1 files changed, 24 insertions, 0 deletions

diff --git a/debian/patches/0057-CVE-2023-25690-Regression-3.patch b/debian/patches/0057-CVE-2023-25690-Regression-3.patch
new file mode 100644
index 0000000..431f145
--- /dev/null
+++ b/debian/patches/0057-CVE-2023-25690-Regression-3.patch
@@ -0,0 +1,24 @@
+From 1a4aac3d209f4314bcb511d73cf12f8c25c8c984 Mon Sep 17 00:00:00 2001
+From: Eric Covener <covener@apache.org>
+Date: Sat, 11 Mar 2023 21:29:11 +0000
+Subject: [PATCH] followup to r1908296: only for redirects
+
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908299 13f79535-47bb-0310-9956-ffa450edef68
+---
+ modules/mappers/mod_rewrite.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+Index: apache2/modules/mappers/mod_rewrite.c
+===================================================================
+--- apache2.orig/modules/mappers/mod_rewrite.c
++++ apache2/modules/mappers/mod_rewrite.c
+@@ -4708,8 +4708,7 @@ static int hook_uri2file(request_rec *r)
+         unsigned skip_absolute = is_absolute_uri(r->filename, NULL);
+         apr_size_t flen =  r->filename ? strlen(r->filename) : 0;
+         int to_proxyreq = (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0);
+-        int will_escape = (to_proxyreq || skip_absolute)
+-            && (rulestatus != ACTION_NOESCAPE);
++        int will_escape = skip_absolute && (rulestatus != ACTION_NOESCAPE);
+ 
+         if (r->args
+                 && !will_escape