import CS mod_security-2.9.6-3.el9
This commit is contained in:
parent
31a3d8b704
commit
6e1a380098
48
SOURCES/mod_security-2.9.6-CVE-2025-47947.patch
Normal file
48
SOURCES/mod_security-2.9.6-CVE-2025-47947.patch
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2025-47947
|
||||||
|
|
||||||
|
https://github.com/owasp-modsecurity/ModSecurity/commit/26161b907e792e53d01c7293e630240db13e28b3
|
||||||
|
|
||||||
|
--- modsecurity-2.9.6/apache2/modsecurity.h.cve47947
|
||||||
|
+++ modsecurity-2.9.6/apache2/modsecurity.h
|
||||||
|
@@ -693,6 +693,7 @@
|
||||||
|
unsigned int value_origin_offset;
|
||||||
|
unsigned int value_origin_len;
|
||||||
|
const char *origin;
|
||||||
|
+ unsigned int marked_for_sanitization;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct msc_string {
|
||||||
|
--- modsecurity-2.9.6/apache2/msc_json.c.cve47947
|
||||||
|
+++ modsecurity-2.9.6/apache2/msc_json.c
|
||||||
|
@@ -58,6 +58,7 @@
|
||||||
|
arg->name, arg->value);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ arg->marked_for_sanitization = 0;
|
||||||
|
apr_table_addn(msr->arguments,
|
||||||
|
log_escape_nq_ex(msr->mp, arg->name, arg->name_len), (void *) arg);
|
||||||
|
|
||||||
|
--- modsecurity-2.9.6/apache2/msc_parsers.c.cve47947
|
||||||
|
+++ modsecurity-2.9.6/apache2/msc_parsers.c
|
||||||
|
@@ -340,6 +340,7 @@
|
||||||
|
*/
|
||||||
|
void add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg)
|
||||||
|
{
|
||||||
|
+ arg->marked_for_sanitization = 0;
|
||||||
|
if (msr->txcfg->debuglog_level >= 5) {
|
||||||
|
msr_log(msr, 5, "Adding request argument (%s): name \"%s\", value \"%s\"",
|
||||||
|
arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len),
|
||||||
|
--- modsecurity-2.9.6/apache2/re_actions.c.cve47947
|
||||||
|
+++ modsecurity-2.9.6/apache2/re_actions.c
|
||||||
|
@@ -1413,8 +1413,9 @@
|
||||||
|
telts = (const apr_table_entry_t*)tarr->elts;
|
||||||
|
for (i = 0; i < tarr->nelts; i++) {
|
||||||
|
msc_arg *arg = (msc_arg *)telts[i].val;
|
||||||
|
- if (strcasecmp(sargname, arg->name) == 0) {
|
||||||
|
+ if (arg->marked_for_sanitization == 0 && strcasecmp(sargname, arg->name) == 0) {
|
||||||
|
apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
|
||||||
|
+ arg->marked_for_sanitization = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
break;
|
||||||
25
SOURCES/mod_security-2.9.6-CVE-2025-48866.patch
Normal file
25
SOURCES/mod_security-2.9.6-CVE-2025-48866.patch
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
From 614c6e18a734bd31a483abc2fa2faf217dcb81c3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ervin Hegedus <airween@gmail.com>
|
||||||
|
Date: Sat, 24 May 2025 12:04:39 +0200
|
||||||
|
Subject: [PATCH] fix: add ARGS to sanitize list only if it's not added yet in
|
||||||
|
case of sanitizeArg
|
||||||
|
|
||||||
|
---
|
||||||
|
apache2/re_actions.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/apache2/re_actions.c b/apache2/re_actions.c
|
||||||
|
index 4a922d27f..febc4759e 100644
|
||||||
|
--- a/apache2/re_actions.c
|
||||||
|
+++ b/apache2/re_actions.c
|
||||||
|
@@ -1455,8 +1455,9 @@ static apr_status_t msre_action_sanitizeArg_execute(modsec_rec *msr, apr_pool_t
|
||||||
|
for (i = 0; i < tarr->nelts; i++) {
|
||||||
|
msc_arg *arg = (msc_arg *)telts[i].val;
|
||||||
|
|
||||||
|
- if (strcasecmp(sargname, arg->name) == 0) {
|
||||||
|
+ if (arg->marked_for_sanitization == 0 && strcasecmp(sargname, arg->name) == 0) {
|
||||||
|
apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
|
||||||
|
+ arg->marked_for_sanitization = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@ -10,7 +10,7 @@
|
|||||||
Summary: Security module for the Apache HTTP Server
|
Summary: Security module for the Apache HTTP Server
|
||||||
Name: mod_security
|
Name: mod_security
|
||||||
Version: 2.9.6
|
Version: 2.9.6
|
||||||
Release: 1%{?dist}
|
Release: 3%{?dist}
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: http://www.modsecurity.org/
|
URL: http://www.modsecurity.org/
|
||||||
Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
|
Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
|
||||||
@ -21,6 +21,10 @@ Patch0: modsecurity-2.9.3-lua-54.patch
|
|||||||
Patch1: modsecurity-2.9.3-apulibs.patch
|
Patch1: modsecurity-2.9.3-apulibs.patch
|
||||||
Patch2: mod_security-2.9.3-remote-rules-timeout.patch
|
Patch2: mod_security-2.9.3-remote-rules-timeout.patch
|
||||||
|
|
||||||
|
# Security patches
|
||||||
|
Patch100: mod_security-2.9.6-CVE-2025-47947.patch
|
||||||
|
Patch101: mod_security-2.9.6-CVE-2025-48866.patch
|
||||||
|
|
||||||
Requires: httpd httpd-mmn = %{_httpd_mmn}
|
Requires: httpd httpd-mmn = %{_httpd_mmn}
|
||||||
%if 0%{?fedora} || 0%{?rhel} > 7
|
%if 0%{?fedora} || 0%{?rhel} > 7
|
||||||
# Ensure apache user exists for file ownership
|
# Ensure apache user exists for file ownership
|
||||||
@ -143,6 +147,14 @@ install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Aug 19 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-3
|
||||||
|
- Resolves: RHEL-100098 - mod_security: ModSecurity Denial of Service
|
||||||
|
Vulnerability (CVE-2025-48866)
|
||||||
|
|
||||||
|
* Mon Aug 18 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-2
|
||||||
|
- Resolves: RHEL-93014 - mod_security: ModSecurity Has Possible DoS
|
||||||
|
Vulnerability (CVE-2025-47947)
|
||||||
|
|
||||||
* Wed Nov 16 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-1
|
* Wed Nov 16 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.9.6-1
|
||||||
- new version 2.9.6
|
- new version 2.9.6
|
||||||
- Resolves: #2143211 - [RFE] upgrade mod_security to 2.9.6
|
- Resolves: #2143211 - [RFE] upgrade mod_security to 2.9.6
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user