[AUTO-CHERRYPICK] Upgrade httpd to 2.4.61 to fix CVE-2024-38473 - branch main (#9819)

Co-authored-by: Tobias Brick <39196763+tobiasb-ms@users.noreply.github.com>

Author: CBL-Mariner-Bot

SPECS/httpd/httpd.signatures.json

@@ -5,7 +5,7 @@
   "01-ldap.conf": "cbbbdd396fe056e8ab167abd7b2cb5145b42210bfea38452968ff02a03493fc8",
   "01-session.conf": "51df0ceeb7dae9922817f4af0554f83fe01d6268025ee08260aeed69be3953d1",
   "10-listen443.conf": "fc7484790ec6328b9082e04083137551a5ae2e8f4d4696d9846b052915b6a0cb",
-  "httpd-2.4.59.tar.bz2": "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323",
+  "httpd-2.4.61.tar.bz2": "ea8ba86fd95bd594d15e46d25ac5bbda82ae0c9122ad93998cc539c133eaceb6",
   "httpd-init.service": "2501b44bdb02f583d98cc5296accbf0af36957b93ed5b871358aeb10a0512a7c",
   "httpd-ssl-gencerts": "ae96a94eeb0be8731c0bb976e5b878e0e5a196442a001c9e809bed3873f4755d",
   "httpd-ssl-pass-dialog": "b9bd4816dda673ad9294a0fbd2904fac9b96eabddb4d72080ae58b498bcd1db9",

SPECS/httpd/httpd.spec

@@ -2,7 +2,7 @@
 %define _confdir %{_sysconfdir}
 Summary:        The Apache HTTP Server
 Name:           httpd
-Version:        2.4.59
+Version:        2.4.61
 Release:        1%{?dist}
 License:        Apache-2.0
 Vendor:         Microsoft Corporation
@@ -345,6 +345,9 @@ fi
 %{_libexecdir}/httpd-ssl-pass-dialog
 
 %changelog
+* Thu Jul 11 2024 Tobias Brick <tobiasb@microsoft.com> - 2.4.61-1
+- Upgrade to 2.4.61 to address CVE-2024-38473
+
 * Tue Apr 30 2024 Sindhu Karri <lakarri@microsoft.com> - 2.4.59-1
 - Upgrade to 2.4.59 to fix CVE-2024-27316, CVE-2023-38709 & CVE-2024-24795
 

cgmanifest.json

@@ -5390,8 +5390,8 @@
         "type": "other",
         "other": {
           "name": "httpd",
-          "version": "2.4.59",
-          "downloadUrl": "https://archive.apache.org/dist/httpd/httpd-2.4.59.tar.bz2"
+          "version": "2.4.61",
+          "downloadUrl": "https://archive.apache.org/dist/httpd/httpd-2.4.61.tar.bz2"
         }
       }
     },