From 4a0435cd7b98675e67c387eb9cd5170112c6b494 Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Jul 18 2016 15:31:52 +0000 Subject: add security fix for CVE-2016-5387 --- diff --git a/httpd-2.4.18-CVE-2016-5387.patch b/httpd-2.4.18-CVE-2016-5387.patch new file mode 100644 index 0000000..cfbd4a9 --- /dev/null +++ b/httpd-2.4.18-CVE-2016-5387.patch @@ -0,0 +1,16 @@ + +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5387 + +--- httpd-2.4.18/server/util_script.c.cve5387 ++++ httpd-2.4.18/server/util_script.c +@@ -195,6 +195,10 @@ + } + } + #endif ++ else if (!strcasecmp(hdrs[i].key, "Proxy")) { ++ /* Don't pass through HTTP_PROXY */ ++ continue; ++ } + else + add_unless_null(e, http2env(r, hdrs[i].key), hdrs[i].val); + } diff --git a/httpd.spec b/httpd.spec index 3b9533b..9566281 100644 --- a/httpd.spec +++ b/httpd.spec @@ -8,7 +8,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.4.23 -Release: 3%{?dist} +Release: 4%{?dist} URL: http://httpd.apache.org/ Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -67,6 +67,7 @@ Patch55: httpd-2.4.4-malformed-host.patch Patch56: httpd-2.4.4-mod_unique_id.patch Patch57: httpd-2.4.10-sigint.patch # Security fixes +Patch100: httpd-2.4.18-CVE-2016-5387.patch License: ASL 2.0 Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -211,6 +212,8 @@ interface for storing and accessing per-user session data. %patch56 -p1 -b .uniqueid %patch57 -p1 -b .sigint +%patch100 -p1 -b .cve5387 + # Patch in the vendor string sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h @@ -682,6 +685,9 @@ rm -rf $RPM_BUILD_ROOT %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Mon Jul 18 2016 Joe Orton - 2.4.23-4 +- add security fix for CVE-2016-5387 + * Thu Jul 7 2016 Joe Orton - 2.4.23-3 - load mod_watchdog by default (#1353582)