FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Apache -- Multiple vulnerabilities

Affected packages
apache24 < 2.4.41

Details

VuXML ID caf545f2-c0d9-11e9-9051-4c72b94353b5
Discovery 2019-08-14
Entry 2019-08-17

SO-AND-SO reports:

SECURITY: CVE-2019-10081

mod_http2: HTTP/2 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.

SECURITY: CVE-2019-9517

mod_http2: a malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections.

SECURITY: CVE-2019-10098

rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable matches and substitutions with encoded line break characters.

SECURITY: CVE-2019-10092

Remove HTML-escaped URLs from canned error responses to prevent misleading text/links being displayed via crafted links.

SECURITY: CVE-2019-10097

mod_remoteip: Fix stack buffer overflow and NULL pointer deference when reading the PROXY protocol header.

CVE-2019-10082

mod_http2: Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

References

CVE Name CVE-2019-10081
CVE Name CVE-2019-10082
CVE Name CVE-2019-10092
CVE Name CVE-2019-10098
CVE Name CVE-2019-9517
URL http://www.apache.org/dist/httpd/CHANGES_2.4