| Summary: | apache new security issue CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | davidwhodgins, marja11, nicolas.salguero, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | apache-2.4.48-1.mga8.src.rpm | CVE: | CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438 |
| Status comment: | |||
|
Description
David Walser
2021-09-16 21:50:20 CEST
David Walser
2021-09-16 21:50:43 CEST
Status comment:
(none) =>
Fixed upstream in 2.4.49 Assigning to all packagers collectively, since there is no registered maintainer for this package. Assignee:
bugsquad =>
pkg-bugs Suggested advisory: ======================== The updated packages fix security vulnerabilities: A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. (CVE-2021-33193) Malformed requests may cause the server to dereference a NULL pointer. (CVE-2021-34798) A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). (CVE-2021-36160) ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. (CVE-2021-39275) A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. (CVE-2021-40438) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438 https://downloads.apache.org/httpd/Announcement2.4.html https://downloads.apache.org/httpd/CHANGES_2.4.49 https://httpd.apache.org/security/vulnerabilities_24.html ======================== Updated packages in core/updates_testing: ======================== apache-mod_proxy-2.4.49-1.mga8 apache-devel-2.4.49-1.mga8 apache-mod_http2-2.4.49-1.mga8 apache-mod_dav-2.4.49-1.mga8 apache-mod_ssl-2.4.49-1.mga8 apache-mod_cache-2.4.49-1.mga8 apache-mod_session-2.4.49-1.mga8 apache-mod_ldap-2.4.49-1.mga8 apache-mod_proxy_html-2.4.49-1.mga8 apache-mod_dbd-2.4.49-1.mga8 apache-mod_suexec-2.4.49-1.mga8 apache-htcacheclean-2.4.49-1.mga8 apache-mod_brotli-2.4.49-1.mga8 apache-mod_userdir-2.4.49-1.mga8 apache-2.4.49-1.mga8 apache-doc-2.4.49-1.mga8 from SRPM: apache-2.4.49-1.mga8.src.rpm Status:
NEW =>
ASSIGNED Fedora has issued an advisory for this today (September 20): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/ Just testing that http:localhost and https://localhost work. Advisory committed to svn. Keywords:
(none) =>
advisory, validated_update An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0439.html Resolution:
(none) =>
FIXED |