diff --git a/SOURCES/httpd-2.4.37-CVE-2020-13950.patch b/SOURCES/httpd-2.4.37-CVE-2020-13950.patch new file mode 100644 index 0000000..419a635 --- /dev/null +++ b/SOURCES/httpd-2.4.37-CVE-2020-13950.patch @@ -0,0 +1,12 @@ +diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c +index 5786ea8..7da9bde 100644 +--- a/modules/proxy/mod_proxy_http.c ++++ b/modules/proxy/mod_proxy_http.c +@@ -637,7 +637,6 @@ static int ap_proxy_http_prefetch(proxy_http_req_t *req, + "chunked body with Content-Length (C-L ignored)", + c->client_ip, c->remote_host ? c->remote_host: ""); + req->old_cl_val = NULL; +- origin->keepalive = AP_CONN_CLOSE; + p_conn->close = 1; + } + diff --git a/SPECS/httpd.spec b/SPECS/httpd.spec index daa6a90..866e4cf 100644 --- a/SPECS/httpd.spec +++ b/SPECS/httpd.spec @@ -13,7 +13,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.4.37 -Release: 47%{?dist}.1 +Release: 47%{?dist}.2 URL: https://httpd.apache.org/ Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source2: httpd.logrotate @@ -216,6 +216,8 @@ Patch221: httpd-2.4.37-CVE-2021-44790.patch Patch222: httpd-2.4.37-CVE-2021-44224.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2064321 Patch223: httpd-2.4.37-CVE-2022-22720.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1966738 +Patch224: httpd-2.4.37-CVE-2020-13950.patch License: ASL 2.0 Group: System Environment/Daemons @@ -421,6 +423,7 @@ interface for storing and accessing per-user session data. %patch221 -p1 -b .CVE-2021-44790 %patch222 -p1 -b .CVE-2021-44224 %patch223 -p1 -b .CVE-2022-22720 +%patch224 -p1 -b .CVE-2020-13950 # Patch in the vendor string sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h @@ -926,6 +929,10 @@ rm -rf $RPM_BUILD_ROOT %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Wed Jun 15 2022 Luboš Uhliarik - 2.4.37-47.2 +- Resolves: #2097247 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer + dereference + * Mon Mar 21 2022 Luboš Uhliarik - 2.4.37-47.1 - Resolves: #2065248 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier