aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb
diff options
context:
space:
mode:
authorLi Wang <li.wang@windriver.com>2021-07-08 17:04:37 +0800
committerArmin Kuster <akuster808@gmail.com>2021-07-10 21:15:33 -0700
commitaeae0a34cff905f12c30b6af2a5e83997bc2c396 (patch)
tree4d713ca7069ae713306a578b9be75314e23a8e83 /meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb
parentd9c8c33db813a0f1615efeaa38ece92c839bd722 (diff)
downloadmeta-openembedded-aeae0a34cff905f12c30b6af2a5e83997bc2c396.tar.gz
apache2: fix CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641
CVE-2020-13950: Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service References: https://nvd.nist.gov/vuln/detail/CVE-2020-13950 Upstream patches: https://bugzilla.redhat.com/show_bug.cgi?id=1966738 https://github.com/apache/httpd/commit/8c162db8b65b2193e622b780e8c6516d4265f68b CVE-2020-35452: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow References: https://nvd.nist.gov/vuln/detail/CVE-2020-35452 Upstream patches: https://security-tracker.debian.org/tracker/CVE-2020-35452 https://github.com/apache/httpd/commit/3b6431eb9c9dba603385f70a2131ab4a01bf0d3b CVE-2021-26690: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service References: https://nvd.nist.gov/vuln/detail/CVE-2021-26690 Upstream patches: https://security-tracker.debian.org/tracker/CVE-2021-26690 https://github.com/apache/httpd/commit/67bd9bfe6c38831e14fe7122f1d84391472498f8 CVE-2021-26691: In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow References: https://nvd.nist.gov/vuln/detail/CVE-2021-26691 Upstream patches: https://bugzilla.redhat.com/show_bug.cgi?id=1966732 https://github.com/apache/httpd/commit/7e09dd714fc62c08c5b0319ed7b9702594faf49b CVE-2021-30641: Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' References: https://nvd.nist.gov/vuln/detail/CVE-2021-30641 Upstream patches: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-30641 https://github.com/apache/httpd/commit/6141d5aa3f5cf8f1b89472e7fdb66578810d0ae3 Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 70b1aa0a4cd4bfd08b6c8d36a76f9b7cf20d61a6) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb')
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb5
1 files changed, 5 insertions, 0 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb
index 197cb83e6..4fc1f1631 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb
@@ -15,6 +15,11 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
file://0007-apache2-allow-to-disable-selinux-support.patch \
file://apache-configure_perlbin.patch \
file://0001-support-apxs.in-force-destdir-to-be-empty-string.patch \
+ file://CVE-2020-13950.patch \
+ file://CVE-2020-35452.patch \
+ file://CVE-2021-26690.patch \
+ file://CVE-2021-26691.patch \
+ file://CVE-2021-30641.patch \
"
SRC_URI_append_class-target = " \