Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request
smuggling
This commit is contained in:
		
							parent
							
								
									3bed4484eb
								
							
						
					
					
						commit
						4e955b0b8d
					
				
							
								
								
									
										26
									
								
								httpd-2.4.53-CVE-2022-26377.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								httpd-2.4.53-CVE-2022-26377.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,26 @@ | ||||
| diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c
 | ||||
| index e2992fc..46d42bc 100644
 | ||||
| --- a/modules/proxy/mod_proxy_ajp.c
 | ||||
| +++ b/modules/proxy/mod_proxy_ajp.c
 | ||||
| @@ -246,9 +246,18 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
 | ||||
|      /* read the first block of data */ | ||||
|      input_brigade = apr_brigade_create(p, r->connection->bucket_alloc); | ||||
|      tenc = apr_table_get(r->headers_in, "Transfer-Encoding"); | ||||
| -    if (tenc && (ap_cstr_casecmp(tenc, "chunked") == 0)) {
 | ||||
| -        /* The AJP protocol does not want body data yet */
 | ||||
| -        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00870) "request is chunked");
 | ||||
| +    if (tenc) {
 | ||||
| +        if (ap_cstr_casecmp(tenc, "chunked") == 0) {
 | ||||
| +            /* The AJP protocol does not want body data yet */
 | ||||
| +            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00870)
 | ||||
| +                          "request is chunked");
 | ||||
| +        }
 | ||||
| +        else {
 | ||||
| +            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10396)
 | ||||
| +                          "%s Transfer-Encoding is not supported",
 | ||||
| +                          tenc);
 | ||||
| +            return HTTP_INTERNAL_SERVER_ERROR;
 | ||||
| +        }
 | ||||
|      } else { | ||||
|          /* Get client provided Content-Length header */ | ||||
|          content_length = get_content_length(r); | ||||
							
								
								
									
										11
									
								
								httpd.spec
									
									
									
									
									
								
							
							
						
						
									
										11
									
								
								httpd.spec
									
									
									
									
									
								
							| @ -13,7 +13,7 @@ | ||||
| Summary: Apache HTTP Server | ||||
| Name: httpd | ||||
| Version: 2.4.53 | ||||
| Release: 6%{?dist} | ||||
| Release: 7%{?dist} | ||||
| URL: https://httpd.apache.org/ | ||||
| Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 | ||||
| Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc | ||||
| @ -116,7 +116,8 @@ Patch67: httpd-2.4.51-r1811831.patch | ||||
| Patch68: httpd-2.4.53-r1878890.patch | ||||
| 
 | ||||
| # Security fixes | ||||
| #Patch200: patchname | ||||
| # https://bugzilla.redhat.com/show_bug.cgi?id=2094997 | ||||
| Patch200: httpd-2.4.53-CVE-2022-26377.patch | ||||
| 
 | ||||
| License: ASL 2.0 | ||||
| BuildRequires: gcc, autoconf, pkgconfig, findutils, xmlto | ||||
| @ -284,6 +285,8 @@ written in the Lua programming language. | ||||
| %patch67 -p1 -b .r1811831 | ||||
| %patch68 -p1 -b .r1878890 | ||||
| 
 | ||||
| ##patch200 -p1 -b .CVE-2022-26377 | ||||
| 
 | ||||
| # Patch in the vendor string | ||||
| sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h | ||||
| sed -i 's/@RELEASE@/%{release}/' server/core.c | ||||
| @ -842,6 +845,10 @@ exit $rv | ||||
| %{_rpmconfigdir}/macros.d/macros.httpd | ||||
| 
 | ||||
| %changelog | ||||
| * Wed Jul 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7 | ||||
| - Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request | ||||
|   smuggling | ||||
| 
 | ||||
| * Mon Jun 27 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-6 | ||||
| - Related: #2065677 - httpd minimisation for ubi-micro | ||||
| 
 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user