nodejs/nodejs16
SHA256
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
nodejs16/CVE-2024-24758.patch

33 lines
1.5 KiB
Diff
Raw Permalink Normal View History

* CVE-2023-46809.patch: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) (CVE-2023-46809, bsc#1219997) * CVE-2024-22019.patch: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) (CVE-2024-22019, bsc#1219993) * CVE-2024-22025.patch: fix Denial of Service by resource exhaustion in fetch() brotli decoding (CVE-2024-22025, bsc#1220014) * CVE-2024-24758.patch: ignore proxy-authorization headers (CVE-2024-24758, bsc#1220017) * CVE-2024-24806.patch: fix improper domain lookup that potentially leads to SSRF attacks (CVE-2024-24806, bsc#1220053) - CVE-2023-38552.patch: Integrity checks according to policies can be circumvented (CVE-2023-38552, bsc#1216272) - CVE-2023-39333.patch, wasm-fixture.tar.gz: Code injection via WebAssembly export names (CVE-2023-39333, bsc#1216273) - CVE-2023-45143.patch: undici Security Release (CVE-2023-45143, bsc#1216205) - nodejs.keyring: include new releaser keys OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs16?expand=0&rev=100
2024-02-20 16:34:06 +00:00
Index: node-v16.20.2/deps/undici/src/lib/fetch/index.js
===================================================================
--- node-v16.20.2.orig/deps/undici/src/lib/fetch/index.js
+++ node-v16.20.2/deps/undici/src/lib/fetch/index.js
@@ -1200,6 +1200,13 @@ async function httpRedirectFetch (fetchP
if (!sameOrigin(requestCurrentURL(request), locationURL)) {
// https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
request.headersList.delete('authorization')
+
+ // https://fetch.spec.whatwg.org/#authentication-entries
+ request.headersList.delete('proxy-authorization', true)
+
+ // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement.
+ request.headersList.delete('cookie')
+ request.headersList.delete('host')
}
// 14. If requests body is non-null, then set requests body to the first return
Index: node-v16.20.2/deps/undici/undici.js
===================================================================
--- node-v16.20.2.orig/deps/undici/undici.js
+++ node-v16.20.2/deps/undici/undici.js
@@ -11167,6 +11167,9 @@ var require_fetch = __commonJS({
}
if (!sameOrigin(requestCurrentURL(request), locationURL)) {
request.headersList.delete("authorization");
+ request.headersList.delete("proxy-authorization", true);
+ request.headersList.delete("cookie");
+ request.headersList.delete("host");
}
if (request.body != null) {
assert(request.body.source != null);
Reference in New Issue Copy Permalink