apacheHttpd: 2.4.58 -> 2.4.59

Fixes CVE-2024-27316, CVE-2024-27316 and CVE-2023-38709 Changes: https://downloads.apache.org/httpd/CHANGES_2.4.59
2024-04-04 17:09:44 +02:00 · 2024-04-04 17:09:44 +02:00 · 331f875bde
commit 331f875bde
parent d54fa1d555
1 changed files with 2 additions and 17 deletions
--- a/pkgs/servers/http/apache-httpd/2.4.nix
+++ b/pkgs/servers/http/apache-httpd/2.4.nix
@ -1,5 +1,4 @@
 { lib, stdenv, fetchurl, perl, zlib, apr, aprutil, pcre2, libiconv, lynx, which, libxcrypt
-, fetchpatch
 , nixosTests
 , proxySupport ? true
 , sslSupport ? true, openssl
@ -13,11 +12,11 @@

 stdenv.mkDerivation rec {
  pname = "apache-httpd";
-  version = "2.4.58";
+  version = "2.4.59";

  src = fetchurl {
    url = "mirror://apache/httpd/httpd-${version}.tar.bz2";
-    sha256 = "sha256-+hbXKgeCEKVMR91b7y+Lm4oB2UkJpRRTlWs+xkQupMU=";
+    hash = "sha256-7FFQHsSAKE/1L2NyWBNdMzIwp9Ipw6+m9sL5BA4yEyM=";
  };

  # FIXME: -dev depends on -doc
@ -36,20 +35,6 @@ stdenv.mkDerivation rec {
    lib.optional http2Support nghttp2 ++
    lib.optional stdenv.isDarwin libiconv;

-  patches = lib.optionals modTlsSupport [
-    (fetchpatch {
-      name = "compat-with-rustls-ffi-0.10.0.patch";
-      url = "https://github.com/apache/httpd/commit/918620a183d843fb393ed939423a25d42c1044ec.patch";
-      hash = "sha256-YZi3t++hjM0skisax2xuh9DifZVZjCjVn6XQr6QKGEs=";
-    })
-  ] ++ lib.optionals libxml2Support [
-    (fetchpatch {
-      name = "compat-with-libxml2-2.12.patch";
-      url = "https://github.com/apache/httpd/commit/27a68e54b7c6d2ae80dca396fd2727852897dab1.patch";
-      hash = "sha256-k2EqCaDkckrXLsHnjP4h+b1brTnde4pUyrbOiPFB6qk=";
-    })
-  ];
-
  postPatch = ''
    sed -i config.layout -e "s|installbuilddir:.*|installbuilddir: $dev/share/build|"
    sed -i support/apachectl.in -e 's|@LYNX_PATH@|${lynx}/bin/lynx|'