[Bug 65627] apache httpd segfault on child exit

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65627

Graham Leggett  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #19 from Graham Leggett  ---
Backported to 2.4.52.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65620] Potential memory leaks from BIO_new

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65620

--- Comment #2 from Graham Leggett  ---
Backported to 2.4.52.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65616] CVE-2021-36160 regression

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65616

Graham Leggett  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #9 from Graham Leggett  ---
Backported to 2.4.52.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65631] Proxy CONNECT error 500

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65631

--- Comment #10 from Graham Leggett  ---
Backported to v2.4.52.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65662] Hunging processes with FIN_WAIT2 and CLOSE_WAIT

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65662

Graham Leggett  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #25 from Graham Leggett  ---
Backported to v2.4.52.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65689] proxy connections to target left in CLOSE_WAIT state

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65689

--- Comment #9 from Graham Leggett  ---
Backported to v2.4.52.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 65737] New: Proxy Balancer AH10187: ignoring params in balancer-manager cross-site access

2021-12-10 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=65737

Bug ID: 65737
   Summary: Proxy Balancer AH10187: ignoring params in
balancer-manager cross-site access
   Product: Apache httpd-2
   Version: 2.4.41
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: mod_proxy_balancer
  Assignee: bugs@httpd.apache.org
  Reporter: h...@localhorst.org
  Target Milestone: ---

I came across from here 

https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1939678

After Update from Ubuntu 18.04 apache2 2.4.29 to Ubuntu 20.04 apache2 2.4.41

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

To Reproduce i create two new Virtual Box VMs on my local Machine and compile
apach2 from the sources 2.4.38 -> 2.4.51

 -
|Bastian Host |
|Apache Proxy | ---> LB Apache Balancer Manger
 -

Debian 11 -> Bastion Host (Proxy) / 192.168.56.70
Ubuntu 20.04 -> LB Manager / 192.168.56.170

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

I use the Proxy as Bastion Host to reache several LB Manager from one Point.

Debian 11 Proxy strip down config for reproduce the issue.

:~# apt-get install apache2

~# vim /etc/apache2/sites-enabled/000-default.conf
[...]
   
ProxyPass http://192.168.56.170:81/balancer-manager
ProxyPassReverse http://192.168.56.170:81/balancer-manager
SetOutputFilter INFLATE;SUBSTITUTE
Substitute "s|http://192.168.56.70:81|http://192.168.56.170|i"
   
[...]

:~# a2enmod proxy_http substitute
:~# systemctl restart apache2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Second VM with Ubuntu 20.04 for testing and reproduction. I compile apache from
the sources. I Start with apache 2.4.38

wget http://archive.apache.org/dist/httpd/httpd-2.4.38.tar.gz
configure / make / make install


:~# vim /usr/local/apache2/conf/httpd.conf
ServerRoot "/usr/local/apache2"
ServerName "localhost"
ServerAdmin y...@example.com

Listen 80
Listen 81
Listen 8100

LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule filter_module modules/mod_filter.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule alias_module modules/mod_alias.so


User daemon
Group daemon



AllowOverride none
Require all denied


DocumentRoot "/usr/local/apache2/htdocs"

Options Indexes FollowSymLinks
AllowOverride None
Require all granted



DirectoryIndex index.html


ErrorLog "logs/error_log"
LogLevel warn


LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"
%I %O" combinedio

CustomLog "logs/access_log" common



RequestHeader unset Proxy early



TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz



SSLRandomSeed startup builtin
SSLRandomSeed connect builtin



  Servername 127.0.0.1
  ServerAdmin root@localhost

  
SetHandler balancer-manager
Require all granted
   

  LogLevel warn
  ErrorLog "logs/management_error.log"
  CustomLog "/management_access.log" combined



  BalancerMember "http://192.168.168.130/test";
  BalancerMember "http://192.168.168.131/test"; status=+H
  ProxySet lbmethod=bybusyness



  ServerAdmin root@localhost
  ServerName testapp01
  ServerAlias 127.0.0.1:8100

  ProxyPass "/test" "balancer://test"
  ProxyPassReverse "/test" "balancer://te