[apache2] 01/01: CVE-2017-9788: mod_auth_digest: Fix leak of uninitialized memory
Stefan Fritsch
sf at moszumanska.debian.org
Tue Jul 18 18:47:50 UTC 2017
This is an automated email from the git hooks/post-receive script.
sf pushed a commit to branch jessie
in repository apache2.
commit 40bab0ff86e4512e367837c70ad74af2e9861f97
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Tue Jul 18 20:30:14 2017 +0200
CVE-2017-9788: mod_auth_digest: Fix leak of uninitialized memory
---
debian/changelog | 6 +++++
debian/patches/CVE-2017-9788-mod_auth_digest.diff | 28 +++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 35 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index c202af4..398fee2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+apache2 (2.4.10-10+deb8u10) jessie-security; urgency=medium
+
+ * CVE-2017-9788: mod_auth_digest: Fix leak of uninitialized memory
+
+ -- Stefan Fritsch <sf at debian.org> Tue, 18 Jul 2017 20:29:16 +0200
+
apache2 (2.4.10-10+deb8u9) jessie-security; urgency=medium
* CVE-2017-3167: Authentication bypass with ap_get_basic_auth_pw()
diff --git a/debian/patches/CVE-2017-9788-mod_auth_digest.diff b/debian/patches/CVE-2017-9788-mod_auth_digest.diff
new file mode 100644
index 0000000..4426088
--- /dev/null
+++ b/debian/patches/CVE-2017-9788-mod_auth_digest.diff
@@ -0,0 +1,28 @@
+# https://svn.apache.org/viewvc?view=revision&revision=1800955
+--- apache2.orig/modules/aaa/mod_auth_digest.c
++++ apache2/modules/aaa/mod_auth_digest.c
+@@ -956,13 +956,13 @@ static int get_digest_rec(request_rec *r
+
+ /* find value */
+
++ vv = 0;
+ if (auth_line[0] == '=') {
+ auth_line++;
+ while (apr_isspace(auth_line[0])) {
+ auth_line++;
+ }
+
+- vv = 0;
+ if (auth_line[0] == '\"') { /* quoted string */
+ auth_line++;
+ while (auth_line[0] != '\"' && auth_line[0] != '\0') {
+@@ -981,8 +981,8 @@ static int get_digest_rec(request_rec *r
+ value[vv++] = *auth_line++;
+ }
+ }
+- value[vv] = '\0';
+ }
++ value[vv] = '\0';
+
+ while (auth_line[0] != ',' && auth_line[0] != '\0') {
+ auth_line++;
diff --git a/debian/patches/series b/debian/patches/series
index 749efb3..c600844 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -29,3 +29,4 @@ CVE-2017-3167.diff
CVE-2017-3169.diff
CVE-2017-7668.diff
CVE-2017-7679.diff
+CVE-2017-9788-mod_auth_digest.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list