diff --git a/SOURCES/httpd-2.4.34-CVE-2021-44790.patch b/SOURCES/httpd-2.4.34-CVE-2021-44790.patch new file mode 100644 index 0000000..fb73564 --- /dev/null +++ b/SOURCES/httpd-2.4.34-CVE-2021-44790.patch @@ -0,0 +1,12 @@ +diff --git a/modules/lua/lua_request.c b/modules/lua/lua_request.c +index f9f9ae6..1afe333 100644 +--- a/modules/lua/lua_request.c ++++ b/modules/lua/lua_request.c +@@ -376,6 +376,7 @@ static int req_parsebody(lua_State *L) + if (end == NULL) break; + key = (char *) apr_pcalloc(r->pool, 256); + filename = (char *) apr_pcalloc(r->pool, 256); ++ if (end - crlf <= 8) break; + vlen = end - crlf - 8; + buffer = (char *) apr_pcalloc(r->pool, vlen+1); + memcpy(buffer, crlf + 4, vlen); diff --git a/SPECS/httpd.spec b/SPECS/httpd.spec index 4f53c20..678a5d1 100644 --- a/SPECS/httpd.spec +++ b/SPECS/httpd.spec @@ -51,7 +51,7 @@ Summary: Apache HTTP Server Name: %{?scl:%scl_prefix}httpd Version: 2.4.34 -Release: 22%{?dist}.1 +Release: 23%{?dist}.1 URL: http://httpd.apache.org/ Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -176,8 +176,10 @@ Patch210: httpd-2.4.34-CVE-2020-9490.patch Patch211: httpd-2.4.34-CVE-2020-11984.patch # httpd-2.4.34-CVE-2020-11993.patch Patch212: httpd-2.4.34-CVE-2020-11993.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=2007237 +# https://bugzilla.redhat.com/show_bug.cgi?id=2005117 Patch213: httpd-2.4.34-CVE-2021-40438.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2034674 +Patch214: httpd-2.4.34-CVE-2021-44790.patch License: ASL 2.0 Group: System Environment/Daemons @@ -398,6 +400,7 @@ export LD_LIBRARY_PATH=%{_libdir}:$LD_LIBRARY_PATH %patch211 -p1 -b .CVE-2020-11984 %patch212 -p1 -b .CVE-2020-11993 %patch213 -p1 -b .CVE-2021-40438 +%patch214 -p1 -b .CVE-2021-44790 # Patch in the vendor string and the release string sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h @@ -1056,8 +1059,12 @@ rm -rf $RPM_BUILD_ROOT %endif %changelog -* Thu Sep 30 2021 Luboš Uhliarik - 2.4.34-22.1 -- Resolves: #2007237 - CVE-2021-40438 httpd24-httpd: httpd: mod_proxy: SSRF via +* Mon Jan 10 2022 Luboš Uhliarik - 2.4.34-23.1 +- Resolves: #2035056 - CVE-2021-44790 httpd24-httpd: httpd: mod_lua: possible + buffer overflow when parsing multipart content + +* Thu Sep 30 2021 Luboš Uhliarik - 2.4.34-23 +- Resolves: #2007238 - CVE-2021-40438 httpd24-httpd: httpd: mod_proxy: SSRF via a crafted request uri-path * Mon Sep 21 2020 Lubos Uhliarik - 2.4.34-22