Hello community, here is the log from the commit of package tomcat6 for openSUSE:11.4 checked in at Fri Sep 16 16:04:30 CEST 2011.
-------- --- old-versions/11.4/UPDATES/all/tomcat6/tomcat6.changes 2011-08-15 13:30:48.000000000 +0200 +++ 11.4/tomcat6/tomcat6.changes 2011-09-15 16:14:01.000000000 +0200 @@ -1,0 +2,7 @@ +Thu Sep 15 14:13:16 UTC 2011 - [email protected] + +- fix bnc#715991 - VUL-0: tomcat authentication bypass and information + disclosure (CVE-2011-3190) + * http://svn.apache.org/viewvc?view=revision&revision=1162959 + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 New: ---- apache-tomcat-CVE-2011-3190.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tomcat6.spec ++++++ --- /var/tmp/diff_new_pack.8lLdI1/_old 2011-09-16 16:03:25.000000000 +0200 +++ /var/tmp/diff_new_pack.8lLdI1/_new 2011-09-16 16:03:25.000000000 +0200 @@ -41,7 +41,7 @@ Name: tomcat6 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 7.<RELEASE8> +Release: 7.<RELEASE10> Summary: Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API Group: Productivity/Networking/Web/Servers License: Apache Software License .. @@ -68,6 +68,8 @@ Patch2: apache-tomcat-CVE-2011-2204.patch #PATCH-FIX-UPSTREAM: http://svn.apache.org/viewvc?view=revision&revision=1146703 Patch3: apache-tomcat-CVE-2011-2526.patch +#PATCH-FIX-UPSTREAM: http://svn.apache.org/viewvc?view=revision&revision=1162959 +Patch4: apache-tomcat-CVE-2011-3190.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch BuildRequires: ant @@ -226,6 +228,7 @@ %patch1 -p0 %patch2 -p1 -b .CVE-2011-2204 %patch3 -p1 -b .CVE-2011-2526 +%patch4 -p1 -b .CVE-2011-3190 %build export CLASSPATH= ++++++ apache-tomcat-CVE-2011-3190.patch ++++++ Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpProcessor.java =================================================================== --- apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpProcessor.java (revision 1162958) +++ apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpProcessor.java (revision 1162959) @@ -423,11 +423,13 @@ } continue; } else if(type != Constants.JK_AJP13_FORWARD_REQUEST) { - // Usually the servlet didn't read the previous request body - if(log.isDebugEnabled()) { - log.debug("Unexpected message: "+type); + // Unexpected packet type. Unread body packets should have + // been swallowed in finish(). + if (log.isDebugEnabled()) { + log.debug("Unexpected message: " + type); } - continue; + error = true; + break; } request.setStartTime(System.currentTimeMillis()); @@ -1061,6 +1063,11 @@ finished = true; + // Swallow the unread body packet if present + if (first && request.getContentLengthLong() > 0) { + receive(); + } + // Add the end message output.write(endMessageArray); Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpAprProcessor.java =================================================================== --- apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpAprProcessor.java (revision 1162958) +++ apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpAprProcessor.java (revision 1162959) @@ -405,11 +405,13 @@ } continue; } else if(type != Constants.JK_AJP13_FORWARD_REQUEST) { - // Usually the servlet didn't read the previous request body - if(log.isDebugEnabled()) { - log.debug("Unexpected message: "+type); + // Unexpected packet type. Unread body packets should have + // been swallowed in finish(). + if (log.isDebugEnabled()) { + log.debug("Unexpected message: " + type); } - continue; + error = true; + break; } keptAlive = true; @@ -1056,6 +1058,11 @@ finished = true; + // Swallow the unread body packet if present + if (first && request.getContentLengthLong() > 0) { + receive(); + } + // Add the end message if (outputBuffer.position() + endMessageArray.length > outputBuffer.capacity()) { flush(); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
