velociraptor/CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch

From c4f847f85176991f95ab9c88af63b1294de8649b Mon Sep 17 00:00:00 2001
From: Ruben Verborgh <ruben@verborgh.org>
Date: Thu, 14 Mar 2024 17:36:10 +0100
Subject: [PATCH] Drop Proxy-Authorization across hosts.

---
 index.js     | 2 +-
 1 files changed, 1 insertions(+), 1 deletion(-)

diff --git a/gui/velociraptor/node_modules/follow-redirects/index.js b/gui/velociraptor/node_modules/follow-redirects/index.js
index f58b933..c649cab 100644
--- a/gui/velociraptor/node_modules/follow-redirects/index.js
+++ b/gui/velociraptor/node_modules/follow-redirects/index.js
@@ -430,7 +430,7 @@ RedirectableRequest.prototype._processResponse = function (response) {
      redirectUrlParts.protocol !== "https:" ||
      redirectUrlParts.host !== currentHost &&
      !isSubdomain(redirectUrlParts.host, currentHost)) {
-    removeMatchingHeaders(/^(?:authorization|cookie)$/i, this._options.headers);
+    removeMatchingHeaders(/^(?:(?:proxy-)?authorization|cookie)$/i, this._options.headers);
   }
 
   // Evaluate the beforeRedirect callback
Accepting request 1161552 from home:ateixeira:branches:security:sensor - Update to version 0.7.0.4.git66.eea7659: * dnssnoop: fix loading protocol from ip header on s390 * dnssnoop: fix htons() so it works on s390 too * Fix systemd Services artifact missing events * chattrsnoop: replace global variables with locals * tcpsnoop: fix garbled results on s390 * chattrsnoop: fix immutable attribute set on s390 * chattrsnoop: fix bpf_probe_read for s390 * tcpsnoop: remove unused filtering code * Add artifact to collect new files without owner * bpf plugins: set a logger callback - Add CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch (bsc#1221456) OBS-URL: https://build.opensuse.org/request/show/1161552 OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=65 2024-03-25 20:16:39 +00:00			`From c4f847f85176991f95ab9c88af63b1294de8649b Mon Sep 17 00:00:00 2001`
			`From: Ruben Verborgh <ruben@verborgh.org>`
			`Date: Thu, 14 Mar 2024 17:36:10 +0100`
			`Subject: [PATCH] Drop Proxy-Authorization across hosts.`

			`---`
			`index.js \| 2 +-`
			`1 files changed, 1 insertions(+), 1 deletion(-)`

			`diff --git a/gui/velociraptor/node_modules/follow-redirects/index.js b/gui/velociraptor/node_modules/follow-redirects/index.js`
			`index f58b933..c649cab 100644`
			`--- a/gui/velociraptor/node_modules/follow-redirects/index.js`
			`+++ b/gui/velociraptor/node_modules/follow-redirects/index.js`
			`@@ -430,7 +430,7 @@ RedirectableRequest.prototype._processResponse = function (response) {`
			`redirectUrlParts.protocol !== "https:" \|\|`
			`redirectUrlParts.host !== currentHost &&`
			`!isSubdomain(redirectUrlParts.host, currentHost)) {`
			`- removeMatchingHeaders(/^(?:authorization\|cookie)$/i, this._options.headers);`
			`+ removeMatchingHeaders(/^(?:(?:proxy-)?authorization\|cookie)$/i, this._options.headers);`
			`}`

			`// Evaluate the beforeRedirect callback`