diff options
| author | Bennett Goble <nivardus@gmail.com> | 2018-06-01 19:53:03 -0700 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-06-07 07:42:49 +0000 |
| commit | 938d6f0c37a674f9e60163bc4558ef9fbd7efb7d (patch) | |
| tree | cb3d244e53f97e576c1bbe43647c0515cf00a900 | |
| parent | 3ae7da2d35482dfd83eac51ad405359ad2208139 (diff) | |
| download | alpine_aports-938d6f0c37a674f9e60163bc4558ef9fbd7efb7d.tar.bz2 alpine_aports-938d6f0c37a674f9e60163bc4558ef9fbd7efb7d.tar.xz alpine_aports-938d6f0c37a674f9e60163bc4558ef9fbd7efb7d.zip | |
community/h2o: security upgrade to 2.2.5 (CVE-2018-0608)
| -rw-r--r-- | community/h2o/APKBUILD | 10 | ||||
| -rw-r--r-- | community/h2o/h2o-libressl-2.7.0.patch | 14 | ||||
| -rw-r--r-- | community/h2o/libressl-2.7.patch | 58 |
3 files changed, 19 insertions, 63 deletions
diff --git a/community/h2o/APKBUILD b/community/h2o/APKBUILD index b8a9dbeb8c..3b30d5e417 100644 --- a/community/h2o/APKBUILD +++ b/community/h2o/APKBUILD | |||
| @@ -1,8 +1,8 @@ | |||
| 1 | # Contributor: Bennett Goble <nivardus@gmail.com> | 1 | # Contributor: Bennett Goble <nivardus@gmail.com> |
| 2 | # Maintainer: Bennett Goble <nivardus@gmail.com> | 2 | # Maintainer: Bennett Goble <nivardus@gmail.com> |
| 3 | pkgname=h2o | 3 | pkgname=h2o |
| 4 | pkgver=2.2.4 | 4 | pkgver=2.2.5 |
| 5 | pkgrel=2 | 5 | pkgrel=0 |
| 6 | pkgdesc="An optimized HTTP/1, HTTP/2 server written in C" | 6 | pkgdesc="An optimized HTTP/1, HTTP/2 server written in C" |
| 7 | url="https://h2o.examp1e.net" | 7 | url="https://h2o.examp1e.net" |
| 8 | arch="all" | 8 | arch="all" |
| @@ -12,7 +12,7 @@ makedepends="cmake ruby ruby-dev bison zlib-dev wslay-dev libressl-dev libuv-dev | |||
| 12 | install="$pkgname.pre-install" | 12 | install="$pkgname.pre-install" |
| 13 | subpackages="$pkgname-dev $pkgname-doc" | 13 | subpackages="$pkgname-dev $pkgname-doc" |
| 14 | source="$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$pkgver.tar.gz | 14 | source="$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$pkgver.tar.gz |
| 15 | libressl-2.7.patch | 15 | h2o-libressl-2.7.0.patch |
| 16 | h2o.conf | 16 | h2o.conf |
| 17 | h2o.initd | 17 | h2o.initd |
| 18 | h2o.logrotate" | 18 | h2o.logrotate" |
| @@ -49,8 +49,8 @@ package() { | |||
| 49 | install -m700 -d "$pkgdir"/var/log/$pkgname | 49 | install -m700 -d "$pkgdir"/var/log/$pkgname |
| 50 | } | 50 | } |
| 51 | 51 | ||
| 52 | sha512sums="508ebe93b890f573e735d9b1f9c91a669144be3523e34fb7455227fd10b38e04a5db73e706fe8d05849fea3019e792754097871c073715c9eef4eae7c33560b5 h2o-2.2.4.tar.gz | 52 | sha512sums="24b07140d24fbb7796038aab44f44be5ffabc6f2841954273e2ad9f1a864e5482051dd7abfa6446297a46b6868763114695fa4f123ee3175bdac53b4c1868bc2 h2o-2.2.5.tar.gz |
| 53 | 5e30cadf7ad0fcecadb56c60eb71f8e4eee2f6f46977d48744a5f0e965251948dc9c5543295211c695d440f9568e04b13108c1c163f092ac6cae718fd2b02ef7 libressl-2.7.patch | 53 | ac0b587cc55124a350b42470d1f514f6cb4624914f92bcc3ed125909e98ef62101d452c098bb381f71b1becd7d21bc6a0d33c3890db72e92976d373406623e6f h2o-libressl-2.7.0.patch |
| 54 | 444f55c3eaae1f349223036086e45c983ea8be89e793068537ec25488c4065174bc509d0987ddc65a0357cb8acfec272e90d13ea7cdadf9cf112953d857aa574 h2o.conf | 54 | 444f55c3eaae1f349223036086e45c983ea8be89e793068537ec25488c4065174bc509d0987ddc65a0357cb8acfec272e90d13ea7cdadf9cf112953d857aa574 h2o.conf |
| 55 | e93e66a6b00b1bff94e37489c5fdf99d9d657adc63975ec54be30f8da23dafe7d7389f02a6452ed819efc9d8398aa716782a7fd6d8509621a975ed954b73bef9 h2o.initd | 55 | e93e66a6b00b1bff94e37489c5fdf99d9d657adc63975ec54be30f8da23dafe7d7389f02a6452ed819efc9d8398aa716782a7fd6d8509621a975ed954b73bef9 h2o.initd |
| 56 | 3d2c9e36c48cbb974d0691e4af8e9eb8f13e3bebb98a30417cdc87e76a4b5cddc4e4f665ebea26b95174287b95d002fdc3363f30ffcf15247fcd0530fe1abfcc h2o.logrotate" | 56 | 3d2c9e36c48cbb974d0691e4af8e9eb8f13e3bebb98a30417cdc87e76a4b5cddc4e4f665ebea26b95174287b95d002fdc3363f30ffcf15247fcd0530fe1abfcc h2o.logrotate" |
diff --git a/community/h2o/h2o-libressl-2.7.0.patch b/community/h2o/h2o-libressl-2.7.0.patch new file mode 100644 index 0000000000..ba4cdbd652 --- /dev/null +++ b/community/h2o/h2o-libressl-2.7.0.patch | |||
| @@ -0,0 +1,14 @@ | |||
| 1 | diff --git a/deps/neverbleed/neverbleed.c b/deps/neverbleed/neverbleed.c | ||
| 2 | index 29b35a9..42356a6 100644 | ||
| 3 | --- a/deps/neverbleed/neverbleed.c | ||
| 4 | +++ b/deps/neverbleed/neverbleed.c | ||
| 5 | @@ -547,7 +547,7 @@ static int sign_stub(struct expbuf_t *buf) | ||
| 6 | return 0; | ||
| 7 | } | ||
| 8 | |||
| 9 | -#if !OPENSSL_1_1_API | ||
| 10 | +#if !OPENSSL_1_1_API && (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL) | ||
| 11 | |||
| 12 | static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) | ||
| 13 | { | ||
| 14 | |||
diff --git a/community/h2o/libressl-2.7.patch b/community/h2o/libressl-2.7.patch deleted file mode 100644 index 2cd722ff82..0000000000 --- a/community/h2o/libressl-2.7.patch +++ /dev/null | |||
| @@ -1,58 +0,0 @@ | |||
| 1 | From 85b7f561f3bb546b13718f495a354a6b9ecd5d03 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: AIZAWA Hina <hina@bouhime.com> | ||
| 3 | Date: Fri, 23 Mar 2018 23:30:20 +0900 | ||
| 4 | Subject: [PATCH] Add supporting LibreSSL 2.7 | ||
| 5 | |||
| 6 | Signed-off-by: AIZAWA Hina <hina@bouhime.com> | ||
| 7 | --- | ||
| 8 | include/h2o/openssl_backport.h | 4 ++-- | ||
| 9 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
| 10 | |||
| 11 | diff --git a/include/h2o/openssl_backport.h b/include/h2o/openssl_backport.h | ||
| 12 | index b24440e80..72cc43c45 100644 | ||
| 13 | --- a/include/h2o/openssl_backport.h | ||
| 14 | +++ b/include/h2o/openssl_backport.h | ||
| 15 | @@ -25,7 +25,7 @@ | ||
| 16 | #include <stdlib.h> | ||
| 17 | |||
| 18 | /* backports for OpenSSL 1.0.2 */ | ||
| 19 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) | ||
| 20 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) | ||
| 21 | |||
| 22 | #define BIO_get_data(bio) ((bio)->ptr) | ||
| 23 | #define BIO_set_data(bio, p) ((bio)->ptr = (p)) | ||
| 24 | @@ -57,7 +57,7 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name) | ||
| 25 | #endif | ||
| 26 | |||
| 27 | /* backports for OpenSSL 1.0.1 and LibreSSL */ | ||
| 28 | -#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) | ||
| 29 | +#if OPENSSL_VERSION_NUMBER < 0x10002000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) | ||
| 30 | |||
| 31 | #define SSL_is_server(ssl) ((ssl)->server) | ||
| 32 | |||
| 33 | diff --git a/deps/neverbleed/neverbleed.c b/deps/neverbleed/neverbleed.c | ||
| 34 | index 29b35a9..2caea00 100644 | ||
| 35 | --- a/deps/neverbleed/neverbleed.c | ||
| 36 | +++ b/deps/neverbleed/neverbleed.c | ||
| 37 | @@ -547,7 +547,7 @@ static int sign_stub(struct expbuf_t *buf) | ||
| 38 | return 0; | ||
| 39 | } | ||
| 40 | |||
| 41 | -#if !OPENSSL_1_1_API | ||
| 42 | +#if !OPENSSL_1_1_API && !(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL) | ||
| 43 | |||
| 44 | static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) | ||
| 45 | { | ||
| 46 | diff --git a/deps/picotls/lib/openssl.c b/deps/picotls/lib/openssl.c | ||
| 47 | index 70ec0d0..50db1cf 100644 | ||
| 48 | --- a/deps/picotls/lib/openssl.c | ||
| 49 | +++ b/deps/picotls/lib/openssl.c | ||
| 50 | @@ -35,7 +35,7 @@ | ||
| 51 | #include "picotls.h" | ||
| 52 | #include "picotls/openssl.h" | ||
| 53 | |||
| 54 | -#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) | ||
| 55 | +#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) | ||
| 56 | #define OPENSSL_1_0_API 1 | ||
| 57 | #else | ||
| 58 | #define OPENSSL_1_0_API 0 | ||