import httpd-2.4.37-43.module+el8.5.0+14370+51c6d843.2

This commit is contained in:
CentOS Sources 2022-03-15 05:10:36 -04:00 committed by Stepan Oksanichenko
parent 407b246534
commit e774410994
3 changed files with 47 additions and 1 deletions

View File

@ -0,0 +1,13 @@
diff --git a/server/scoreboard.c b/server/scoreboard.c
index 23e3d70..7b01bdf 100644
--- a/server/scoreboard.c
+++ b/server/scoreboard.c
@@ -376,7 +376,7 @@ AP_DECLARE(void) ap_increment_counts(ap_sb_handle_t *sb, request_rec *r)
if (pfn_ap_logio_get_last_bytes != NULL) {
bytes = pfn_ap_logio_get_last_bytes(r->connection);
}
- else if (r->method_number == M_GET && r->method[0] == 'H') {
+ else if (r->method_number == M_GET && r->method && r->method[0] == 'H') {
bytes = 0;
}
else {

View File

@ -0,0 +1,21 @@
diff --git a/server/util.c b/server/util.c
index e0c558c..2a5dd04 100644
--- a/server/util.c
+++ b/server/util.c
@@ -2460,13 +2460,12 @@ AP_DECLARE(char *) ap_escape_quotes(apr_pool_t *p, const char *instring)
* in front of every " that doesn't already have one.
*/
while (*inchr != '\0') {
- if ((*inchr == '\\') && (inchr[1] != '\0')) {
- *outchr++ = *inchr++;
- *outchr++ = *inchr++;
- }
if (*inchr == '"') {
*outchr++ = '\\';
}
+ if ((*inchr == '\\') && (inchr[1] != '\0')) {
+ *outchr++ = *inchr++;
+ }
if (*inchr != '\0') {
*outchr++ = *inchr++;
}

View File

@ -13,7 +13,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.37
Release: 43%{?dist}.1
Release: 43%{?dist}.2
URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source2: httpd.logrotate
@ -198,6 +198,10 @@ Patch214: httpd-2.4.37-CVE-2021-40438.patch
Patch215: httpd-2.4.37-CVE-2021-26691.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2034674
Patch216: httpd-2.4.37-CVE-2021-44790.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2005128
Patch217: httpd-2.4.37-CVE-2021-34798.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2005119
Patch218: httpd-2.4.37-CVE-2021-39275.patch
License: ASL 2.0
Group: System Environment/Daemons
@ -394,6 +398,8 @@ interface for storing and accessing per-user session data.
%patch214 -p1 -b .CVE-2021-40438
%patch215 -p1 -b .CVE-2021-26691
%patch216 -p1 -b .CVE-2021-44790
%patch217 -p1 -b .CVE-2021-34798
%patch218 -p1 -b .CVE-2021-39275
# Patch in the vendor string
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@ -899,6 +905,12 @@ rm -rf $RPM_BUILD_ROOT
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Fri Feb 25 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-43.2
- Resolves: #2059256 - CVE-2021-34798 httpd:2.4/httpd: NULL pointer dereference
via malformed requests
- Resolves: #2059257 - CVE-2021-39275 httpd:2.4/httpd: out-of-bounds write in
ap_escape_quotes() via malicious input
* Mon Jan 10 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.37-43.1
- Resolves: #2035062 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer
overflow when parsing multipart content