From 2c099b23f232e588648c34f040589a09836ce2cc Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Wed, 3 Sep 2025 13:29:09 +0000
Subject: [PATCH] import UBI
 mod_http2-1.15.7-10.module+el8.10.0+23369+11a81384.4

---
 SOURCES/mod_http2-1.15.7-CVE-2025-49630.patch | 33 +++++++++++++++++++
 SPECS/mod_http2.spec                          |  9 ++++-
 2 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/mod_http2-1.15.7-CVE-2025-49630.patch

diff --git a/SOURCES/mod_http2-1.15.7-CVE-2025-49630.patch b/SOURCES/mod_http2-1.15.7-CVE-2025-49630.patch
new file mode 100644
index 0000000..80c07a2
--- /dev/null
+++ b/SOURCES/mod_http2-1.15.7-CVE-2025-49630.patch
@@ -0,0 +1,33 @@
+From 349248060f2bff5f4592fda1917f83ba9e70bf3f Mon Sep 17 00:00:00 2001
+From: Eric Covener <covener@apache.org>
+Date: Mon, 7 Jul 2025 11:53:43 +0000
+Subject: [PATCH] tolerate missing host header in h2 proxy
+
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1927036 13f79535-47bb-0310-9956-ffa450edef68
+---
+ mod_http2/h2_proxy_session.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/mod_http2/h2_proxy_session.c b/mod_http2/h2_proxy_session.c
+index 5f64dbc..4effb36 100644
+--- a/mod_http2/h2_proxy_session.c
++++ b/mod_http2/h2_proxy_session.c
+@@ -738,6 +738,18 @@ static apr_status_t open_stream(h2_proxy_session *session, const char *url,
+     dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
+     if (dconf->preserve_host) {
+         authority = r->hostname;
++        if (!authority) {
++            /* Duplicate mod_proxy behaviour if ProxyPreserveHost is
++             * used but an "HTTP/0.9" request is received without a
++             * Host: header */
++            authority = r->server->server_hostname;
++            ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(10511)
++                          "HTTP/0.9 request (with no host line) "
++                          "on incoming request and preserve host set "
++                          "forcing hostname to be %s for uri %s",
++                          authority, r->uri);
++            apr_table_setn(r->headers_in, "Host", authority);
++        }
+     }
+     else {
+         authority = puri.hostname;
diff --git a/SPECS/mod_http2.spec b/SPECS/mod_http2.spec
index 0dd6446..2670c8c 100644
--- a/SPECS/mod_http2.spec
+++ b/SPECS/mod_http2.spec
@@ -3,7 +3,7 @@
 
 Name:		mod_http2
 Version:	1.15.7
-Release:	10%{?dist}.3
+Release:	10%{?dist}.4
 Summary:	module implementing HTTP/2 for Apache 2
 Group:		System Environment/Daemons
 License:	ASL 2.0
@@ -28,6 +28,8 @@ Patch10:	mod_http2-1.15.7-wrong-cl-proxy-resp-handling.patch
 Patch11:	mod_http2-1.15.7-r1918628.patch
 # https://issues.redhat.com/browse/RHEL-59017
 Patch12:	mod_http2-1.15.7-fix-mood-change.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=2374578
+Patch13:	mod_http2-1.15.7-CVE-2025-49630.patch
 
 BuildRequires:	pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2
 Requires:	httpd-mmn = %{_httpd_mmn}
@@ -51,6 +53,7 @@ top of libnghttp2 for httpd 2.4 servers.
 %patch10 -p1 -b .wrong-cl-proxy-resp-handling
 %patch11 -p1 -b .r1918628
 %patch12 -p1 -b .fix-mood-change
+%patch13 -p1 -b .CVE-2025-49630
 
 %build
 %configure
@@ -77,6 +80,10 @@ make check
 %{_httpd_moddir}/mod_proxy_http2.so
 
 %changelog
+* Mon Jul 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.4
+- Resolves: RHEL-105186 - httpd:2.4/httpd: untrusted input from a client causes
+  an assertion to fail in the Apache mod_proxy_http2 module (CVE-2025-49630)
+
 * Tue Jan 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.3
 - Resolves: RHEL-58454 - mod_proxy_http2 failures after CVE-2024-38477 fix
 - Resolves: RHEL-59017 - random failures in other requests on http/2 stream