octave: apply usual fix for build with opaque __sFILE:
Patch gnulib/fseeko.c. gnulib is doing this to make fflush() behaivour
to match what they expect. It accesses internal of __sFILE to change
behavior of fseeko(), but we are hiding internal of __sFILE and our
fseeko() is compatible with what gnulib expects already. Then the
patch is to just use our fseeko().
fix build with libc++ 19 (From FreeBSD)
As noted in the libc++ 19 release notes [1], std::char_traits<> is now
only provided for char, char8_t, char16_t, char32_t and wchar_t, and any
instantiation for other types will fail.
[1] https://libcxx.llvm.org/ReleaseNotes/19.html#deprecations-and-removal
fix build with libc++ 19 (From FreeBSD)
As noted in the libc++ 19 release notes [1], std::char_traits<> is now
only provided for char, char8_t, char16_t, char32_t and wchar_t, and any
instantiation for other types will fail.
[1] https://libcxx.llvm.org/ReleaseNotes/19.html#deprecations-and-removals
Patch gnulib/fseeko.c. gnulib is doing this to make fflush() behaivour
to match what they expect. It accesses internal of __sFILE to change
behavior of fseeko(), but we are hiding internal of __sFILE and our
fseeko() is compatible with what gnulib expects already. Then the
patch is to just use our fseeko().
feedbacks from tb guenther beck
ok sthen
update to apache-httpd-2.4.64, same diff/ok giovanni@, various CVEs
low:
- SSRF with mod_headers setting Content-Type header (CVE-2024-43204)
- mod_ssl error log variable escaping (CVE-2024-47252)
- mod_proxy_http2 denial of service (CVE-2025-49630)
moderate:
- HTTP response splitting (CVE-2024-42516)
- SSRF on Windows due to UNC paths (CVE-2024-43394)
- mod_ssl access control bypass with session resumption (CVE-2025-23048)
- mod_ssl TLS upgrade attack (CVE-2025-49812)
- HTTP/2 DoS by Memory Increase (CVE-2025-53020)
update to apache-httpd-2.4.64, same diff/ok giovanni@, various CVEs
low:
- SSRF with mod_headers setting Content-Type header (CVE-2024-43204)
- mod_ssl error log variable escaping (CVE-2024-47252)
- mod_proxy_http2 denial of service (CVE-2025-49630)
moderate:
- HTTP response splitting (CVE-2024-42516)
- SSRF on Windows due to UNC paths (CVE-2024-43394)
- mod_ssl access control bypass with session resumption (CVE-2025-23048)
- mod_ssl TLS upgrade attack (CVE-2025-49812)
- HTTP/2 DoS by Memory Increase (CVE-2025-53020)