Bugzilla – Bug 829056
VUL-1: CVE-2013-1896: apache2: mod_dav: segfault in merge request
Last modified: 2018-10-19 18:11:48 UTC
is public, via apache2 http://www.apache.org/dist/httpd/Announcement2.2.html Apache HTTP Server 2.2.25 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.25 of the Apache HTTP Server ("Apache"). This version of Apache is principally a security and bug fix legacy release, including the following security fixes: SECURITY: CVE-2013-1896 (cve.mitre.org) mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault. SECURITY: CVE-2013-1862 (cve.mitre.org) mod_rewrite: Ensure that client data written to the RewriteLog is escaped to prevent terminal escape sequences from entering the log file. The Apache HTTP Project thanks Ben Riser and Ramiro Molina for bringing these issues to the attention of the project security team.
(splitting off the rewrite bug)
bugbot adjusting priority
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h I think it affects SLE11 and SLE10 codebases
This is an autogenerated message for OBS integration: This bug (829056) was mentioned in https://build.opensuse.org/request/show/184942 Evergreen:11.2 / apache2 https://build.opensuse.org/request/show/184943 Maintenance /
packages submitted to sle11, sle10, openSUSE-12.{2,3} and evergreen 11.{2,4} codebases. Reassigning to security-team@ for further processing. Unfortunately, the maintenancerequest for openSUSE went wrong, the packages were solely submitted to their parent project.
This is an autogenerated message for OBS integration: This bug (829056) was mentioned in https://build.opensuse.org/request/show/184944 Maintenance / https://build.opensuse.org/request/show/184945 Maintenance /
openSUSE-SU-2013:1337-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 829056,829057 CVE References: CVE-2013-1862,CVE-2013-1896 Sources used: openSUSE 12.2 (src): apache2-2.2.22-4.18.1
openSUSE-SU-2013:1340-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 829056,829057 CVE References: CVE-2013-1862,CVE-2013-1896 Sources used: openSUSE 12.3 (src): apache2-2.2.22-10.8.1
openSUSE-SU-2013:1341-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 829056,829057 CVE References: CVE-2013-1862,CVE-2013-1896 Sources used: openSUSE 11.4 (src): apache2-2.2.17-4.72.1
This is an autogenerated message for OBS integration: This bug (829056) was mentioned in https://build.opensuse.org/request/show/196053 Evergreen:11.2 / apache2
Update released for: apache2, apache2-debuginfo, apache2-debugsource, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-utils, apache2-worker Products: SLE-SERVER 11-SP1-TERADATA (x86_64)
Update released for: apache2, apache2-debuginfo, apache2-debugsource, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-utils, apache2-worker Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-SDK 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64)
Update released for: apache2, apache2-debuginfo, apache2-debugsource, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-utils, apache2-worker Products: SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP3 (i386, x86_64)
Update released for: apache2, apache2-debuginfo, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-worker Products: SLE-SERVER 10-SP3-TERADATA (x86_64)
released
The SWAMPID for this issue is 54705. This issue was rated as moderate. Please submit fixed packages until 2013-10-28. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
made bug public again
for qa maintenance testing could you be so kind to provide a reproducer?
there is sadly no reproducer available for this right now and it is hard to write for me.
Update released for: apache2, apache2-debuginfo, apache2-debugsource, apache2-devel, apache2-doc, apache2-event, apache2-example-pages, apache2-prefork, apache2-utils, apache2-worker Products: SLE-DEBUGINFO 11-SP1 (i386, s390x, x86_64) SLE-SERVER 11-SP1-LTSS (i386, s390x, x86_64) SLES4VMWARE 11-SP1-LTSS (i386, x86_64)
done