CVE-2022-22728: A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. I guess this is all of the information available. I don't see any newer version on Repology.
From 2.17 release notes: 3 4 @section v2_17 Changes with libapreq2-2.17 (released 25 August, 2022) 5 6 - Multipart header parser [Yann Ylavic] 7 Rework apreq_parse_headers() to discard CRLF of folded values.
(In reply to Sam James from comment #1) > From 2.17 release notes: > > 3 > 4 @section v2_17 Changes with libapreq2-2.17 (released 25 August, 2022) > 5 > 6 - Multipart header parser [Yann Ylavic] > 7 Rework apreq_parse_headers() to discard CRLF of folded values. Hm, are we sure this fixes the CVE? I asked on oss-security if there was a fixed version, and nobody responded: https://www.openwall.com/lists/oss-security/2022/08/26/4 In any case, GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7972f8b0e22a8628bd9af218513ccc02bde0cc4d commit 7972f8b0e22a8628bd9af218513ccc02bde0cc4d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-03 10:05:03 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-03 10:05:30 +0000 [ GLSA 202305-20 ] libapreq2: Buffer Overflow Bug: https://bugs.gentoo.org/866536 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202305-20.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=14bc66f742da33942bd55ff8858ae54210039e73 commit 14bc66f742da33942bd55ff8858ae54210039e73 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-05-03 10:09:14 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-03 10:09:14 +0000 www-apache/libapreq2: drop 2.16-r1 Bug: https://bugs.gentoo.org/866536 Signed-off-by: Sam James <sam@gentoo.org> www-apache/libapreq2/Manifest | 1 - www-apache/libapreq2/libapreq2-2.16-r1.ebuild | 80 --------------------------- 2 files changed, 81 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=732f6cefb4a1e4884e3fa3048d18faa0babd014a commit 732f6cefb4a1e4884e3fa3048d18faa0babd014a Author: Sam James <sam@gentoo.org> AuthorDate: 2023-05-04 07:06:24 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-04 07:06:24 +0000 [ GLSA 202305-20 ] Fix description Bug: https://bugs.gentoo.org/905652 Bug: https://bugs.gentoo.org/866536 Signed-off-by: Sam James <sam@gentoo.org> glsa-202305-20.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)