Bugzilla – Bug 586572
VUL-0: CVE-2010-0408 CVE-2010-0434: apache2: New security fixes in apache 2.2.15
Last modified: 2018-10-02 17:37:07 UTC
There seem to be new security fixes in the new apache release: http://apache.linux-mirror.org/httpd/CHANGES_2.2.15 in particular CVE-2010-0408, CVE-2010-0425 and CVE-2010-0434 which seem to be unhandled by the previous bugzilla entries.
Yup. Thanks. Unfortunately, a backport of SSLInsecureRenegotiation introduces a dependency to http://bugzilla.novell.com/show_bug.cgi?id=584292 .
CVE-2010-0425 is windows specific ====================================================== Name: CVE-2010-0408 The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apa che HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to us e of a 500 error code instead of the appropriate 400 error code. Reference: CONFIRM: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modu les/proxy/mod_proxy_ajp.c?r1=917876&r2=917875&pathrev=917876 Reference: CONFIRM: http://httpd.apache.org/security/vulnerabilities_22.html Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=569905 Reference: BID: http://www.securityfocus.com/bid/38491 Reference: MANDRIVA: http://www.mandriva.com/security/advisories?name=MDVSA-2010 :053 Reference: CONFIRM: http://svn.apache.org/viewvc?view=revision&revision=917876 ====================================================== Name: CVE-2010-0434 The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2. x before 2.2.15, when a multithreaded MPM is used, does not properly handle head ers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an ear lier request. Reference: CONFIRM: http://httpd.apache.org/security/vulnerabilities_22.html Reference: CONFIRM: https://issues.apache.org/bugzilla/show_bug.cgi?id=48359 Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=570171 Reference: XF: http://xforce.iss.net/xforce/xfdb/56625 Reference: BID: http://www.securityfocus.com/bid/38494 Reference: CONFIRM: http://svn.apache.org/viewvc?view=revision&revision=918427 Reference: CONFIRM: http://svn.apache.org/viewvc?view=revision&revision=917867 Reference: CONFIRM: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/serv er/protocol.c?r1=917617&r2=917867&pathrev=917867&diff_format=h
sles9 unaffected, all other products fixed by submitted packages.
You've only submitted a fix for the MPM bug but not for the ajp stuff
Update released for: apache2, apache2-debuginfo, apache2-debugsource, apache2-devel, apache2-doc, apache2-event, apache2-event-debuginfo, apache2-example-certificates, apache2-example-pages, apache2-itk, apache2-itk-debuginfo, apache2-prefork, apache2-prefork-debuginfo, apache2-utils, apache2-utils-debuginfo, apache2-worker, apache2-worker-debuginfo Products: openSUSE 11.0 (debug, i386, ppc, x86_64) openSUSE 11.1 (debug, i586, ppc, x86_64) openSUSE 11.2 (debug, i586, x86_64)
released
Update released for: apache2, apache2-debuginfo, apache2-debugsource, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-utils, apache2-worker Products: SLE-DEBUGINFO 11 (i386, ia64, ppc64, s390x, x86_64) SLE-SDK 11 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11 (i386, ia64, ppc64, s390x, x86_64)
Update released for: apache2, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-worker Products: SLE-DEBUGINFO 10-SP2 (i386, ia64, ppc, s390x, x86_64) SLE-SDK 10-SP2 (i386, ia64, ppc, s390x, x86_64) SLE-SERVER 10-SP2 (i386, ia64, ppc, s390x, x86_64)
Update released for: apache2, apache2-debuginfo, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-worker Products: SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64) SLE-SAP-APL 10-SP3 (x86_64) SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64) SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)