From patchwork Wed Sep 20 19:08:52 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 1423 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 4BF276147E for ; Wed, 20 Sep 2017 11:09:00 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 1367F1640; Wed, 20 Sep 2017 11:08:58 +0200 (CEST) Received: from Devel.localdomain (p5DD83A95.dip0.t-ipconnect.de [93.216.58.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 615E1135E for ; Wed, 20 Sep 2017 11:08:57 +0200 (CEST) From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH] apache2: Import patch for CVE-2017-9798 ("optionsbleed") Date: Wed, 20 Sep 2017 11:08:52 +0200 Message-Id: <20170920090852.1276-1-matthias.fischer@ipfire.org> X-Mailer: git-send-email 2.14.1 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Imported from: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch For details see: https://nvd.nist.gov/vuln/detail/CVE-2017-9798 Best, Matthias Signed-off-by: Matthias Fischer --- lfs/apache2 | 2 +- src/patches/apache-2.4.27-CVE-2017-9798-fix.patch | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 src/patches/apache-2.4.27-CVE-2017-9798-fix.patch diff --git a/lfs/apache2 b/lfs/apache2 index e434d1b24..b7a741614 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -76,7 +76,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-PR61382-fix.patch - + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "" >> $(DIR_APP)/config.layout diff --git a/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch new file mode 100644 index 000000000..eb82c8bcd --- /dev/null +++ b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch @@ -0,0 +1,15 @@ +--- server/core.c 2017/08/16 16:50:29 1805223 ++++ server/core.c 2017/09/08 13:13:11 1807754 +@@ -2262,6 +2262,12 @@ + /* method has not been registered yet, but resource restriction + * is always checked before method handling, so register it. + */ ++ if (cmd->pool == cmd->temp_pool) { ++ /* In .htaccess, we can't globally register new methods. */ ++ return apr_psprintf(cmd->pool, "Could not register method '%s' " ++ "for %s from .htaccess configuration", ++ method, cmd->cmd->name); ++ } + methnum = ap_method_register(cmd->pool, + apr_pstrdup(cmd->pool, method)); + }