packages/httpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2023-31122

Browse Source 
(cherry picked from commit 5e3ff35b4505aca9534c0ae8c64087eb3a67811c)
This commit is contained in:
chengyechun 2023-11-03 11:06:21 +08:00 committed by openeuler-sync-bot
parent ceee8c4b8f
commit e02039f699
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
backport-CVE-2023-31122-out-of-bound-Read.patch Normal file
View File

@ -0,0 +1,28 @@
From c41eb3b14a3d1eb2e3c42c4728cc52a22748851a Mon Sep 17 00:00:00 2001
From: Stefan Eissing <icing@apache.org>
Date: Mon, 16 Oct 2023 06:39:44 +0000
Subject: [PATCH] mod_macro: out of bounds Read
Conflict:NA
Reference:https://github.com/apache/httpd/commit/c41eb3b14a3d1eb2e3c42c4728cc52a22748851a
---
modules/core/mod_macro.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/core/mod_macro.c b/modules/core/mod_macro.c
index 04af43b..cc42d0b 100644
--- a/modules/core/mod_macro.c
+++ b/modules/core/mod_macro.c
@@ -465,7 +465,7 @@ static const char *process_content(apr_pool_t * pool,
for (i = 0; i < contents->nelts; i++) {
const char *errmsg;
/* copy the line and substitute macro parameters */
- strncpy(line, ((char **) contents->elts)[i], MAX_STRING_LEN - 1);
+ apr_cpystrn(line, ((char **) contents->elts)[i], MAX_STRING_LEN);
errmsg = substitute_macro_args(line, MAX_STRING_LEN,
macro, replacements, used);
if (errmsg) {
--
2.23.0

9
httpd.spec
View File

@ -8,7 +8,7 @@
Name: httpd Name: httpd
Summary: Apache HTTP Server Summary: Apache HTTP Server
Version: 2.4.51 Version: 2.4.51
Release: 18 Release: 19
License: ASL 2.0 License: ASL 2.0
URL: https://httpd.apache.org/ URL: https://httpd.apache.org/
Source0: https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source0: https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@ -108,6 +108,7 @@ Patch54: backport-Fix-double-encoding-of-the-uri-path-of-the-request.pa
Patch55: backport-do-not-match-the-extention-against-possible-query-string.patch Patch55: backport-do-not-match-the-extention-against-possible-query-string.patch
Patch56: backport-Do-not-double-encode-encoded-slashes.patch Patch56: backport-Do-not-double-encode-encoded-slashes.patch
Patch57: backport-Check-before-forwarding-that-a-nocanon-path-has-not-been-rewritten.patch Patch57: backport-Check-before-forwarding-that-a-nocanon-path-has-not-been-rewritten.patch
Patch58: backport-CVE-2023-31122-out-of-bound-Read.patch
BuildRequires: gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel BuildRequires: gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
BuildRequires: zlib-devel libselinux-devel lua-devel brotli-devel BuildRequires: zlib-devel libselinux-devel lua-devel brotli-devel
@ -544,6 +545,12 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd %{_rpmconfigdir}/macros.d/macros.httpd
%changelog %changelog
* Fri Nov 03 2023 chengyechun <chengyechun1@huawei.com> - 2.4.51-19
- Type:CVE
- ID:CVE-2023-31122
- SUG:NA
- DESC:fix CVE-2023-31122
* Wed Aug 09 2023 panchenbo <panchenbo@kylinsec.com.cn> - 2.4.51-18 * Wed Aug 09 2023 panchenbo <panchenbo@kylinsec.com.cn> - 2.4.51-18
- Type:bugfix - Type:bugfix
- ID: - ID: