From 3d2fb99355626431efc8037db71a1e2389b31ec6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 28 Apr 2024 01:56:20 +0200
Subject: Merging debian version 2.4.59-1~deb11u1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/apache2-bin.docs                      |  1 +
 debian/apache2-data.docs                     |  1 +
 debian/apache2-dev.docs                      |  1 +
 debian/apache2-suexec-custom.docs            |  1 +
 debian/apache2-suexec-pristine.docs          |  1 +
 debian/apache2-utils.docs                    |  1 +
 debian/apache2.docs                          |  1 +
 debian/changelog                             | 13 ++++++++++++
 debian/patches/fhs_compliance.patch          |  6 +++---
 debian/patches/fix-2.4.56-regression-2.patch | 30 ----------------------------
 debian/patches/fix-2.4.56-regression.patch   | 19 ------------------
 debian/patches/reproducible_builds.diff      |  2 +-
 debian/patches/series                        |  2 --
 13 files changed, 24 insertions(+), 55 deletions(-)
 create mode 100644 debian/apache2-bin.docs
 create mode 100644 debian/apache2-data.docs
 create mode 100644 debian/apache2-dev.docs
 create mode 100644 debian/apache2-suexec-custom.docs
 create mode 100644 debian/apache2-suexec-pristine.docs
 create mode 100644 debian/apache2-utils.docs
 delete mode 100644 debian/patches/fix-2.4.56-regression-2.patch
 delete mode 100644 debian/patches/fix-2.4.56-regression.patch

diff --git a/debian/apache2-bin.docs b/debian/apache2-bin.docs
new file mode 100644
index 0000000..6d5ee1d
--- /dev/null
+++ b/debian/apache2-bin.docs
@@ -0,0 +1 @@
+NOTICE
diff --git a/debian/apache2-data.docs b/debian/apache2-data.docs
new file mode 100644
index 0000000..6d5ee1d
--- /dev/null
+++ b/debian/apache2-data.docs
@@ -0,0 +1 @@
+NOTICE
diff --git a/debian/apache2-dev.docs b/debian/apache2-dev.docs
new file mode 100644
index 0000000..6d5ee1d
--- /dev/null
+++ b/debian/apache2-dev.docs
@@ -0,0 +1 @@
+NOTICE
diff --git a/debian/apache2-suexec-custom.docs b/debian/apache2-suexec-custom.docs
new file mode 100644
index 0000000..6d5ee1d
--- /dev/null
+++ b/debian/apache2-suexec-custom.docs
@@ -0,0 +1 @@
+NOTICE
diff --git a/debian/apache2-suexec-pristine.docs b/debian/apache2-suexec-pristine.docs
new file mode 100644
index 0000000..6d5ee1d
--- /dev/null
+++ b/debian/apache2-suexec-pristine.docs
@@ -0,0 +1 @@
+NOTICE
diff --git a/debian/apache2-utils.docs b/debian/apache2-utils.docs
new file mode 100644
index 0000000..6d5ee1d
--- /dev/null
+++ b/debian/apache2-utils.docs
@@ -0,0 +1 @@
+NOTICE
diff --git a/debian/apache2.docs b/debian/apache2.docs
index 44a5c6c..057b3c3 100644
--- a/debian/apache2.docs
+++ b/debian/apache2.docs
@@ -1,3 +1,4 @@
 debian/PACKAGING
 debian/README.backtrace
 debian/README.multiple-instances
+NOTICE
diff --git a/debian/changelog b/debian/changelog
index 4e90ef8..5cf2df0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+apache2 (2.4.59-1~deb11u1) bullseye-security; urgency=medium
+
+  * New upstream version 2.4.58
+    (Closes: CVE-2023-31122, CVE-2023-43622, CVE-2023-45802)
+  * Drop 2.4.56-regression patches
+  * New upstream version 2.4.59
+    (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709)
+  * Install NOTICE files
+  * Update test framework
+  * Refresh patches
+
+ -- Yadd <yadd@debian.org>  Fri, 05 Apr 2024 16:08:04 +0400
+
 apache2 (2.4.56-1~deb11u2progress6u1) fuchur; urgency=medium
 
   * Initial reupload to fuchur.
diff --git a/debian/patches/fhs_compliance.patch b/debian/patches/fhs_compliance.patch
index e6522c1..986d8bc 100644
--- a/debian/patches/fhs_compliance.patch
+++ b/debian/patches/fhs_compliance.patch
@@ -2,11 +2,11 @@ Description: Fix up FHS file locations for apache2 droppings.
 Forwarded: not-needed
 Author: Adam Conrad <adconrad@0c3.net>
 Reviewed-By: Yadd <yadd@debian.org>
-Last-Update: 2023-01-18
+Last-Update: 2023-10-19
 
 --- a/configure
 +++ b/configure
-@@ -42075,13 +42075,13 @@
+@@ -42812,13 +42812,13 @@
  ap_prefix="${ap_cur}"
  
  
@@ -25,7 +25,7 @@ Last-Update: 2023-01-18
  perlbin=`$ac_aux_dir/PrintPath perl`
 --- a/configure.in
 +++ b/configure.in
-@@ -901,11 +901,11 @@
+@@ -928,11 +928,11 @@
  echo $MODLIST | $AWK -f $srcdir/build/build-modules-c.awk > modules.c
  
  APR_EXPAND_VAR(ap_prefix, $prefix)
diff --git a/debian/patches/fix-2.4.56-regression-2.patch b/debian/patches/fix-2.4.56-regression-2.patch
deleted file mode 100644
index d19373c..0000000
--- a/debian/patches/fix-2.4.56-regression-2.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Description: h2 request headers clone instead of copy
-Author: Stefan Eissing
-Origin: upstream, https://bz.apache.org/bugzilla/attachment.cgi?id=38527&action=diff
-Bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=66539
-Bug-Debian: https://bugs.debian.org/1033408
-Forwarded: not-needed
-Applied-Upstream: 2.4.57
-Reviewed-By: Yadd <yadd@debian.org>
-Last-Update: 2023-04-02
-
---- a/modules/http2/h2_request.c
-+++ b/modules/http2/h2_request.c
-@@ -279,7 +279,7 @@
- apr_bucket *h2_request_create_bucket(const h2_request *req, request_rec *r)
- {
-     conn_rec *c = r->connection;
--    apr_table_t *headers = apr_table_copy(r->pool, req->headers);
-+    apr_table_t *headers = apr_table_clone(r->pool, req->headers);
-     const char *uri = req->path;
- 
-     AP_DEBUG_ASSERT(req->authority);
-@@ -303,7 +303,7 @@
- {
-     const char *cl;
- 
--    r->headers_in = apr_table_copy(r->pool, req->headers);
-+    r->headers_in = apr_table_clone(r->pool, req->headers);
-     if (req->authority) {
-         /* for internal handling, we have to simulate that :authority
-          * came in as Host:, RFC 9113 ch. says that mismatches between
diff --git a/debian/patches/fix-2.4.56-regression.patch b/debian/patches/fix-2.4.56-regression.patch
deleted file mode 100644
index 0203491..0000000
--- a/debian/patches/fix-2.4.56-regression.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Description: fix 2.4.56 regression
-Author: covener
-Bug-Debian: https://bugs.debian.org/1033284
-Origin: upstream, http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_rewrite.c?r1=1908813&r2=1908812&pathrev=1908813
-Forwarded: not-needed
-Applied-Upstream: 2.4.57
-Reviewed-By: Yadd <yadd@debian.org>
-Last-Update: 2023-04-01
-
---- a/modules/mappers/mod_rewrite.c
-+++ b/modules/mappers/mod_rewrite.c
-@@ -3854,6 +3854,7 @@
-     if (*(a2_end-1) == '?') {
-         /* a literal ? at the end of the unsubstituted rewrite rule */
-         newrule->flags |= RULEFLAG_QSNONE;
-+	*(a2_end-1) = '\0'; /* trailing ? has done its job */
-     }
-     else if (newrule->flags & RULEFLAG_QSDISCARD) {
-         if (NULL == ap_strchr(newrule->output, '?')) {
diff --git a/debian/patches/reproducible_builds.diff b/debian/patches/reproducible_builds.diff
index 36f71e2..8f48922 100644
--- a/debian/patches/reproducible_builds.diff
+++ b/debian/patches/reproducible_builds.diff
@@ -18,7 +18,7 @@ Last-Update: 2015-08-11
 -#endif
 +static const char server_built[] = BUILD_DATETIME;
  
- AP_DECLARE(const char *) ap_get_server_built()
+ AP_DECLARE(const char *) ap_get_server_built(void)
  {
 --- a/server/Makefile.in
 +++ b/server/Makefile.in
diff --git a/debian/patches/series b/debian/patches/series
index 6d73824..aa0aae4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,8 +4,6 @@ suexec-CVE-2007-1742.patch
 customize_apxs.patch
 build_suexec-custom.patch
 reproducible_builds.diff
-fix-2.4.56-regression.patch
-fix-2.4.56-regression-2.patch
 
 # This patch is applied manually
 #suexec-custom.patch
-- 
cgit v1.2.3