1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL.RELEAS

  • apache2 update for next buster point release? (2/3)

    From Roberto =?iso-8859-1?Q?C=2E_S=E1nch@21:1/5 to All on Mon Jun 20 22:40:01 2022
    [continued from previous message]

    +--- a/modules/filters/mod_sed.c
    ++++ b/modules/filters/mod_sed.c
    +@@ -168,21 +168,29 @@ static apr_status_t sed_write_output(void *dummy, char *buf, apr_size_t sz)
    + }
    + /* buffer is now full */
    + status = append_bucket(ctx, ctx->outbuf, ctx->bufsize);
    +- /* old buffer is now used so allocate new buffer */
    +- alloc_outbuf(ctx);
    +- /* if size is bigger than the allocated buffer directly add to output +- * brigade */
    +- if ((status == APR_SUCCESS) && (sz >= ctx->bufsize)) {
    +- char* newbuf = apr_pmemdup(ctx->tpool, buf, sz);
    +- status = append_bucket(ctx, newbuf, sz);
    +- /* pool might get clear after append_bucket */
    +- if (ctx->outbuf == NULL) {
    ++ if (status == APR_SUCCESS) {
    ++ /* if size is bigger than the allocated buffer directly add to output
    ++ * brigade */
    ++ if (sz >= ctx->bufsize) {
    ++ char* newbuf = apr_pmemdup(ctx->tpool, buf, sz);
    ++ status = append_bucket(ctx, newbuf, sz);
    ++ if (status == APR_SUCCESS) {
    ++ /* old buffer is now used so allocate new buffer */
    ++ alloc_outbuf(ctx);
    ++ }
    ++ else {
    ++ clear_ctxpool(ctx);
    ++ }
    ++ }
    ++ else {
    ++ /* old buffer is now used so allocate new buffer */
    + alloc_outbuf(ctx);
    ++ memcpy(ctx->curoutbuf, buf, sz);
    ++ ctx->curoutbuf += sz;
    + }
    + }
    + else {
    +- memcpy(ctx->curoutbuf, buf, sz);
    +- ctx->curoutbuf += sz;
    ++ clear_ctxpool(ctx);
    + }
    + }
    + else {
    +--
    +2.30.2
    +
    diff -Nru apache2-2.4.38/debian/patches/CVE-2022-26377.patch apache2-2.4.38/debian/patches/CVE-2022-26377.patch
    --- apache2-2.4.38/debian/patches/CVE-2022-26377.patch 1969-12-31 19:00:00.000000000 -0500
    +++ apache2-2.4.38/debian/patches/CVE-2022-26377.patch 2022-06-20 15:03:00.000000000 -0400
    @@ -0,0 +1,39 @@
    +From f7f15f3d8bfe3032926c8c39eb8434529f680bd4 Mon Sep 17 00:00:00 2001
    +From: Yann Ylavic <ylavic@apache.org>
    +Date: Wed, 1 Jun 2022 13:48:21 +0000
    +Subject: [PATCH] mod_proxy_ajp: T-E has precedence over C-L.
    +
    +Merge r1901521 from trunk.
    +Submitted by: rpluem
    +
    +
    +git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1901522 13f79535-47bb-0310-9956-ffa450edef68
    +Origin: https://github.com/apache/httpd/commit/f7f15f3d8bfe3032926c8c39eb8434529f680bd4
    +---
    + modules/proxy/mod_proxy_ajp.c | 15 ++++++++++++---
    + 1 file changed, 12 insertions(+), 3 deletions(-)
    +
    +--- a/modules/proxy/mod_proxy_ajp.c
    ++++ b/modules/proxy/mod_proxy_ajp.c
    +@@ -245,9 +245,18 @@
    + /* read the first bloc of data */
    + input_brigade = apr_brigade_create(p, r->connection->bucket_alloc);
    +