[Pkg-apache-commits] r978 - in /trunk/apache2: changelog patches/00list patches/071_CVE-2009-1891.dpatch

sf at alioth.debian.org sf at alioth.debian.org
Fri Jul 10 19:53:54 UTC 2009 

Author: sf
Date: Fri Jul 10 19:53:52 2009
New Revision: 978

URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=978
Log:
CVE-2009-1891

Added:
    trunk/apache2/patches/071_CVE-2009-1891.dpatch   (with props)
Modified:
    trunk/apache2/changelog
    trunk/apache2/patches/00list

Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=978&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Fri Jul 10 19:53:52 2009
@@ -1,5 +1,7 @@
 apache2 (2.2.11-7) UNRELEASED; urgency=low
 
+  * Security fixes:
+    CVE-2009-1891: denial of service in mod_deflate
   * Add symlinks for the debug info to the mpm packages.
   * Be slightly more informative in the default index.html without pointing
     to Apache or Debian (LP: #89364)

Modified: trunk/apache2/patches/00list
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/00list?rev=978&op=diff
==============================================================================
--- trunk/apache2/patches/00list (original)
+++ trunk/apache2/patches/00list Fri Jul 10 19:53:52 2009
@@ -21,6 +21,7 @@
 068_check_pollset_create_error.dpatch
 069_backports_from_2.2.12.dpatch
 070_CVE-2009-1195_mod_include_noexec.dpatch
+071_CVE-2009-1891.dpatch
 099_config_guess_sub_update
 200_cp_suexec.dpatch
 201_build_suexec-custom.dpatch

Added: trunk/apache2/patches/071_CVE-2009-1891.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/071_CVE-2009-1891.dpatch?rev=978&op=file
==============================================================================
--- trunk/apache2/patches/071_CVE-2009-1891.dpatch (added)
+++ trunk/apache2/patches/071_CVE-2009-1891.dpatch Fri Jul 10 19:53:52 2009
@@ -1,0 +1,36 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: mod_deflate DoS
+## DP: http://mail-archives.apache.org/mod_mbox/httpd-dev/200907.mbox/<20090703100048.GA4492@redhat.com>
+
+ at DPATCH@
+--- a/server/core_filters.c	(revision 790833)
++++ a/server/core_filters.c	(working copy)
+@@ -542,6 +542,12 @@
+     apr_read_type_e eblock = APR_NONBLOCK_READ;
+     apr_pool_t *input_pool = b->p;
+ 
++    /* Fail quickly if the connection has already been aborted. */
++    if (c->aborted) {
++        apr_brigade_cleanup(b);
++        return APR_ECONNABORTED;
++    }
++
+     if (ctx == NULL) {
+         ctx = apr_pcalloc(c->pool, sizeof(*ctx));
+         net->out_ctx = ctx;
+@@ -909,12 +909,9 @@
+             /* No need to check for SUCCESS, we did that above. */
+             if (!APR_STATUS_IS_EAGAIN(rv)) {
+                 c->aborted = 1;
++                return APR_ECONNABORTED;
+             }
+ 
+-            /* The client has aborted, but the request was successful. We
+-             * will report success, and leave it to the access and error
+-             * logs to note that the connection was aborted.
+-             */
+             return APR_SUCCESS;
+         }
+ 

Propchange: trunk/apache2/patches/071_CVE-2009-1891.dpatch
------------------------------------------------------------------------------
    svn:executable = *

More information about the Pkg-apache-commits mailing list