diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-25 04:41:28 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-25 04:41:28 +0000 |
commit | 2eeb62e38ae17a3523ad3cd81c3de9f20f9e7742 (patch) | |
tree | fe91033d4712f6d836006b998525656b9dd193b8 /debian/patches/CVE-2020-11984.patch | |
parent | Merging upstream version 2.4.59. (diff) | |
download | apache2-1b9588a34525d60065da3828773ba1c84c8cbcd0.tar.xz apache2-1b9588a34525d60065da3828773ba1c84c8cbcd0.zip |
Adding debian version 2.4.59-1~deb10u1.debian/2.4.59-1_deb10u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/CVE-2020-11984.patch')
-rw-r--r-- | debian/patches/CVE-2020-11984.patch | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/debian/patches/CVE-2020-11984.patch b/debian/patches/CVE-2020-11984.patch deleted file mode 100644 index 409f958..0000000 --- a/debian/patches/CVE-2020-11984.patch +++ /dev/null @@ -1,45 +0,0 @@ -Description: fix error out on HTTP header larger than 16K - The uwsgi protocol does not let us serialize more than 16K of HTTP header, - so fail early with 500 if it happens. -Author: ylavic -Origin: upstream, https://github.com/apache/httpd/commit/0c543e3f -Bug: https://security-tracker.debian.org/tracker/CVE-2020-11984 -Forwarded: not-needed -Reviewed-By: Xavier Guimard <yadd@debian.org> -Last-Update: 2020-08-25 - ---- a/modules/proxy/mod_proxy_uwsgi.c -+++ b/modules/proxy/mod_proxy_uwsgi.c -@@ -136,7 +136,7 @@ - int j; - - apr_size_t headerlen = 4; -- apr_uint16_t pktsize, keylen, vallen; -+ apr_size_t pktsize, keylen, vallen; - const char *script_name; - const char *path_info; - const char *auth; -@@ -177,6 +177,14 @@ - for (j = 0; j < env_table->nelts; ++j) { - headerlen += 2 + strlen(env[j].key) + 2 + strlen(env[j].val); - } -+ pktsize = headerlen - 4; -+ if (pktsize > APR_UINT16_MAX) { -+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10259) -+ "can't send headers to %s:%u: packet size too " -+ "large (%" APR_SIZE_T_FMT ")", -+ conn->hostname, conn->port, pktsize); -+ return HTTP_INTERNAL_SERVER_ERROR; -+ } - - ptr = buf = apr_palloc(r->pool, headerlen); - -@@ -196,8 +204,6 @@ - ptr += vallen; - } - -- pktsize = headerlen - 4; -- - buf[0] = 0; - buf[1] = (apr_byte_t) (pktsize & 0xff); - buf[2] = (apr_byte_t) ((pktsize >> 8) & 0xff); |