Ubuntu
apache2 package

Merge ~michal-maloszewski99/ubuntu/+source/apache2:apache2-kinetic-fix-proxy-hcheck into ubuntu/+source/apache2:ubuntu/kinetic-devel

  1. Git
  2. lp:~michal-maloszewski99/ubuntu/+source/apache2
  3. apache2-kinetic-fix-proxy-hcheck
  4. Merge into ubuntu/kinetic-devel
Proposed by Michał Małoszewski
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merge reported by: Michał Małoszewski
Merged at revision: 8b6d612d53f305182579adc300aebaaa3209e86f
Proposed branch: ~michal-maloszewski99/ubuntu/+source/apache2:apache2-kinetic-fix-proxy-hcheck
Merge into: ubuntu/+source/apache2:ubuntu/kinetic-devel
Diff against target: 82 lines (+60/-0)
3 files modified
debian/changelog (+7/-0)
debian/patches/mod_proxy_hcheck_kinetic_fix_to_detect_support.patch (+52/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Bryce Harrington (community) Approve
Canonical Server Reporter Pending
Review via email: mp+438155@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic/?format=plain)
  apache2 @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic/kinetic/armhf/a/apache2/20230302_093020_e49a9@/log.gz
    02.03.23 09:30:20 ✅ Triggers: apache2/2.4.54-2ubuntu1.2
  apache2 @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic/kinetic/ppc64el/a/apache2/20230302_091833_5eac6@/log.gz
    02.03.23 09:18:33 ✅ Triggers: apache2/2.4.54-2ubuntu1.2
  apache2 @ s390x:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic/kinetic/s390x/a/apache2/20230302_091344_e40dc@/log.gz
    02.03.23 09:13:44 ✅ Triggers: apache2/2.4.54-2ubuntu1.2

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Working on SRU template right now

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Link to the SRU template
https://docs.google.com/document/d/1caRaCLOsgtU_JZNoLpYmFxwqrTgHhpPvLVcV3qPREsg/edit?usp=sharing

Revision history for this message
Bryce Harrington (bryce) wrote :

I'll review this one.

Michał, I assume you'll also need sponsorship for the upload?

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Yes Bryce, I need a sponsorship

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/apache2/+git/apache2/+merge/434741
There is also jammy MP, if you can take a look

Revision history for this message
Bryce Harrington (bryce) wrote :

Looks good, see the jammy MP for commentary on the SRU text, but the packaging is good, so I've sponsored the upload.

review: Approve
Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: bryce, michal-maloszewski99
Uploaders: bryce
MP auto-approved

review: Approve
Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Version changed from 2.4.54-2ubuntu1.2 to 2.4.54-2ubuntu1.3.
Autopkgtests work fine.

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic-v2/?format=plain)
  apache2 @ arm64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic-v2/kinetic/arm64/a/apache2/20230314_203006_c032c@/log.gz
    14.03.23 20:30:06 ✅ Triggers: apache2/2.4.54-2ubuntu1.3~ppa3
  apache2 @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic-v2/kinetic/armhf/a/apache2/20230314_201106_c032c@/log.gz
    14.03.23 20:11:06 ✅ Triggers: apache2/2.4.54-2ubuntu1.3~ppa3
  apache2 @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic-v2/kinetic/ppc64el/a/apache2/20230314_195604_73f70@/log.gz
    14.03.23 19:56:04 ✅ Triggers: apache2/2.4.54-2ubuntu1.3~ppa3
  apache2 @ s390x:
    http://autopkgtest.ubuntu.com/results/autopkgtest-kinetic-michal-maloszewski99-lp1998311-apache2-mod-proxy-ppa-kinetic-v2/kinetic/s390x/a/apache2/20230314_200524_cb154@/log.gz
    14.03.23 20:05:24 ✅ Triggers: apache2/2.4.54-2ubuntu1.3~ppa3
Running:
    time pkg release arch ppa trigger
    6250 apache2 kinetic amd64 michal-maloszewski99/lp1998311-apache2-mod-proxy-ppa-kinetic-v2 apache2/2.4.54-2ubuntu1.3~ppa3

Needs to be sponsored again.

Revision history for this message
Bryce Harrington (bryce) wrote :

You need to set the status of this MP to Merged, Michal.

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Done, thx Bryce

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 2a30de0..3930435 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+apache2 (2.4.54-2ubuntu1.3) kinetic; urgency=medium
7+
8+ * d/p/mod_proxy_hcheck_kinetic_fix_to_detect_support.patch: Fix issue
9+ where enabling mod_proxy_hcheck results in error (LP: #1998311)
10+
11+ -- Michal Maloszewski <michal.maloszewski@canonical.com> Thu, 02 Mar 2023 00:01:26 +0100
12+
13 apache2 (2.4.54-2ubuntu1.2) kinetic-security; urgency=medium
14
15 * SECURITY UPDATE: HTTP request splitting with mod_rewrite and mod_proxy
16diff --git a/debian/patches/mod_proxy_hcheck_kinetic_fix_to_detect_support.patch b/debian/patches/mod_proxy_hcheck_kinetic_fix_to_detect_support.patch
17new file mode 100644
18index 0000000..4efc3e4
19--- /dev/null
20+++ b/debian/patches/mod_proxy_hcheck_kinetic_fix_to_detect_support.patch
21@@ -0,0 +1,52 @@
22+From eaafacd0efc6bae4e2a9de616bf487b8a55437c1 Mon Sep 17 00:00:00 2001
23+From: Eric Covener <covener@apache.org>
24+Date: Tue, 29 Nov 2022 13:24:16 +0000
25+Subject: [PATCH] Merge r1904516 from trunk:
26+Description: Fix the mod_proxy_hcheck module
27+Origin: backport, https://github.com/apache/httpd/commit/eaafacd0efc6bae4e2a9de616bf487b8a55437c1
28+Bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=66300
29+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1998311
30+Last-Update: 2023-03-01
31+---
32+ modules/proxy/mod_proxy_hcheck.c | 23 ++++++++++++-----------
33+ 1 file changed, 12 insertions(+), 11 deletions(-)
34+
35+--- a/modules/proxy/mod_proxy_hcheck.c
36++++ b/modules/proxy/mod_proxy_hcheck.c
37+@@ -1073,6 +1073,18 @@
38+ hctp = NULL;
39+ tpsize = HC_THREADPOOL_SIZE;
40+ #endif
41++
42++ ajp_handle_cping_cpong = APR_RETRIEVE_OPTIONAL_FN(ajp_handle_cping_cpong);
43++ if (ajp_handle_cping_cpong) {
44++ proxy_hcmethods_t *method = proxy_hcmethods;
45++ for (; method->name; method++) {
46++ if (method->method == CPING) {
47++ method->implemented = 1;
48++ break;
49++ }
50++ }
51++ }
52++
53+ return OK;
54+ }
55+ static int hc_post_config(apr_pool_t *p, apr_pool_t *plog,
56+@@ -1129,17 +1141,6 @@
57+ s = s->next;
58+ }
59+
60+- ajp_handle_cping_cpong = APR_RETRIEVE_OPTIONAL_FN(ajp_handle_cping_cpong);
61+- if (ajp_handle_cping_cpong) {
62+- proxy_hcmethods_t *method = proxy_hcmethods;
63+- for (; method->name; method++) {
64+- if (method->method == CPING) {
65+- method->implemented = 1;
66+- break;
67+- }
68+- }
69+- }
70+-
71+ return OK;
72+ }
73+
74diff --git a/debian/patches/series b/debian/patches/series
75index 929094f..06abf94 100644
76--- a/debian/patches/series
77+++ b/debian/patches/series
78@@ -19,3 +19,4 @@ CVE-2022-37436.patch
79 CVE-2023-25690-1.patch
80 CVE-2023-25690-2.patch
81 CVE-2023-27522.patch
82+mod_proxy_hcheck_kinetic_fix_to_detect_support.patch

Subscribers

People subscribed via source and target branches