Bug#989683: unblock: apache2/2.4.46-5

Thu, 10 Jun 2021 03:24:14 -0700 

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: secur...@debian.org

Please unblock package apache2

[ Reason ]
Apache2 is vulnerable to a denial of service due to a NULL pointer
dereference on specially crafted HTTP/2 request (#989562,
CVE-2021-31618)

[ Impact ]
Denial of service

[ Tests ]
No new test

[ Risks ]
Patch is really trivial

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock apache2/2.4.46-5

diff --git a/debian/changelog b/debian/changelog
index 8a02325f..7ddeb00a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+apache2 (2.4.46-5) unstable; urgency=medium
+
+  * Fix "NULL pointer dereference on specially crafted HTTP/2 request"
+    (Closes: #989562, CVE-2021-31618)
+
+ -- Yadd <y...@debian.org>  Thu, 10 Jun 2021 11:57:38 +0200
+
 apache2 (2.4.46-4) unstable; urgency=medium
 
   * Ignore other random another test failures (Closes: #979664)
diff --git a/debian/patches/CVE-2021-31618.patch 
b/debian/patches/CVE-2021-31618.patch
new file mode 100644
index 00000000..12d59c8b
--- /dev/null
+++ b/debian/patches/CVE-2021-31618.patch
@@ -0,0 +1,20 @@
+Description: fix NULL pointer dereference on specially crafted HTTP/2 request
+Author: Upstream
+Origin: upstream, 
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/h2_stream.c?r1=1889759&r2=1889758&pathrev=1889759
+Bug: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-31618
+Bug-Debian: https://bugs.debian.org/989562
+Forwarded: not-needed
+Reviewed-By: Yadd <y...@debian.org>
+Last-Update: 2021-06-10
+
+--- a/modules/http2/h2_stream.c
++++ b/modules/http2/h2_stream.c
+@@ -638,7 +638,7 @@
+ 
+ static void set_error_response(h2_stream *stream, int http_status)
+ {
+-    if (!h2_stream_is_ready(stream)) {
++    if (!h2_stream_is_ready(stream) && stream->rtmp) {
+         conn_rec *c = stream->session->c;
+         apr_bucket *b;
+         h2_headers *response;
diff --git a/debian/patches/series b/debian/patches/series
index 20bc4b61..8dfa2af8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -11,3 +11,4 @@ tlsv13-add-logno.diff
 # This patch is applied manually
 #suexec-custom.patch
 spelling-errors.diff
+CVE-2021-31618.patch

Reply via email to