Sync from SUSE:SLFO:Main apache2 revision 59422ba0b9f30c4b5b7c05f2b76c4e2c

apache2-CVE-2024-36387.patch

@@ -0,0 +1,30 @@
+commit 62aa64e5aea21dd969db97aded4443c98c0735ac
+Author: Eric Covener <covener@apache.org>
+Date:   Mon Jun 24 17:51:42 2024 +0000
+
+    Merge r1918548 from trunk:
+    
+    mod_http2: early exit if bb is null
+    
+    
+    
+    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1918557 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/modules/http2/h2_c2.c b/modules/http2/h2_c2.c
+index a955200944..c65a521ab8 100644
+--- a/modules/http2/h2_c2.c
++++ b/modules/http2/h2_c2.c
+@@ -370,6 +370,13 @@ static apr_status_t h2_c2_filter_out(ap_filter_t* f, apr_bucket_brigade* bb)
+     h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(f->c);
+     apr_status_t rv;
+ 
++   if (bb == NULL) {
++#if !AP_MODULE_MAGIC_AT_LEAST(20180720, 1)
++        f->c->data_in_output_filters = 0;
++#endif
++        return APR_SUCCESS;
++    }
++
+     ap_assert(conn_ctx);
+ #if AP_HAS_RESPONSE_BUCKETS
+     if (!conn_ctx->has_final_response) {

apache2.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Jul 17 04:59:12 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com>
+
+- Security fix:
+  - CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2
+    * Added apache2-CVE-2024-36387.patch
+
 -------------------------------------------------------------------
 Mon Jul  8 10:53:20 UTC 2024 - David Anes <david.anes@suse.com>
 

apache2.spec

@@ -209,6 +209,8 @@ Patch106: apache2-CVE-2024-38477.patch
 Patch107: apache2-CVE-2024-38475-1.patch
 Patch108: apache2-CVE-2024-38475-2.patch
 Patch109: apache2-CVE-2024-38475-3.patch
+# FIX-UPSTREAM: CVE-2024-36387, bsc#1227272: DoS by null pointer in websocket over HTTP/2
+Patch110:       apache2-CVE-2024-36387.patch
 
 BuildRequires:  apache-rpm-macros-control
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.