Bugzilla – Bug 899836
VUL-1: CVE-2014-3581: apache2: [NULL ptr DoS in mod_cache]
Last modified: 2016-02-17 21:16:15 UTC
CVE-2014-3581 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3581 http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3581.html
I think this is a minor issue (NULL ptr deref) so its enough to fix for Factory and put it on the planned update list.
Do you happen to know which of the SLE products are affected at all?
bugbot adjusting priority
The potentially problematic row is apr_table_setn(r->headers_out, "Content-Type", ap_make_content_type(r, r->content_type)); Especially if "ap_make_content_type(r, r->content_type)" is not checked for the NULL value. I have searched it through the all maintained versions and there is a list of the files with the occurrence of the problematic row: SLE 10 SP 3 (httpd-2.2.3) - modules/http/byterange_filter.c - fixed - modules/http/http_filters.c - affected - modules/cache/mod_disk_cache.c - affected - modules/cache/mod_mem_cache.c - affected SLE 10 SP 4 (httpd-2.2.3) - modules/http/byterange_filter.c - fixed - modules/http/http_filters.c - affected - modules/cache/mod_disk_cache.c - affected - modules/cache/mod_mem_cache.c - affected SLE 11 SP1 (httpd-2.2.12) - modules/http/byterange_filter.c - fixed - modules/http/http_filters.c - fixed - modules/cache/mod_disk_cache.c - affected - modules/cache/mod_mem_cache.c - affected SLE 12 (httpd-2.4.10) - modules/http/byterange_filter.c - fixed - modules/http/http_filters.c - fixed - modules/cache/cache_util.c - affected It means SLE 10 SP3, SLE 10 SP4 and SLE 11 SP1 need more than the simple fix above. For SLE 12 the fix above will be enough.
Created attachment 612825 [details] proposed SLE patches I'm attaching the proposed SLE patches. The fix for Factory has already been submitted.
As the patches for SLE are prepared and patch for Factory was submitted, I'm closing this bug.
please leave it open until submission... we otherwise might lose track.
*** Bug 914956 has been marked as a duplicate of this bug. ***
An update workflow for this issue was started. This issue was rated as low. Please submit fixed packages until 2015-04-08. https://swamp.suse.de/webswamp/wf/61064
Submitted to: - SLE10SP3: https://build.suse.de/request/show/54652 - SLE11SP1: https://build.suse.de/request/show/53778 - SLE12: https://build.suse.de/request/show/54654 I'm reassigning it back to security-team.
SUSE-SU-2015:0689-1: An update that contains security fixes can now be installed. Category: security (moderate) Bug References: 713970,871310,899836,904427,907339,907477 CVE References: Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): apache2-2.2.12-1.51.52.1 SUSE Linux Enterprise Server 11 SP3 for VMware (src): apache2-2.2.12-1.51.52.1 SUSE Linux Enterprise Server 11 SP3 (src): apache2-2.2.12-1.51.52.1
SUSE-SU-2015:0974-1: An update that solves four vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 792309,871310,899836,909715,918352,923090 CVE References: CVE-2013-5704,CVE-2014-3581,CVE-2014-8109,CVE-2015-0228 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): apache2-2.4.10-12.1 SUSE Linux Enterprise Server 12 (src): apache2-2.4.10-12.1
updates released
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-08-07. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62232