From: wangmy <wan...@fujitsu.com>
Changelog:
=============
* Update comment about TCP_INFO on OpenBSD
* [mod_ajp13] fix crash with bad response headers (fixes #3170)
* [core] handle RDHUP when collecting chunked body
* [core] tweak streaming request body to backends
* [core] handle ENOSPC with pwritev() (#3171)
* [core] manually calculate off_t max (fixes #3171)
* [autoconf] force large file support (#3171)
* [multiple] quiet coverity warnings using casts
* [meson] add license keyword to project declaration
Signed-off-by: Wang Mingyu <wan...@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.bell...@bootlin.com>
Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
(cherry picked from commit 7a399862bb2e1503fbffa18e7ec0767643f76132)
Signed-off-by: Steve Sakoman <st...@sakoman.com>
---
.../lighttpd/lighttpd/CVE-2022-41556.patch | 31 -------------------
...{lighttpd_1.4.66.bb => lighttpd_1.4.67.bb} | 3 +-
2 files changed, 1 insertion(+), 33 deletions(-)
delete mode 100644 meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
rename meta/recipes-extended/lighttpd/{lighttpd_1.4.66.bb =>
lighttpd_1.4.67.bb} (96%)
diff --git a/meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
b/meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
deleted file mode 100644
index 284a5a3ea9..0000000000
--- a/meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-CVE: CVE-2022-41556
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.bur...@arm.com>
-
-From b18de6f9264f914f7bf493abd3b6059343548e50 Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstra...@gluelogic.com>
-Date: Sun, 11 Sep 2022 22:31:34 -0400
-Subject: [PATCH] [core] handle RDHUP when collecting chunked body
-
-handle RDHUP as soon as RDHUP detected when collecting HTTP/1.1 chunked
-request body (and when not streaming request body to backend)
-
-x-ref:
- https://github.com/lighttpd/lighttpd1.4/pull/115
----
- src/gw_backend.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/gw_backend.c b/src/gw_backend.c
-index df9d8217..5db56287 100644
---- a/src/gw_backend.c
-+++ b/src/gw_backend.c
-@@ -2228,7 +2228,7 @@ handler_t gw_handle_subrequest(request_st * const r,
void *p_d) {
- * and module is flagged to stream request body to backend)
*/
- return (r->conf.stream_request_body & FDEVENT_STREAM_REQUEST)
- ? http_response_reqbody_read_error(r, 411)
-- : HANDLER_WAIT_FOR_EVENT;
-+ : (rc == HANDLER_GO_ON) ? HANDLER_WAIT_FOR_EVENT : rc;
- }
-
- if (hctx->wb_reqlen < -1 && r->reqbody_length >= 0) {
diff --git a/meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb
b/meta/recipes-extended/lighttpd/lighttpd_1.4.67.bb
similarity index 96%
rename from meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb
rename to meta/recipes-extended/lighttpd/lighttpd_1.4.67.bb
index 78978105b2..838881f238 100644
--- a/meta/recipes-extended/lighttpd/lighttpd_1.4.66.bb
+++ b/meta/recipes-extended/lighttpd/lighttpd_1.4.67.bb
@@ -14,13 +14,12 @@ RRECOMMENDS:${PN} = "lighttpd-module-access \
lighttpd-module-accesslog"
SRC_URI =
"http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.xz \
- file://CVE-2022-41556.patch \
file://index.html.lighttpd \
file://lighttpd.conf \
file://lighttpd \
"
-SRC_URI[sha256sum] =
"47ac6e60271aa0196e65472d02d019556dc7c6d09df3b65df2c1ab6866348e3b"
+SRC_URI[sha256sum] =
"7e04d767f51a8d824b32e2483ef2950982920d427d1272ef4667f49d6f89f358"
DEPENDS = "virtual/crypt"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#172908):
https://lists.openembedded.org/g/openembedded-core/message/172908
Mute This Topic: https://lists.openembedded.org/mt/94868707/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
