From f2969034e94d1fba0bf4a411f8d92a106c351db1f852c8b758bab670f7bc5f1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Tue, 30 Jul 2024 16:52:23 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main apache2 revision 59422ba0b9f30c4b5b7c05f2b76c4e2c --- apache2-CVE-2024-36387.patch | 30 ++++++++++++++++++++++++++++++ apache2.changes | 7 +++++++ apache2.spec | 2 ++ 3 files changed, 39 insertions(+) create mode 100644 apache2-CVE-2024-36387.patch diff --git a/apache2-CVE-2024-36387.patch b/apache2-CVE-2024-36387.patch new file mode 100644 index 0000000..3f5b019 --- /dev/null +++ b/apache2-CVE-2024-36387.patch @@ -0,0 +1,30 @@ +commit 62aa64e5aea21dd969db97aded4443c98c0735ac +Author: Eric Covener +Date: Mon Jun 24 17:51:42 2024 +0000 + + Merge r1918548 from trunk: + + mod_http2: early exit if bb is null + + + + git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1918557 13f79535-47bb-0310-9956-ffa450edef68 + +diff --git a/modules/http2/h2_c2.c b/modules/http2/h2_c2.c +index a955200944..c65a521ab8 100644 +--- a/modules/http2/h2_c2.c ++++ b/modules/http2/h2_c2.c +@@ -370,6 +370,13 @@ static apr_status_t h2_c2_filter_out(ap_filter_t* f, apr_bucket_brigade* bb) + h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(f->c); + apr_status_t rv; + ++ if (bb == NULL) { ++#if !AP_MODULE_MAGIC_AT_LEAST(20180720, 1) ++ f->c->data_in_output_filters = 0; ++#endif ++ return APR_SUCCESS; ++ } ++ + ap_assert(conn_ctx); + #if AP_HAS_RESPONSE_BUCKETS + if (!conn_ctx->has_final_response) { diff --git a/apache2.changes b/apache2.changes index b3609bc..d9527f8 100644 --- a/apache2.changes +++ b/apache2.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Jul 17 04:59:12 UTC 2024 - Martin Schreiner + +- Security fix: + - CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2 + * Added apache2-CVE-2024-36387.patch + ------------------------------------------------------------------- Mon Jul 8 10:53:20 UTC 2024 - David Anes diff --git a/apache2.spec b/apache2.spec index 205ed78..4bb18c2 100644 --- a/apache2.spec +++ b/apache2.spec @@ -209,6 +209,8 @@ Patch106: apache2-CVE-2024-38477.patch Patch107: apache2-CVE-2024-38475-1.patch Patch108: apache2-CVE-2024-38475-2.patch Patch109: apache2-CVE-2024-38475-3.patch +# FIX-UPSTREAM: CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2 +Patch110: apache2-CVE-2024-36387.patch BuildRequires: apache-rpm-macros-control #Since 2.4.7 the event MPM requires apr 1.5.0 or later.