diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
commit | 1221c736f9a90756d47ea6d28320b6b83602dd2a (patch) | |
tree | b453ba7b1393205258c9b098a773b4330984672f /debian/patches/CVE-2021-44790.patch | |
parent | Adding upstream version 2.4.38. (diff) | |
download | apache2-f35b715de7e7c7bbfee87ecb39ca91936e294a35.tar.xz apache2-f35b715de7e7c7bbfee87ecb39ca91936e294a35.zip |
Adding debian version 2.4.38-3+deb10u8.debian/2.4.38-3+deb10u8
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/CVE-2021-44790.patch')
-rw-r--r-- | debian/patches/CVE-2021-44790.patch | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/debian/patches/CVE-2021-44790.patch b/debian/patches/CVE-2021-44790.patch new file mode 100644 index 0000000..dbba745 --- /dev/null +++ b/debian/patches/CVE-2021-44790.patch @@ -0,0 +1,18 @@ +Description: Improve error handling +Author: Stefan Eissing <icing@apache.org> +Origin: upstream, https://github.com/apache/httpd/commit/07b9768c +Bug: https://security-tracker.debian.org/tracker/CVE-2021-44790 +Forwarded: not-needed +Reviewed-By: Yadd <yadd@debian.org> +Last-Update: 2021-12-21 + +--- a/modules/lua/lua_request.c ++++ b/modules/lua/lua_request.c +@@ -376,6 +376,7 @@ + if (end == NULL) break; + key = (char *) apr_pcalloc(r->pool, 256); + filename = (char *) apr_pcalloc(r->pool, 256); ++ if (end - crlf <= 8) break; + vlen = end - crlf - 8; + buffer = (char *) apr_pcalloc(r->pool, vlen+1); + memcpy(buffer, crlf + 4, vlen); |