20 2002 Joe Orton <jorton@redhat.com>
|
|
|
- initial build; based heavily on apache.spec and mod_ssl.spec
|
|
|
- fixes: #65214, #58490, #57376, #61265, #65518, #58177, #57245
|
|
|
+
|
inagaki