Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 813429 (CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438) - <www-servers/apache-2.4.49: multiple vulnerabilities (CVE-2021-{33193,34798,36160,39275,40438})
Summary: <www-servers/apache-2.4.49: multiple vulnerabilities (CVE-2021-{33193,34798,3...
Status: IN_PROGRESS
Alias: CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://httpd.apache.org/security/vuln...
Whiteboard: B3 [glsa?]
Keywords:
Depends on: CVE-2021-42013 815709
Blocks:
  Show dependency tree
 
Reported: 2021-09-17 01:39 UTC by John Helmert III
Modified: 2021-10-13 02:25 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-09-17 01:39:36 UTC
CVE-2021-33193:

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

CVE-2021-34798:

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

CVE-2021-36160:

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

CVE-2021-39275:

ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.

CVE-2021-40438:

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Please bump to 2.4.49.
Comment 1 Larry the Git Cow gentoo-dev 2021-09-18 07:03:27 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1e2c0178cad2e7b64deae625107ba91faee7ef3

commit e1e2c0178cad2e7b64deae625107ba91faee7ef3
Author:     Hans de Graaff <graaff@gentoo.org>
AuthorDate: 2021-09-18 07:02:34 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2021-09-18 07:03:22 +0000

    www-servers/apache: add 2.4.49
    
    Bug: https://bugs.gentoo.org/813429
    
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 www-servers/apache/Manifest             |   1 +
 www-servers/apache/apache-2.4.49.ebuild | 262 ++++++++++++++++++++++++++++++++
 2 files changed, 263 insertions(+)
Comment 2 Sam James archtester gentoo-dev Security 2021-09-18 07:36:05 UTC
Thanks! Please file a stable bug when ready and have it block this one.
Comment 3 Sam James archtester gentoo-dev Security 2021-09-28 19:05:10 UTC
(In reply to Sam James from comment #2)
> Thanks! Please file a stable bug when ready and have it block this one.

ping
Comment 4 Larry the Git Cow gentoo-dev 2021-10-05 20:43:17 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=633edec58613e0d0890ea9aeaf9438ffc2b948b0

commit 633edec58613e0d0890ea9aeaf9438ffc2b948b0
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-10-05 20:42:52 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-10-05 20:42:52 +0000

    app-admin/apache-tools: Security cleanup
    
    Bug: https://bugs.gentoo.org/816399
    Bug: https://bugs.gentoo.org/813429
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 app-admin/apache-tools/Manifest                    |   2 -
 .../apache-tools/apache-tools-2.4.48-r1.ebuild     | 103 ---------------------
 app-admin/apache-tools/apache-tools-2.4.49.ebuild  | 103 ---------------------
 3 files changed, 208 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bf620fd588cd625269e3b9fb604b18655bca2722

commit bf620fd588cd625269e3b9fb604b18655bca2722
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-10-05 20:42:19 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-10-05 20:42:19 +0000

    www-servers/apache: Security cleanup
    
    Bug: https://bugs.gentoo.org/816399
    Bug: https://bugs.gentoo.org/813429
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 www-servers/apache/Manifest                |   2 -
 www-servers/apache/apache-2.4.48-r3.ebuild | 262 -----------------------------
 www-servers/apache/apache-2.4.49.ebuild    | 262 -----------------------------
 3 files changed, 526 deletions(-)