main/apache2: security upgrade to 2.4.67

2026-05-05 12:26:52 +02:00 · 2026-05-04 22:20:16 +02:00 · 2026-05-04 22:20:16 +02:00 · f391ea5d3b
commit f391ea5d3b
parent d4604b3515
2 changed files with 17 additions and 5 deletions
--- a/main/apache2/0008-httpd-ssl.conf-SSLRandomSeed.patch
+++ b/main/apache2/0008-httpd-ssl.conf-SSLRandomSeed.patch
@ -34,7 +34,7 @@ index 29ac06c..46ccea6 100644
 -# Secure (SSL/TLS) connections
 -#Include @rel_sysconfdir@/extra/httpd-ssl.conf
 -#
-# Note: The following must must be present to support
+-# Note: The following must be present to support
 -#       starting without SSL on platforms with no /dev/random equivalent
 -#       but a statically compiled-in mod_ssl.
 -#
--- a/main/apache2/APKBUILD
+++ b/main/apache2/APKBUILD
@ -2,8 +2,8 @@
 # Maintainer: Kaarle Ritvanen <kunkku@alpinelinux.org>
 pkgname=apache2
 _pkgreal=httpd
-pkgver=2.4.66
-pkgrel=1
+pkgver=2.4.67
+pkgrel=0
 pkgdesc="A high performance Unix-based HTTP server"
 url="https://httpd.apache.org/"
 arch="all"
@ -66,6 +66,18 @@ options="suid !check"
 builddir="$srcdir"/$_pkgreal-$pkgver

 # secfixes:
+#   2.4.67-r0:
+#     - CVE-2026-23918
+#     - CVE-2026-24072
+#     - CVE-2026-28780
+#     - CVE-2026-29168
+#     - CVE-2026-29169
+#     - CVE-2026-33006
+#     - CVE-2026-33007
+#     - CVE-2026-33523
+#     - CVE-2026-33857
+#     - CVE-2026-34032
+#     - CVE-2026-34059
 #   2.4.66-r0:
 #     - CVE-2025-55753
 #     - CVE-2025-58098
@ -450,7 +462,7 @@ _lua() {
 }

 sha512sums="
-49031a3465d956ee3b755e65810b6c35561ddd5fac2c624a273b733c238e115b914cd7b246837e5a3090ccfded6e0b8b3059bfd1f8ce4419081c805a38d05a4b  httpd-2.4.66.tar.bz2
+5ae29fc8edb253453271613cb18754de0d943d1f82361059c81f8ebe1f057b894675506550bd1341bfa9416226b569a7bac08f497c53e8bb6dede87f4f41eae4  httpd-2.4.67.tar.bz2
 8e62b101f90c67babe864bcb74f711656180b011df3fd4b541dc766b980b72aa409e86debf3559a55be359471c1cad81b8779ef3a55add8d368229fc7e9544fc  apache2.confd
 18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b  apache2.logrotate
 81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701  apache2.initd
@ -462,7 +474,7 @@ ad0c1711bc240f99cd0256d0984ad0142e03c384d30378ccca3e47cdd2596307e64bb19fbd810a56
 165a016a2cb9969c25fa73fab90fba5662d916e4883abd223ac104579334424103c123009d41b6fe3fcd30070daa8c6bdbb2afbb2905d08e183ecb66018578a3  0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch
 c27af4e0fa0b4d441534c452fd5f26e8ab28e737660c1eddf952f9a44d82c54abd1eb5e7c1b3da5191c5ecf0358fcd4e23b8fd241d805290a7c32a7fb3138a12  0006-httpd-dav.conf-DavLockDB.patch
 90adca579c3c7dc69ce1f175b47acc9e9e33667d93bb33aead7cf286212f1bdb58062fcd4e01657a2bb8ea9a2ac90c7c95f4cb8f19a29f6366e28a7168240708  0007-httpd-ssl.conf-SSLSessionCache.patch
-0bae3368dd64737ffc1b1aeaccbe21e597c5d497e45a5e9bc0e27c78091b9ead13690da37d28cdc5d285c58d82085720cdd627abc3b650d4f13a4cbf24021565  0008-httpd-ssl.conf-SSLRandomSeed.patch
+a19f3a6ee5116f1e7368c44f799312f3a5572efc416b49903c0ea391339fc7e612de7eebea98dca61f180bd8f789b2f9d3179e36051ecdaf378b3c298f9b6753  0008-httpd-ssl.conf-SSLRandomSeed.patch
 a3b0827f86902ab05afb27ae7fef0a7b9984ef103cf3aea80651b5cfb239db99e477b077bee8d7f0e576471090055fe1a78238d746aae34bd397f3db1d0eac8f  0009-httpd-ssl.conf-SSL-File.patch
 a3936713f8ffcbf2bb633035873249b94fa8ace9fdb758405264f075f755fbcfec4d08794f79e4699ab398fcd0049d1897b1fd5af62e1356780938ad08ac3a11  0010-httpd-ssl.conf-SSL-CipherSuite.patch
 eb09b3bcbab70f6a48d5efe8fc4bd62cc2b3f46def97c09d8454b846a065c02d18bd846313c421897c8d13be728e4b2ca790e2a5c5c6add3821d9e572bacfab2  0011-httpd.conf-IncludeOptional.patch