From f2969034e94d1fba0bf4a411f8d92a106c351db1f852c8b758bab670f7bc5f1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Tue, 30 Jul 2024 16:52:23 +0200
Subject: [PATCH] Sync from SUSE:SLFO:Main apache2 revision
 59422ba0b9f30c4b5b7c05f2b76c4e2c

---
 apache2-CVE-2024-36387.patch | 30 ++++++++++++++++++++++++++++++
 apache2.changes              |  7 +++++++
 apache2.spec                 |  2 ++
 3 files changed, 39 insertions(+)
 create mode 100644 apache2-CVE-2024-36387.patch

diff --git a/apache2-CVE-2024-36387.patch b/apache2-CVE-2024-36387.patch
new file mode 100644
index 0000000..3f5b019
--- /dev/null
+++ b/apache2-CVE-2024-36387.patch
@@ -0,0 +1,30 @@
+commit 62aa64e5aea21dd969db97aded4443c98c0735ac
+Author: Eric Covener <covener@apache.org>
+Date:   Mon Jun 24 17:51:42 2024 +0000
+
+    Merge r1918548 from trunk:
+    
+    mod_http2: early exit if bb is null
+    
+    
+    
+    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1918557 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/modules/http2/h2_c2.c b/modules/http2/h2_c2.c
+index a955200944..c65a521ab8 100644
+--- a/modules/http2/h2_c2.c
++++ b/modules/http2/h2_c2.c
+@@ -370,6 +370,13 @@ static apr_status_t h2_c2_filter_out(ap_filter_t* f, apr_bucket_brigade* bb)
+     h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(f->c);
+     apr_status_t rv;
+ 
++   if (bb == NULL) {
++#if !AP_MODULE_MAGIC_AT_LEAST(20180720, 1)
++        f->c->data_in_output_filters = 0;
++#endif
++        return APR_SUCCESS;
++    }
++
+     ap_assert(conn_ctx);
+ #if AP_HAS_RESPONSE_BUCKETS
+     if (!conn_ctx->has_final_response) {
diff --git a/apache2.changes b/apache2.changes
index b3609bc..d9527f8 100644
--- a/apache2.changes
+++ b/apache2.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Jul 17 04:59:12 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com>
+
+- Security fix:
+  - CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2
+    * Added apache2-CVE-2024-36387.patch
+
 -------------------------------------------------------------------
 Mon Jul  8 10:53:20 UTC 2024 - David Anes <david.anes@suse.com>
 
diff --git a/apache2.spec b/apache2.spec
index 205ed78..4bb18c2 100644
--- a/apache2.spec
+++ b/apache2.spec
@@ -209,6 +209,8 @@ Patch106: apache2-CVE-2024-38477.patch
 Patch107: apache2-CVE-2024-38475-1.patch
 Patch108: apache2-CVE-2024-38475-2.patch
 Patch109: apache2-CVE-2024-38475-3.patch
+# FIX-UPSTREAM: CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2
+Patch110:       apache2-CVE-2024-36387.patch
 
 BuildRequires:  apache-rpm-macros-control
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.