httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r21741 - in /release/httpd/patches: apply_to_2.2.34/CVE-2017-9798-patch-2.2.patch apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch
Date Thu, 21 Sep 2017 18:17:38 GMT
Author: wrowe
Date: Thu Sep 21 18:17:38 2017
New Revision: 21741

Log:
Add (correct) patches for convenience

Added:
    release/httpd/patches/apply_to_2.2.34/CVE-2017-9798-patch-2.2.patch
Modified:
    release/httpd/patches/apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch

Added: release/httpd/patches/apply_to_2.2.34/CVE-2017-9798-patch-2.2.patch
==============================================================================
--- release/httpd/patches/apply_to_2.2.34/CVE-2017-9798-patch-2.2.patch (added)
+++ release/httpd/patches/apply_to_2.2.34/CVE-2017-9798-patch-2.2.patch Thu Sep 21 18:17:38
2017
@@ -0,0 +1,27 @@
+# r1807754 (r1807655 from trunk)
+#
+# SECURITY (CVE-2017-9798)
+#
+# core: Disallow Methods' registration at run time (.htaccess), they may be
+# used only if registered at init time (httpd.conf).
+# 
+# Calling ap_method_register() in children processes is not the right scope
+# since it won't be shared for all requests.
+#
+Index: server/core.c
+===================================================================
+--- server/core.c.orig	2017-09-21 13:09:51.305613945 -0500
++++ server/core.c	2017-09-21 13:12:29.467996152 -0500
+@@ -1809,6 +1809,12 @@
+             /* method has not been registered yet, but resorce restriction
+              * is always checked before method handling, so register it.
+              */
++            if (cmd->pool == cmd->temp_pool) {
++                /* In .htaccess, we can't globally register new methods. */
++                return apr_psprintf(cmd->pool, "Could not register method '%s' "
++                                   "for %s from .htaccess configuration",
++                                    method, cmd->cmd->name);
++            }
+             methnum = ap_method_register(cmd->pool, method);
+         }
+ 

Modified: release/httpd/patches/apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch
==============================================================================
--- release/httpd/patches/apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch (original)
+++ release/httpd/patches/apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch Thu Sep 21 18:17:38
2017
@@ -12,7 +12,7 @@ Index: server/core.c
 ===================================================================
 --- server/core.c	(revision 1801041)
 +++ server/core.c	(working copy)
-@@ -2266,6 +2266,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_sect
+@@ -2262,6 +2262,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_sect
              /* method has not been registered yet, but resource restriction
               * is always checked before method handling, so register it.
               */



Mime
View raw message