Bug 736593 - httpd: RHSA-2011:1245 regressions [rhel-5]
httpd: RHSA-2011:1245 regressions [rhel-5]
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: httpd (Show other bugs)
5.7
All Linux
medium Severity medium
: rc
: ---
Assigned To: Joe Orton
BaseOS QE Security Team
: Regression
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-09-08 04:00 EDT by Tomas Hoger
Modified: 2011-10-20 12:56 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-10-20 12:56:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Legacy) 61709 None None None Never

  None (edit)
Description Tomas Hoger 2011-09-08 04:00:26 EDT
+++ This bug was initially created as a clone of Bug #736592 +++

Description of problem:
RHSA-2011:1245 provided a fix for CVE-2011-3192, which significantly changed Ranges handling code and resulted in few regressions:

suffix-byte-range-spec ("-" suffix-length) were handled as equivalent to 0-suffix-length, resulting in the first suffix-length + 1 bytes being returned, rather than last suffix-length bytes.  Reported upstream in:
https://issues.apache.org/bugzilla/show_bug.cgi?id=51748

httpd did not return 416 error when all specified ranges were unsatisfiable. This can happen if range specification is syntactically incorrect, or if first-byte-pos is behind the end of the file.

The fix as applied to upstream 2.2.x SVN branch:
http://svn.apache.org/viewvc?view=revision&revision=1165607
Comment 5 bugreports2005 2011-10-12 05:10:32 EDT
According to comment 32 of Bug #732928, the server also wrongly returns 200 OK when 206 Partial is expected.

I think we are being hit by this, and I don't see a mention of it above. Should there be one?
Comment 6 Tomas Hoger 2011-10-13 10:14:38 EDT
(In reply to comment #5)
> According to comment 32 of Bug #732928, the server also wrongly returns 200 OK
> when 206 Partial is expected.

Also noted in:
  https://bugzilla.redhat.com/show_bug.cgi?id=736592#c6

Behaviour for that case has been changed upstream several times:
  http://svn.apache.org/viewvc?view=revision&revision=1163833
  http://svn.apache.org/viewvc?view=revision&revision=1165062
  http://svn.apache.org/viewvc?view=revision&revision=1175980
Comment 8 bugreports2005 2011-10-19 07:39:50 EDT
I see, but is it also desirable that a security patch changes functionality in an otherwise frozen release downstream?
Comment 9 errata-xmlrpc 2011-10-20 12:56:41 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2011-1392.html

Note You need to log in before you can comment on or make changes to this bug.