From 7526338837baf4d6ceef922b09df6967ff3aa6ec Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Tue, 2 Jan 2018 21:40:16 -0500
Subject: gnu: httpd: Update to 2.4.29.

* gnu/packages/web.scm (httpd): Update to 2.4.29.
[source]: Remove patch.
* gnu/packages/patches/httpd-CVE-2017-9798.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/packages/patches/httpd-CVE-2017-9798.patch | 22 ----------------------
 1 file changed, 22 deletions(-)
 delete mode 100644 gnu/packages/patches/httpd-CVE-2017-9798.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/httpd-CVE-2017-9798.patch b/gnu/packages/patches/httpd-CVE-2017-9798.patch
deleted file mode 100644
index 8391a3db4a..0000000000
--- a/gnu/packages/patches/httpd-CVE-2017-9798.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Fixes "options bleed", aka. CVE-2017-9798:
-
-  https://nvd.nist.gov/vuln/detail/CVE-2017-9798
-  https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
-
-From <https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch>.
-
---- a/server/core.c	2017/08/16 16:50:29	1805223
-+++ b/server/core.c	2017/09/08 13:13:11	1807754
-@@ -2266,6 +2266,12 @@
-             /* method has not been registered yet, but resource restriction
-              * is always checked before method handling, so register it.
-              */
-+            if (cmd->pool == cmd->temp_pool) {
-+                /* In .htaccess, we can't globally register new methods. */
-+                return apr_psprintf(cmd->pool, "Could not register method '%s' "
-+                                   "for %s from .htaccess configuration",
-+                                    method, cmd->cmd->name);
-+            }
-             methnum = ap_method_register(cmd->pool,
-                                          apr_pstrdup(cmd->pool, method));
-         }
-- 
cgit 1.4.1