From mboxrd@z Thu Jan  1 00:00:00 1970
From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] apache2: Import patch for CVE-2017-9798 ("optionsbleed")
Date: Wed, 20 Sep 2017 11:08:52 +0200
Message-ID: <20170920090852.1276-1-matthias.fischer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3408869166847522888=="
List-Id: <development.lists.ipfire.org>

--===============3408869166847522888==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Imported from:
https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=3D1=
805223&r2=3D1807754&pathrev=3D1807754&view=3Dpatch

For details see:
https://nvd.nist.gov/vuln/detail/CVE-2017-9798

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
 lfs/apache2                                       |  2 +-
 src/patches/apache-2.4.27-CVE-2017-9798-fix.patch | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 src/patches/apache-2.4.27-CVE-2017-9798-fix.patch

diff --git a/lfs/apache2 b/lfs/apache2
index e434d1b24..b7a741614 100644
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -76,7 +76,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
 	cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-PR61382=
-fix.patch
-
+	cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-CVE-201=
7-9798-fix.patch
 	### Add IPFire's layout, too
 	echo "# IPFire layout" >> $(DIR_APP)/config.layout
 	echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
diff --git a/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch b/src/patches/=
apache-2.4.27-CVE-2017-9798-fix.patch
new file mode 100644
index 000000000..eb82c8bcd
--- /dev/null
+++ b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch
@@ -0,0 +1,15 @@
+--- server/core.c	2017/08/16 16:50:29	1805223
++++ server/core.c	2017/09/08 13:13:11	1807754
+@@ -2262,6 +2262,12 @@
+             /* method has not been registered yet, but resource restriction
+              * is always checked before method handling, so register it.
+              */
++            if (cmd->pool =3D=3D cmd->temp_pool) {
++                /* In .htaccess, we can't globally register new methods. */
++                return apr_psprintf(cmd->pool, "Could not register method '=
%s' "
++                                   "for %s from .htaccess configuration",
++                                    method, cmd->cmd->name);
++            }
+             methnum =3D ap_method_register(cmd->pool,
+                                          apr_pstrdup(cmd->pool, method));
+         }
--=20
2.14.1


--===============3408869166847522888==--