Merge branch 'c8-stream-2.4' into a8-stream-2.4
This commit is contained in:
commit
9b0dd37f86
13
SOURCES/httpd-2.4.37-CVE-2021-26691.patch
Normal file
13
SOURCES/httpd-2.4.37-CVE-2021-26691.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
|
||||
index 049255d..af70f6b 100644
|
||||
--- a/modules/session/mod_session.c
|
||||
+++ b/modules/session/mod_session.c
|
||||
@@ -317,7 +317,7 @@ static apr_status_t ap_session_set(request_rec * r, session_rec * z,
|
||||
static int identity_count(void *v, const char *key, const char *val)
|
||||
{
|
||||
int *count = v;
|
||||
- *count += strlen(key) * 3 + strlen(val) * 3 + 1;
|
||||
+ *count += strlen(key) * 3 + strlen(val) * 3 + 2;
|
||||
return 1;
|
||||
}
|
||||
|
29
SOURCES/httpd-2.4.37-CVE-2021-40438.patch
Normal file
29
SOURCES/httpd-2.4.37-CVE-2021-40438.patch
Normal file
@ -0,0 +1,29 @@
|
||||
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
|
||||
index f383996..6a9ef55 100644
|
||||
--- a/modules/proxy/mod_proxy.c
|
||||
+++ b/modules/proxy/mod_proxy.c
|
||||
@@ -1717,7 +1717,8 @@ PROXY_DECLARE(const char *) ap_proxy_de_socketfy(apr_pool_t *p, const char *url)
|
||||
* the UDS path... ignore it
|
||||
*/
|
||||
if (!strncasecmp(url, "unix:", 5) &&
|
||||
- ((ptr = ap_strchr_c(url, '|')) != NULL)) {
|
||||
+ ((ptr = ap_strchr_c(url + 5, '|')) != NULL)) {
|
||||
+
|
||||
/* move past the 'unix:...|' UDS path info */
|
||||
const char *ret, *c;
|
||||
|
||||
diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
|
||||
index 7714b6c..421f910 100644
|
||||
--- a/modules/proxy/proxy_util.c
|
||||
+++ b/modules/proxy/proxy_util.c
|
||||
@@ -2090,8 +2090,8 @@ static void fix_uds_filename(request_rec *r, char **url)
|
||||
if (!r || !r->filename) return;
|
||||
|
||||
if (!strncmp(r->filename, "proxy:", 6) &&
|
||||
- (ptr2 = ap_strcasestr(r->filename, "unix:")) &&
|
||||
- (ptr = ap_strchr(ptr2, '|'))) {
|
||||
+ !ap_cstr_casecmpn(r->filename + 6, "unix:", 5) &&
|
||||
+ (ptr2 = r->filename + 6 + 5, ptr = ap_strchr(ptr2, '|'))) {
|
||||
apr_uri_t urisock;
|
||||
apr_status_t rv;
|
||||
*ptr = '\0';
|
@ -1,4 +1,3 @@
|
||||
%global dist %{?dist}.alma
|
||||
%define contentdir %{_datadir}/httpd
|
||||
%define docroot /var/www
|
||||
%define suexec_caller apache
|
||||
@ -14,7 +13,7 @@
|
||||
Summary: Apache HTTP Server
|
||||
Name: httpd
|
||||
Version: 2.4.37
|
||||
Release: 39%{?dist}
|
||||
Release: 39%{?dist}.1.alma
|
||||
URL: https://httpd.apache.org/
|
||||
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
||||
Source2: httpd.logrotate
|
||||
@ -180,6 +179,10 @@ Patch209: httpd-2.4.37-CVE-2020-1934.patch
|
||||
Patch210: httpd-2.4.37-CVE-2018-17199.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1866563
|
||||
Patch211: httpd-2.4.37-CVE-2020-11984.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2005117
|
||||
Patch212: httpd-2.4.37-CVE-2021-40438.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1966732
|
||||
Patch213: httpd-2.4.37-CVE-2021-26691.patch
|
||||
|
||||
License: ASL 2.0
|
||||
Group: System Environment/Daemons
|
||||
@ -366,6 +369,8 @@ interface for storing and accessing per-user session data.
|
||||
%patch209 -p1 -b .CVE-2020-1934
|
||||
%patch210 -p1 -b .CVE-2018-17199
|
||||
%patch211 -p1 -b .CVE-2020-11984
|
||||
%patch212 -p1 -b .CVE-2021-40438
|
||||
%patch213 -p1 -b .CVE-2021-26691
|
||||
|
||||
# Patch in the vendor string
|
||||
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
|
||||
@ -868,9 +873,15 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_rpmconfigdir}/macros.d/macros.httpd
|
||||
|
||||
%changelog
|
||||
* Tue Apr 20 2021 Andrew Lukoshko <alukoshko@almalinux.org> - 2.4.37-39.alma
|
||||
* Wed Oct 13 2021 Andrew Lukoshko <alukoshko@almalinux.org> - 2.4.37-39.1.alma
|
||||
- include AlmaLinux in version string
|
||||
|
||||
* Thu Sep 30 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-39.1
|
||||
- Resolves: #2007234 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via
|
||||
a crafted request uri-path
|
||||
- Resolves: #2007646 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in
|
||||
mod_session
|
||||
|
||||
* Tue Jan 26 2021 Artem Egorenkov <aegorenk@redhat.com> - 2.4.37-39
|
||||
- prevent htcacheclean from while break when first file processed
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user