[Pkg-apache-commits] r978 - in /trunk/apache2: changelog patches/00list patches/071_CVE-2009-1891.dpatch
sf at alioth.debian.org
sf at alioth.debian.org
Fri Jul 10 19:53:54 UTC 2009
Author: sf
Date: Fri Jul 10 19:53:52 2009
New Revision: 978
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=978
Log:
CVE-2009-1891
Added:
trunk/apache2/patches/071_CVE-2009-1891.dpatch (with props)
Modified:
trunk/apache2/changelog
trunk/apache2/patches/00list
Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=978&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Fri Jul 10 19:53:52 2009
@@ -1,5 +1,7 @@
apache2 (2.2.11-7) UNRELEASED; urgency=low
+ * Security fixes:
+ CVE-2009-1891: denial of service in mod_deflate
* Add symlinks for the debug info to the mpm packages.
* Be slightly more informative in the default index.html without pointing
to Apache or Debian (LP: #89364)
Modified: trunk/apache2/patches/00list
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/00list?rev=978&op=diff
==============================================================================
--- trunk/apache2/patches/00list (original)
+++ trunk/apache2/patches/00list Fri Jul 10 19:53:52 2009
@@ -21,6 +21,7 @@
068_check_pollset_create_error.dpatch
069_backports_from_2.2.12.dpatch
070_CVE-2009-1195_mod_include_noexec.dpatch
+071_CVE-2009-1891.dpatch
099_config_guess_sub_update
200_cp_suexec.dpatch
201_build_suexec-custom.dpatch
Added: trunk/apache2/patches/071_CVE-2009-1891.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/071_CVE-2009-1891.dpatch?rev=978&op=file
==============================================================================
--- trunk/apache2/patches/071_CVE-2009-1891.dpatch (added)
+++ trunk/apache2/patches/071_CVE-2009-1891.dpatch Fri Jul 10 19:53:52 2009
@@ -1,0 +1,36 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: mod_deflate DoS
+## DP: http://mail-archives.apache.org/mod_mbox/httpd-dev/200907.mbox/<20090703100048.GA4492@redhat.com>
+
+ at DPATCH@
+--- a/server/core_filters.c (revision 790833)
++++ a/server/core_filters.c (working copy)
+@@ -542,6 +542,12 @@
+ apr_read_type_e eblock = APR_NONBLOCK_READ;
+ apr_pool_t *input_pool = b->p;
+
++ /* Fail quickly if the connection has already been aborted. */
++ if (c->aborted) {
++ apr_brigade_cleanup(b);
++ return APR_ECONNABORTED;
++ }
++
+ if (ctx == NULL) {
+ ctx = apr_pcalloc(c->pool, sizeof(*ctx));
+ net->out_ctx = ctx;
+@@ -909,12 +909,9 @@
+ /* No need to check for SUCCESS, we did that above. */
+ if (!APR_STATUS_IS_EAGAIN(rv)) {
+ c->aborted = 1;
++ return APR_ECONNABORTED;
+ }
+
+- /* The client has aborted, but the request was successful. We
+- * will report success, and leave it to the access and error
+- * logs to note that the connection was aborted.
+- */
+ return APR_SUCCESS;
+ }
+
Propchange: trunk/apache2/patches/071_CVE-2009-1891.dpatch
------------------------------------------------------------------------------
svn:executable = *
More information about the Pkg-apache-commits
mailing list