diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-03-14 12:36:33 +0100 |
---|---|---|
committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-03-14 13:26:41 +0100 |
commit | 6bf333697510da981f3c641b38c0fdbf97c4b252 (patch) | |
tree | 704d0888db017d6219278149c154ccce3f93e55b | |
parent | ad02135fb2e9fcf2d5fcff1e5ee8a21c89a27444 (diff) | |
download | nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.tar nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.tar.gz nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.tar.bz2 nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.tar.lz nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.tar.xz nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.tar.zst nixpkgs-6bf333697510da981f3c641b38c0fdbf97c4b252.zip |
apacheHttpd: 2.4.52 -> 2.4.53
https://downloads.apache.org/httpd/CHANGES_2.4.53 Migrating to pcre2 was recommended in the release notes, since pcre 8.x is over 20 years old and has now reached its end of life. Fixes: CVE-2022-23943, CVE-2022-22721, CVE-2022-22720, CVE-2022-22719
-rw-r--r-- | pkgs/servers/http/apache-httpd/2.4.nix | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/pkgs/servers/http/apache-httpd/2.4.nix b/pkgs/servers/http/apache-httpd/2.4.nix index 56d66a2e99c..d72dcb9170b 100644 --- a/pkgs/servers/http/apache-httpd/2.4.nix +++ b/pkgs/servers/http/apache-httpd/2.4.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, perl, zlib, apr, aprutil, pcre, libiconv, lynx +{ lib, stdenv, fetchurl, perl, zlib, apr, aprutil, pcre2, libiconv, lynx, which , nixosTests , proxySupport ? true , sslSupport ? true, openssl @@ -11,17 +11,19 @@ stdenv.mkDerivation rec { pname = "apache-httpd"; - version = "2.4.52"; + version = "2.4.53"; src = fetchurl { url = "mirror://apache/httpd/httpd-${version}.tar.bz2"; - sha256 = "sha256-ASf33El+mYPpxRR0vtdeRWB/L4cKdnWobckK9tVy9ck="; + sha256 = "sha256-0LvREhpXtfKm/5LXuW+AUMWkXT8U2xGPZJedUlhY22M="; }; # FIXME: -dev depends on -doc outputs = [ "out" "dev" "man" "doc" ]; setOutputFlags = false; # it would move $out/modules, etc. + nativeBuildInputs = [ which ]; + buildInputs = [ perl ] ++ lib.optional brotliSupport brotli ++ lib.optional sslSupport openssl ++ @@ -42,7 +44,7 @@ stdenv.mkDerivation rec { "--with-apr=${apr.dev}" "--with-apr-util=${aprutil.dev}" "--with-z=${zlib.dev}" - "--with-pcre=${pcre.dev}" + "--with-pcre=${pcre2.dev}/bin/pcre2-config" "--disable-maintainer-mode" "--disable-debugger-mode" "--enable-mods-shared=all" |