Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
apache2
apache2-cve-2016-5387.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apache2-cve-2016-5387.patch of Package apache2
From 68e2a08a173f64758425bf13f684432fe50eec20 Mon Sep 17 00:00:00 2001 From: Peter Simons <psimons@suse.com> Date: Wed, 13 Jul 2016 18:06:35 +0200 Subject: [PATCH] Don't translate "Proxy" HTTP headers into $HTTP_PROXY env vars (CVE-2016-5387). ap_add_common_vars() provides a HTTP_FOO="..." environment variable for every "Foo: ..." HTTP header received in the request. While this mechanism is useful in general, there is potential for abuse by sending a header like Proxy: http://malicious-machine.example.org/ that would be translated into an environment variable HTTP_PROXY=http://malicious-machine.example.org/ for the request handler running on the server. --- server/util_script.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/server/util_script.c b/server/util_script.c index 308e009..5fd800a 100644 --- a/server/util_script.c +++ b/server/util_script.c @@ -199,6 +199,9 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r) } } #endif + else if (!strcasecmp(hdrs[i].key, "Proxy")) { + continue; /* Don't create HTTP_PROXY to avoid CVE-2016-5387. */ + } else add_unless_null(e, http2env(r, hdrs[i].key), hdrs[i].val); } -- 2.9.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor