On Wed, 2023-01-18 at 11:25 +0400, Yadd wrote:
> Apache2 has 3 new security issues:
> * CVE-2006-20001: mod_dav out of bounds read, or write of zero byte.
> A carefully crafted If: request header can cause a memory read, or
> write
> of a single zero byte, in a pool (heap) memory location beyond the
> header
> value sent. This could cause the process to crash.
> * CVE-2022-36760: mod_proxy_ajp Possible request smuggling.
> Inconsistent Interpretation of HTTP Requests ('HTTP Request
> Smuggling')
> vulnerability in mod_proxy_ajp of Apache HTTP Server allows an
> attacker
> to smuggle requests to the AJP server it forwards requests to.
> * CVE-2022-37436: mod_proxy prior to 2.4.55 allows a backend to
> trigger HTTP
> response splitting.
> A malicious backend can cause the response headers to be truncated
> early,
> resulting in some headers being incorporated into the response
> body. If
> the later headers have any security purpose, they will not be
> interpreted
> by the client.
Apologies for letting this fall through the cracks until now.
>From comments in #1032977, it sounds as if this request has been
effectively superseded by an impending DSA release?
Regards,
Adam
