Commit eb6bfe8b authored by Natanael Copa's avatar Natanael Copa

main/apache2: security upgrade to 2.2.22 (CVE-2012-0021, CVE-2012-0031,...

main/apache2: security upgrade to 2.2.22 (CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2011-3368, CVE-2011,3607)

low: mod_log_config crash CVE-2012-0021
low: scoreboard parent DoS CVE-2012-0031
moderate: error responses can expose cookies CVE-2012-0053
moderate: mod_proxy reverse proxy exposure CVE-2011-3368
low: mod_setenvif .htaccess privilege escalation CVE-2011-3607

This release also include the previosly patched:
moderate: mod_proxy reverse proxy exposure CVE-2011-4317

fixes #985
parent 9220c558
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=apache2
pkgver=2.2.21
pkgrel=1
pkgver=2.2.22
pkgrel=0
pkgdesc="A high performance Unix-based HTTP server"
url="http://httpd.apache.org/"
license="APACHE"
......@@ -31,8 +31,7 @@ source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2
httpd.conf
ssl.conf
ldap.conf
alpine.layout
CVE-2011-4317.patch"
alpine.layout"
prepare() {
cd "$srcdir"
......@@ -175,7 +174,7 @@ ldap() {
install -m644 -D "$srcdir"/ldap.conf "$subpkgdir"/etc/apache2/conf.d/ldap.conf
}
md5sums="1696ae62cd879ab1d4dd9ff021a470f2 httpd-2.2.21.tar.bz2
md5sums="9fe3093194c8a57f085ff7c3fc43715f httpd-2.2.22.tar.bz2
db42cfcc18ae1c32aaaff2347e35b79d 02-rename-prefork-to-itk.patch
72817bd3eddc56fd886ca4739c536261 03-add-mpm-to-build-system.patch
ee488f391054d528547c3a372faa2aa7 04-correct-output-makefile-location.patch
......@@ -192,5 +191,4 @@ e322b5211e49511cac6e40c86af1b1da apache2.confd
2df3891a45abcdc4083a2699ff7f26fc httpd.conf
5d0d024ca43571b863874ab871b2c109 ssl.conf
b70fe826486043e3953cfe21f9e6fa16 ldap.conf
c66ff5f70260d5266e6803a59b39bd7f alpine.layout
4c9b33458e4c8dea1be39f811da39be3 CVE-2011-4317.patch"
c66ff5f70260d5266e6803a59b39bd7f alpine.layout"
Index: modules/proxy/mod_proxy.c
===================================================================
--- httpd-2.2.21/modules/proxy/mod_proxy.c (revision 1179633)
+++ httpd-2.2.21/modules/proxy/mod_proxy.c (working copy)
@@ -566,6 +566,13 @@
return OK;
}
+ /* Check that the URI is valid. */
+ if (!r->uri || r->uri[0] != '/') {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Invalid URI in request %s", r->the_request);
+ return HTTP_BAD_REQUEST;
+ }
+
/* XXX: since r->uri has been manipulated already we're not really
* compliant with RFC1945 at this point. But this probably isn't
* an issue because this is a hybrid proxy/origin server.
Index: modules/mappers/mod_rewrite.c
===================================================================
--- httpd-2.2.21/modules/mappers/mod_rewrite.c (revision 1179633)
+++ httpd-2.2.21/modules/mappers/mod_rewrite.c (working copy)
@@ -4266,6 +4266,13 @@
return DECLINED;
}
+ /* Check that the URI is valid. */
+ if (!r->uri || r->uri[0] != '/') {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Invalid URI in request %s", r->the_request);
+ return HTTP_BAD_REQUEST;
+ }
+
/*
* add the SCRIPT_URL variable to the env. this is a bit complicated
* due to the fact that apache uses subrequests and internal redirects
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment