Bug 1414037 - mod_proxy_fcgi regression in 2.4.23+
Summary: mod_proxy_fcgi regression in 2.4.23+
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Software Collections
Classification: Red Hat
Component: httpd
Version: httpd24
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: beta
: 2.4
Assignee: Luboš Uhliarik
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On:
Blocks: 1404778
TreeView+ depends on / blocked
 
Reported: 2017-01-17 15:14 UTC by Remi Collet
Modified: 2017-04-26 10:23 UTC (History)
2 users (show)

Fixed In Version: httpd24-httpd-2.4.25-5.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-04-26 10:23:48 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:1161 0 normal SHIPPED_LIVE Moderate: httpd24-httpd security, bug fix, and enhancement update 2017-04-26 14:19:21 UTC

Description Remi Collet 2017-01-17 15:14:23 UTC
Tracker byug to ensure we don't break common configuration using RewriteRule

See discussion on https://github.com/apache/httpd/commit/cab0bfbb2645bb8f689535e5e2834e2dbc23f5a5

Comment 5 Jan Houska 2017-03-14 18:44:44 UTC
Following tests using "RewriteRule" options  was found and their status was checked:

Regression/mod_proxy_wstunnel-with-ssl/rewrite.conf:RewriteRule ^/wss-app.* wss://%%hostname%%:8443 [P]  -- PASS
Regression/bz1060536-mod_rewrite-doesn-t-expose-client_addr/bug1060536.conf: RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}  -- PASS
Regression/mod-rewrite-ssl-client-auth-lookup/httpd.conf:  RewriteRule .* - [F]  -- PASS
Regression/bz517500-mod_rewrite-DPI/htaccess:RewriteRule ^foo-(.*) bar-$1 [DPI]  -- PASS
Regression/mod_rewrite-vs-mod_dir/bz1210091.conf:    RewriteRule ^$ duck.html [L]  -- PASS
Regression/bz1343582-451-status-code/httpd.conf:RewriteRule ^/rhts-call-your-laywer - [R=451,L]  -- PASS
security/CVE-2006-3747/httpd.conf:RewriteRule ^/rhts-cve-3747-(.*) $1  -- PASS
mod_cache/bug439842/runtest.sh:RewriteRule ^/cc\ dd /aa\ bb.html  -- PASS
Security/CVE-2011-3639-httpd-request-bypass-of-the-reverse-proxy/httpd.conf:    RewriteRule (.*) http://127.0.0.2:80$1 [P]  -- PASS
Security/CVE-2013-1862-httpd-mod-rewrite-allows-terminal-escape/httpd.conf:    RewriteRule ^path(.*) "http://127.0.0.1/ test/"  -- PASS
Security/CVE-2011-3368-httpd-reverse-web-proxy-vulnerability/httpd.conf:  RewriteRule (.*) http://localhost$1 [P]  -- PASS

Conclusions
All results PASSed therefore I assume this bug tracker as VERIFIED.

Comment 7 errata-xmlrpc 2017-04-26 10:23:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1161


Note You need to log in before you can comment on or make changes to this bug.