Bug 47510 - apache2: Multiple issues (4.3)
apache2: Multiple issues (4.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.3
All Linux
: P3 normal (vote)
: UCS 4.3-1-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-08-08 13:43 CEST by Quality Assurance
Modified: 2018-08-15 13:14 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2018-08-08 13:43:22 CEST
New Debian apache2 2.4.25-3+deb9u5A~4.3.1.201808081329 fixes:
This update addresses the following issue(s):
* 
CVE_2001-1534 is open
CVE_2003-1307 is open
CVE_2003-1580 is open
CVE_2003-1581 is open
CVE_2007-0086 is open
CVE_2007-1743 is open
CVE_2007-3303 is open
CVE_2008-0455 is open
CVE_2008-0456 is open
* When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk. (CVE-2018-1302)
CVE_2018-1333 is open

2.4.25-3+deb9u5 (Sat, 02 Jun 2018 10:01:13 +0200) * Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33. This fixes - CVE-2018-1302: mod_http2: Potential crash w/ mod_http2 - Segfaults in mod_http2 - mod_http2 issue with option "Indexes" and directive "HeaderName" Unfortunately, this also removes support for http2 when running on mpm_prefork. * mod_http2: Avoid high memory usage with large files, causing crashes on 32bit archs. * Make the apache-htcacheclean init script actually look into /etc/default/apache-htcacheclean for its config.
* CVE-2018-1302 httpd: Use-after-free on HTTP/2 stream shutdown (CVE-2018-1302)
Comment 1 Quality Assurance univentionstaff 2018-08-08 19:08:18 CEST
--- mirror/ftp/4.3/unmaintained/4.3-1/source/apache2_2.4.25-3+deb9u4A~4.3.0.201804040703.dsc
+++ apt/ucs_4.3-0-errata4.3-1/source/apache2_2.4.25-3+deb9u5A~4.3.1.201808081329.dsc
@@ -1,9 +1,24 @@
-2.4.25-3+deb9u4A~4.3.0.201804040703 [Wed, 04 Apr 2018 17:11:22 +0200] Univention builddaemon <buildd@univention.de>:
+2.4.25-3+deb9u5A~4.3.1.201808081329 [Wed, 08 Aug 2018 13:43:30 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. The following patches have been applied to the original source package
     05-autostart-setting
     10-apache2-reload
     20-no-proxy
+
+2.4.25-3+deb9u5 [Sat, 02 Jun 2018 10:01:13 +0200] Stefan Fritsch <sf@debian.org>:
+
+  * Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33. This
+    fixes
+    - CVE-2018-1302: mod_http2: Potential crash w/ mod_http2
+    - Segfaults in mod_http2 (Closes: #873945)
+    - mod_http2 issue with option "Indexes" and directive "HeaderName"
+      (Closes: #850947)
+    Unfortunately, this also removes support for http2 when running on
+    mpm_prefork.
+  * mod_http2: Avoid high memory usage with large files, causing crashes on
+    32bit archs. Closes: #897218
+  * Make the apache-htcacheclean init script actually look into
+    /etc/default/apache-htcacheclean for its config. Closes: #898563
 
 2.4.25-3+deb9u4 [Sat, 31 Mar 2018 10:47:16 +0200] Stefan Fritsch <sf@debian.org>:
 

<http://10.200.17.11/4.3-1/#8018937582357567868>
Comment 2 Philipp Hahn univentionstaff 2018-08-09 09:40:36 CEST
OK: patches
OK: piuparts
OK: yaml
OK: errata-announce apache2.yaml

[4.3-1] 7a2da28c7a Bug #47510: apache2 2.4.25-3+deb9u5A~4.3.1.201808081329
 doc/errata/staging/apache2.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)
Comment 3 Arvid Requate univentionstaff 2018-08-15 13:14:52 CEST
<http://errata.software-univention.de/ucs/4.3/170.html>