packages/httpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!3 fix CVE-2018-17199

Browse Source 
Merge pull request !3 from 严志华/master
This commit is contained in:
openeuler-ci-bot 2020-02-03 16:47:10 +08:00 committed by Gitee
commit 503fbf1fbd
2 changed files with 93 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
CVE-2018-17199.patch Normal file
View File

@ -0,0 +1,85 @@
From 34f58ae20d9a85f2a1508a9a732874239491d456 Mon Sep 17 00:00:00 2001
From: Hank Ibell <hwibell@apache.org>
Date: Tue, 15 Jan 2019 19:54:41 +0000
Subject: [PATCH] mod_session: Always decode session attributes early.
Backport r1850947 from trunk
Submitted by: hwibell
Reviewed by: hwibell, covener, wrowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1851409 13f79535-47bb-0310-9956-ffa450edef68
---
CHANGES | 2 ++
STATUS | 5 -----
modules/session/mod_session.c | 25 ++++++++++++++-----------
3 files changed, 16 insertions(+), 16 deletions(-)
#diff --git a/CHANGES b/CHANGES
#index c4d9f6c2ea8..4b0a07fdcf5 100644
#--- a/CHANGES
#+++ b/CHANGES
#@@ -9,6 +9,8 @@ Changes with Apache 2.4.38
# and we should just set the value for the environment variable
# like in the pattern case. [Ruediger Pluem]
#
#+ *) mod_session: Always decode session attributes early. [Hank Ibell]
#+
# *) core: Incorrect values for environment variables are substituted when
# multiple environment variables are specified in a directive. [Hank Ibell]
#
#diff --git a/STATUS b/STATUS
#index 00070f9f247..45a92ba4d81 100644
#--- a/STATUS
#+++ b/STATUS
#@@ -125,11 +125,6 @@ RELEASE SHOWSTOPPERS:
# PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
# [ start all new proposals below, under PATCHES PROPOSED. ]
#
#- *) mod_session: Always decode session attributes early.
#- trunk patch: http://svn.apache.org/r1850947
#- 2.4.x patch: svn merge -c 1850947 ^/httpd/httpd/trunk .
#- +1: hwibell, covener, wrowe
#-
# *) mod_ssl (ssl_engine_io.c: bio_filter_out_write, bio_filter_in_read)
# Clear retry flags before aborting on client-initiated reneg. [Joe Orton]
# PR: 63052
diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
index d517020d995..64e6e4a8132 100644
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -126,20 +126,23 @@ static apr_status_t ap_session_load(request_rec * r, session_rec ** z)
/* found a session that hasn't expired? */
now = apr_time_now();
+
if (zz) {
- if (zz->expiry && zz->expiry < now) {
+ /* load the session attibutes */
+ rv = ap_run_session_decode(r, zz);
+
+ /* having a session we cannot decode is just as good as having
+ none at all */
+ if (OK != rv) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01817)
+ "error while decoding the session, "
+ "session not loaded: %s", r->uri);
zz = NULL;
}
- else {
- /* having a session we cannot decode is just as good as having
- none at all */
- rv = ap_run_session_decode(r, zz);
- if (OK != rv) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01817)
- "error while decoding the session, "
- "session not loaded: %s", r->uri);
- zz = NULL;
- }
+
+ /* invalidate session if session is expired */
+ if (zz && zz->expiry && zz->expiry < now) {
+ zz = NULL;
}
}

9
httpd.spec
View File

@ -8,7 +8,7 @@
Name: httpd
Summary: Apache HTTP Server
Version: 2.4.34
Release: 14
Release: 15
License: ASL 2.0
URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@ -97,6 +97,7 @@ Patch6022: CVE-2018-17189.patch
Patch6023: CVE-2019-0220-1.patch
Patch6024: CVE-2019-0220-2.patch
Patch6025: CVE-2019-0220-3.patch
Patch6026: CVE-2018-17199.patch
Patch9000: layout_add_openEuler.patch
@ -535,6 +536,12 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Mon Feb 03 2020 yanzhihua <yanzhihua4@huawei.com> - 2.4.34-15
- Type:cves
- ID:CVE-2018-17199
- SUG:NA
- DESC:fix CVE-2018-17199
* Sun Jan 19 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.4.34-14
- Type:bugfix
- ID:NA