rpms/mod_http2
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: RHEL-58454 - mod_proxy_http2 failures after CVE-2024-38477 fix

Browse Source
This commit is contained in:
Luboš Uhliarik 2025-01-28 02:09:48 +01:00
parent de819c927b
commit f6b3b5472d
2 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
mod_http2-1.15.7-r1918628.patch Normal file
View File

@ -0,0 +1,21 @@
diff --git a/mod_http2/mod_proxy_http2.c b/mod_http2/mod_proxy_http2.c
index c3b2ad5..7443021 100644
--- a/mod_http2/mod_proxy_http2.c
+++ b/mod_http2/mod_proxy_http2.c
@@ -303,7 +303,7 @@ static int proxy_http2_handler(request_rec *r,
apr_port_t proxyport)
{
const char *proxy_func, *task_id;
- char *locurl = url, *u;
+ char *locurl, *u;
apr_size_t slen;
int is_ssl = 0;
apr_status_t status;
@@ -372,6 +372,7 @@ run_connect:
goto cleanup;
}
+ locurl = url;
ctx->p_conn->is_ssl = ctx->is_ssl;
/* Step One: Determine the URL to connect to (might be a proxy),

8
mod_http2.spec
View File

@ -3,7 +3,7 @@
Name: mod_http2 Name: mod_http2
Version: 1.15.7 Version: 1.15.7
Release: 10%{?dist}.2 Release: 10%{?dist}.3
Summary: module implementing HTTP/2 for Apache 2 Summary: module implementing HTTP/2 for Apache 2
Group: System Environment/Daemons Group: System Environment/Daemons
License: ASL 2.0 License: ASL 2.0
@ -24,6 +24,8 @@ Patch8: mod_http2-1.15.7-CVE-2024-27316.patch
Patch9: mod_http2-1.15.7-log-error-resp.patch Patch9: mod_http2-1.15.7-log-error-resp.patch
# https://issues.redhat.com/browse/RHEL-71575 # https://issues.redhat.com/browse/RHEL-71575
Patch10: mod_http2-1.15.7-wrong-cl-proxy-resp-handling.patch Patch10: mod_http2-1.15.7-wrong-cl-proxy-resp-handling.patch
# https://issues.redhat.com/browse/RHEL-58454
Patch11: mod_http2-1.15.7-r1918628.patch
BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2 BuildRequires: pkgconfig, httpd-devel >= 2.4.20, libnghttp2-devel >= 1.7.0, openssl-devel >= 1.0.2
Requires: httpd-mmn = %{_httpd_mmn} Requires: httpd-mmn = %{_httpd_mmn}
@ -45,6 +47,7 @@ top of libnghttp2 for httpd 2.4 servers.
%patch8 -p1 -b .CVE-2024-27316 %patch8 -p1 -b .CVE-2024-27316
%patch9 -p1 -b .log-error-resp %patch9 -p1 -b .log-error-resp
%patch10 -p1 -b .wrong-cl-proxy-resp-handling %patch10 -p1 -b .wrong-cl-proxy-resp-handling
%patch11 -p1 -b .r1918628
%build %build
%configure %configure
@ -71,6 +74,9 @@ make check
%{_httpd_moddir}/mod_proxy_http2.so %{_httpd_moddir}/mod_proxy_http2.so
%changelog %changelog
* Tue Jan 28 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.3
- Resolves: RHEL-58454 - mod_proxy_http2 failures after CVE-2024-38477 fix
* Tue Jan 07 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.2 * Tue Jan 07 2025 Luboš Uhliarik <luhliari@redhat.com> - 1.15.7-10.2
- Resolves: RHEL-71575: Wrong Content-Type when proxying using H2 protocol - Resolves: RHEL-71575: Wrong Content-Type when proxying using H2 protocol