From nobody Thu Jun 4 08:15:11 2026 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gWHS00vZYz6gFVQ for ; Thu, 04 Jun 2026 08:15:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gWHRz5kfjz3qVS for ; Thu, 04 Jun 2026 08:15:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780560911; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5Fc3HtsXY+7tvzBAO+ow6i9RrXlFFHOQiYSJ6CPLFOg=; b=yMYVxHcciZgV2V8nOW6loFSKUaXH23FTxwIN0Jx5aFx6W/xciB/QBy+OqLjzxhHBWmxjvL WigXnDSJnBgrzlc7QBta6YvviYxGPMk1nWTvlC0mzEFbK0rubGkN8/zrlUHFeyS/XlyJLS jKp+W+3GfUbTBpan9tO0SlmAZ0UpKIRef04stwkoULezvkTTREDrDN11GOi3STxOadp11y 8tchIdDc966AAfybQ50aYdSoivCwRJR87mAYculgnF3gpfszQh2BCB323XC8It0imHd23M vNGCenkrUSPFZflTN9tOEHOGHxR+1w9TgvNvKDbrYpzKaAXH/cYNnAJ6KfqyFg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780560911; a=rsa-sha256; cv=none; b=KPq3xcjqUh7+tN+gTMlRvcloQMSR9pDJHiZVM4tys6N3fTrWLhc+EqslD/2yce7LdkLrn7 8guSNgpcmLG19ySr35pBYOjj8JCuYXlmHjG7T0eczzlOJ+7KbpEDEUGCcpxDFZX2GqtiCD KHGfzWm/H7qHaH/oDfst5K7G2D8XmyZQY3ChEMKVgU7f4fAG3OsiU3vsMldTh1VnSKbgzD rLLHnivg0jxf5GwESkcqxbhKkjveG8qcJjElRm7Xos8m2O0tQfXUqDpPdVsMzRNCI0xCx0 oVr5HZkRrZVgRSf4rbns1weLlmT8FShrXYahSXLu3W2USOy4Hj7VjXOlcrCHpQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780560911; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5Fc3HtsXY+7tvzBAO+ow6i9RrXlFFHOQiYSJ6CPLFOg=; b=MAzLV/hhkqpbKGJ1YJ175CUXMz/kF06HWwUkJnFDthSmIMTELT77I+mrBplewoSrmN0ttQ Zq4WLhrh23CNgOicIBMGKO5TGwDjyKN7ktUGRvOwhOY88VQ2mmEV9m+U4FudzxJvwWE50W bSLimQ7EkkK0ANLgHnfJec3Fanr2gue7G0EwA/xogcdjia6ZobbrXApkQxPNFzWqcAHZTE P3bipFrMIcnOSUTqXiD1E86u3f65BdTAxREJ2XPNLL43KYJKu4mZd1jVsJEBwf9kYYXJqm erwHKSUCqP6IuXLXo3Azk/KPCFo9Rm2Ur625Rc5QJ3fdHSgt/D4ZIwdBT6DXrg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gWHRz50H7zqqr for ; Thu, 04 Jun 2026 08:15:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 39072 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Thu, 04 Jun 2026 08:15:11 +0000 To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Bernard Spil Subject: git: 356bc43c9ad9 - main - www/apache24: Security update for HTTP/2 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-main@freebsd.org Sender: owner-dev-commits-ports-main@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: brnrd X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 356bc43c9ad9a4d472648af0d0e9c33c3b5efa82 Auto-Submitted: auto-generated Date: Thu, 04 Jun 2026 08:15:11 +0000 Message-Id: <6a21340f.39072.44a0a950@gitrepo.freebsd.org> The branch main has been updated by brnrd: URL: https://cgit.FreeBSD.org/ports/commit/?id=356bc43c9ad9a4d472648af0d0e9c33c3b5efa82 commit 356bc43c9ad9a4d472648af0d0e9c33c3b5efa82 Author: Bernard Spil AuthorDate: 2026-06-04 08:13:44 +0000 Commit: Bernard Spil CommitDate: 2026-06-04 08:15:04 +0000 www/apache24: Security update for HTTP/2 PR: 295842 Reported by: Dani I. Security: 0d6d9d9b-5feb-11f1-8607-8447094a420f MFH: 2026Q2 --- www/apache24/Makefile | 2 +- www/apache24/files/patch-CVE-2026-49975 | 67 +++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) diff --git a/www/apache24/Makefile b/www/apache24/Makefile index b9b5e219d1e5..e63914dd9358 100644 --- a/www/apache24/Makefile +++ b/www/apache24/Makefile @@ -1,6 +1,6 @@ PORTNAME= apache24 PORTVERSION= 2.4.67 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= APACHE_HTTPD DISTNAME= httpd-${PORTVERSION} diff --git a/www/apache24/files/patch-CVE-2026-49975 b/www/apache24/files/patch-CVE-2026-49975 new file mode 100644 index 000000000000..321ce8b7bd13 --- /dev/null +++ b/www/apache24/files/patch-CVE-2026-49975 @@ -0,0 +1,67 @@ +From 47d3100b252dc6668a9e46ae885242be9eeca9cd Mon Sep 17 00:00:00 2001 +From: Stefan Eissing +Date: Wed, 27 May 2026 09:37:31 +0000 +Subject: [PATCH] *) mod_http2: update to version 2.0.41 Fix cookie + header accounting against LimitRequestFields. + +git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1934678 13f79535-47bb-0310-9956-ffa450edef68 +--- + changes-entries/h2_v2.0.41.txt | 3 +++ + modules/http2/h2_util.c | 4 ++++ + modules/http2/h2_version.h | 4 ++-- + 3 files changed, 9 insertions(+), 2 deletions(-) + create mode 100644 changes-entries/h2_v2.0.41.txt + +diff --git a/changes-entries/h2_v2.0.41.txt b/changes-entries/h2_v2.0.41.txt +new file mode 100644 +index 00000000000..4d7df59fed0 +--- /dev/null ++++ changes-entries/h2_v2.0.41.txt +@@ -0,0 +1,3 @@ ++ *) mod_http2: update to version 2.0.41 ++ Fix cookie header accounting against LimitRequestFields. ++ [Stefan Eissing] +diff --git a/modules/http2/h2_util.c b/modules/http2/h2_util.c +index b377ff77f1b..b3039451f39 100644 +--- modules/http2/h2_util.c.orig ++++ modules/http2/h2_util.c +@@ -1708,6 +1708,8 @@ static apr_status_t req_add_header(apr_table_t *headers, apr_pool_t *pool, + && !ap_cstr_casecmpn("cookie", (const char *)nv->name, nv->namelen)) { + existing = apr_table_get(headers, "cookie"); + if (existing) { ++ if (!nv->valuelen) ++ return APR_SUCCESS; + /* Cookie header come separately in HTTP/2, but need + * to be merged by "; " (instead of default ", ") + */ +@@ -1719,6 +1721,8 @@ static apr_status_t req_add_header(apr_table_t *headers, apr_pool_t *pool, + apr_table_setn(headers, "Cookie", + apr_psprintf(pool, "%s; %.*s", existing, + (int)nv->valuelen, nv->value)); ++ /* Treat the merge as an "add" to not escape LimitRequestFields */ ++ *pwas_added = 1; + return APR_SUCCESS; + } + } +diff --git a/modules/http2/h2_version.h b/modules/http2/h2_version.h +index 1d7113f58bd..cc0164e080d 100644 +--- modules/http2/h2_version.h.orig ++++ modules/http2/h2_version.h +@@ -27,7 +27,7 @@ + * @macro + * Version number of the http2 module as c string + */ +-#define MOD_HTTP2_VERSION "2.0.39" ++#define MOD_HTTP2_VERSION "2.0.41" + + /** + * @macro +@@ -35,7 +35,7 @@ + * release. This is a 24 bit number with 8 bits for major number, 8 bits + * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. + */ +-#define MOD_HTTP2_VERSION_NUM 0x020027 ++#define MOD_HTTP2_VERSION_NUM 0x020029 + + + #endif /* mod_h2_h2_version_h */