An buga sakin sabar HTTP ta Apache 2.4.56, wanda ke gabatar da canje-canje na 6 kuma yana kawar da lahani na 2 da ke da alaƙa da yiwuwar aiwatar da hare-haren "Buƙatar HTTP Smuggling" akan tsarin ƙarshen ƙarshen-baya, yana ba da damar shiga cikin abubuwan da ke cikin buƙatun sauran masu amfani da aka sarrafa a cikin zaren iri ɗaya tsakanin gaba da baya. Ana iya amfani da harin don ketare tsarin hana shiga ko saka lambar JavaScript mara kyau a cikin zama tare da ingantaccen gidan yanar gizo.
Rashin lahani na farko (CVE-2023-27522) yana shafar tsarin mod_proxy_uwsgi kuma yana ba da damar raba amsa zuwa sassa biyu akan ɓangaren wakili ta hanyar maye gurbin haruffa na musamman a cikin taken HTTP da baya baya ya dawo.
Rashin lahani na biyu (CVE-2023-25690) yana cikin mod_proxy kuma yana faruwa lokacin amfani da wasu ƙa'idodin sake rubuta buƙatun ta amfani da umarnin RewriteRule da aka bayar ta tsarin mod_rewrite ko wasu alamu a cikin umarnin ProxyPassMatch. Lalacewar na iya haifar da buƙatu ta hanyar wakili don albarkatun cikin gida waɗanda ba a yarda a isa su ta hanyar wakili ba, ko ga gubar abubuwan da ke cikin cache. Don bayyana rashin lafiyar, ya zama dole cewa buƙatar sake rubuta dokoki ta yi amfani da bayanai daga URL ɗin, wanda sai a canza shi cikin buƙatar da aka ƙara. Misali: Sake rubutaEngine akan RewriteRule "^/here/(.*)" http://example.com:8080/elsewhere?$1″ http://example.com:8080/elsewhere; [P] ProxyPassReverse / nan/ http://example.com:8080/ http://example.com:8080/
Daga cikin sauye-sauye marasa tsaro:
- An ƙara alamar "-T" zuwa rotatelogs mai amfani, wanda ke ba da damar, lokacin da ake jujjuya rajistan ayyukan, don yanke fayilolin log na gaba ba tare da yanke fayil ɗin log na farko ba.
- mod_ldap yana ba da damar ƙima mara kyau a cikin umarnin LDAPConnectionPoolTTL don saita sake amfani da kowane tsohuwar haɗin gwiwa.
- Modul mod_md, wanda aka yi amfani da shi don sarrafa karɓa da kula da takaddun shaida ta amfani da ka'idar ACME (Automatic Certificate Management Environment), lokacin da aka haɗa shi tare da libressl 3.5.0+, ya haɗa da goyan baya ga tsarin sa hannun dijital na ED25519 da lissafin bayanan log ɗin takardar shaidar jama'a (CT) , Takaddun shaida). Umarnin MDChallengeDns01 yana ba da damar ma'anar saituna don kowane yanki.
- mod_proxy_uwsgi ya ƙara tsananta bincike da tantance martani daga masu goyon bayan HTTP.
source: budenet.ru