summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoe Slater <jslater@windriver.com>2016-10-27 09:48:43 -0700
committerMartin Jansa <Martin.Jansa@gmail.com>2016-11-23 15:23:57 +0100
commit6d4ca6868bb6195f3c4cc785a1a8afc1af10f7e2 (patch)
tree81415c7e9960bcc5df1070c85bc8939d79be9a74
parent87affdd40511d557cfe9ae21ad943c7e30937c89 (diff)
downloadmeta-openembedded-6d4ca6868bb6195f3c4cc785a1a8afc1af10f7e2.tar.gz
apache2: cve-2016-5387
Handle HTTP_PROXY envirnoment variable. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch25
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb1
2 files changed, 26 insertions, 0 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch b/meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch
new file mode 100644
index 000000000..dbcdfc6df
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2/cve-2016-5387.patch
@@ -0,0 +1,25 @@
1This patch has been copied from https://www.apache.org/security/asf-httpoxy-response.txt
2as a mitigation of CVE-2016-5387.
3
4Upstream-Status: Backport - fixed in 2.4.24
5
6Signed-off-by: Joe Slater<jslater@windriver.com>
7
8
9--- a/server/util_script.c (revision 1752426)
10+++ b/server/util_script.c (working copy)
11@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r
12 else if (!strcasecmp(hdrs[i].key, "Content-length")) {
13 apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val);
14 }
15+ /* HTTP_PROXY collides with a popular envvar used to configure
16+ * proxies, don't let clients set/override it. But, if you must...
17+ */
18+#ifndef SECURITY_HOLE_PASS_PROXY
19+ else if (!strcasecmp(hdrs[i].key, "Proxy")) {
20+ ;
21+ }
22+#endif
23 /*
24 * You really don't want to disable this check, since it leaves you
25 * wide open to CGIs stealing passwords and people viewing them
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb
index be24998d1..7656595c8 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.23.bb
@@ -17,6 +17,7 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \
17 file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \ 17 file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \
18 file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ 18 file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
19 file://configure-allow-to-disable-selinux-support.patch \ 19 file://configure-allow-to-disable-selinux-support.patch \
20 file://cve-2016-5387.patch \
20 file://init \ 21 file://init \
21 file://apache2-volatile.conf \ 22 file://apache2-volatile.conf \
22 file://apache2.service \ 23 file://apache2.service \