mirror of
https://git.yoctoproject.org/poky
synced 2026-02-26 11:29:40 +01:00
lighttpd: upgrade 1.4.66 -> 1.4.67
Changelog: ============= * Update comment about TCP_INFO on OpenBSD * [mod_ajp13] fix crash with bad response headers (fixes #3170) * [core] handle RDHUP when collecting chunked body * [core] tweak streaming request body to backends * [core] handle ENOSPC with pwritev() (#3171) * [core] manually calculate off_t max (fixes #3171) * [autoconf] force large file support (#3171) * [multiple] quiet coverity warnings using casts * [meson] add license keyword to project declaration (From OE-Core rev: d099203a342b8bbb35656b84c6488e8131cc8648) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 7a399862bb2e1503fbffa18e7ec0767643f76132) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
@@ -1,31 +0,0 @@
|
||||
CVE: CVE-2022-41556
|
||||
Upstream-Status: Backport
|
||||
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
||||
|
||||
From b18de6f9264f914f7bf493abd3b6059343548e50 Mon Sep 17 00:00:00 2001
|
||||
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||
Date: Sun, 11 Sep 2022 22:31:34 -0400
|
||||
Subject: [PATCH] [core] handle RDHUP when collecting chunked body
|
||||
|
||||
handle RDHUP as soon as RDHUP detected when collecting HTTP/1.1 chunked
|
||||
request body (and when not streaming request body to backend)
|
||||
|
||||
x-ref:
|
||||
https://github.com/lighttpd/lighttpd1.4/pull/115
|
||||
---
|
||||
src/gw_backend.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/gw_backend.c b/src/gw_backend.c
|
||||
index df9d8217..5db56287 100644
|
||||
--- a/src/gw_backend.c
|
||||
+++ b/src/gw_backend.c
|
||||
@@ -2228,7 +2228,7 @@ handler_t gw_handle_subrequest(request_st * const r, void *p_d) {
|
||||
* and module is flagged to stream request body to backend) */
|
||||
return (r->conf.stream_request_body & FDEVENT_STREAM_REQUEST)
|
||||
? http_response_reqbody_read_error(r, 411)
|
||||
- : HANDLER_WAIT_FOR_EVENT;
|
||||
+ : (rc == HANDLER_GO_ON) ? HANDLER_WAIT_FOR_EVENT : rc;
|
||||
}
|
||||
|
||||
if (hctx->wb_reqlen < -1 && r->reqbody_length >= 0) {
|
||||
@@ -14,13 +14,12 @@ RRECOMMENDS:${PN} = "lighttpd-module-access \
|
||||
lighttpd-module-accesslog"
|
||||
|
||||
SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.xz \
|
||||
file://CVE-2022-41556.patch \
|
||||
file://index.html.lighttpd \
|
||||
file://lighttpd.conf \
|
||||
file://lighttpd \
|
||||
"
|
||||
|
||||
SRC_URI[sha256sum] = "47ac6e60271aa0196e65472d02d019556dc7c6d09df3b65df2c1ab6866348e3b"
|
||||
SRC_URI[sha256sum] = "7e04d767f51a8d824b32e2483ef2950982920d427d1272ef4667f49d6f89f358"
|
||||
|
||||
DEPENDS = "virtual/crypt"
|
||||
|
||||
Reference in New Issue
Block a user