diff options
author | Stefan Fritsch <sf@sfritsch.de> | 2016-07-20 08:43:31 +0200 |
---|---|---|
committer | Stefan Fritsch <sf@sfritsch.de> | 2016-07-21 23:21:31 +0200 |
commit | 78f36a97328572ae9d0fb84d6a6c20bc5e0ec80f (patch) | |
tree | ca8030482c9836a8a192564f86b43c2984b3dcb1 /debian/patches | |
parent | 78fc8f58f528e9f827da90643564d16ffbf28199 (diff) | |
download | apache2-78f36a97328572ae9d0fb84d6a6c20bc5e0ec80f.tar.gz |
Add mitigation for HTTP_PROXY envvar issue
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/CVE-2016-5387.patch | 17 | ||||
-rw-r--r-- | debian/patches/series | 1 |
2 files changed, 18 insertions, 0 deletions
diff --git a/debian/patches/CVE-2016-5387.patch b/debian/patches/CVE-2016-5387.patch new file mode 100644 index 00000000..7badf022 --- /dev/null +++ b/debian/patches/CVE-2016-5387.patch @@ -0,0 +1,17 @@ +--- apache2.orig/server/util_script.c ++++ apache2/server/util_script.c +@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(requ + else if (!strcasecmp(hdrs[i].key, "Content-length")) { + apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val); + } ++ /* HTTP_PROXY collides with a popular envvar used to configure ++ * proxies, don't let clients set/override it. But, if you must... ++ */ ++#ifndef SECURITY_HOLE_PASS_PROXY ++ else if (!strcasecmp(hdrs[i].key, "Proxy")) { ++ ; ++ } ++#endif + /* + * You really don't want to disable this check, since it leaves you + * wide open to CGIs stealing passwords and people viewing them diff --git a/debian/patches/series b/debian/patches/series index 4a1b9140..6c75e38e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -9,3 +9,4 @@ reproducible_builds.diff #suexec-custom.patch fix_logresolve_segfault.patch +CVE-2016-5387.patch |