From d4addd14c0c1122c0a597c1da180f694bcfd5754 Mon Sep 17 00:00:00 2001
From: Sebastian Kemper <sebastian_ml@gmx.net>
Date: Sat, 8 Aug 2020 16:15:43 +0200
Subject: [PATCH] apache: security bump to 2.4.46

From CHANGES_2.4:

SECURITY: CVE-2020-11984 (cve.mitre.org)
  mod_proxy_uwsgi: Malicious request may result in information disclosure
  or RCE of existing file on the server running under a malicious process
  environment. [Yann Ylavic]

SECURITY: CVE-2020-11993 (cve.mitre.org)
  mod_http2: when throttling connection requests, log statements
  where possibly made that result in concurrent, unsafe use of
  a memory pool. [Stefan Eissing]

SECURITY:
  mod_http2: a specially crafted value for the 'Cache-Digest' header
  request would result in a crash when the server actually tries
  to HTTP/2 PUSH a resource afterwards.
  [Stefan Eissing, Eric Covener, Christophe Jaillet]

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
---
 net/apache/Makefile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/net/apache/Makefile b/net/apache/Makefile
index 34677a113..5f80646c8 100644
--- a/net/apache/Makefile
+++ b/net/apache/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=apache
-PKG_VERSION:=2.4.43
-PKG_RELEASE:=2
+PKG_VERSION:=2.4.46
+PKG_RELEASE:=1
 PKG_SOURCE_NAME:=httpd
 
 PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=@APACHE/httpd/
-PKG_HASH:=a497652ab3fc81318cdc2a203090a999150d86461acff97c1065dc910fe10f43
+PKG_HASH:=740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)