Fix cve-2019-3821

Signed-off-by: Boris Ranto <branto@redhat.com>
2019-02-21 08:33:15 +01:00 · 2019-02-21 08:33:15 +01:00 · a9b0fc4948
parent fcfe376de3
commit a9b0fc4948
2 changed files with 14 additions and 0 deletions
--- a/0003-cve-2019-3821.patch
+++ b/0003-cve-2019-3821.patch
@ -0,0 +1,13 @@
+diff -ur ceph-14.0.1/src/civetweb/src/civetweb.c ceph-14.0.1.mod/src/civetweb/src/civetweb.c
+--- ceph-14.0.1/src/civetweb/src/civetweb.c	2018-06-20 15:53:52.000000000 +0200
+++ ceph-14.0.1.mod/src/civetweb/src/civetweb.c	2019-02-21 08:28:09.797504543 +0100
+@@ -16268,6 +16268,9 @@
+ 					conn->request_info.client_cert = 0;
+ 				}
+ 			}
+			else {
+				close_connection(conn);
+			}
+ #endif
+ 		} else {
+ 			/* process HTTP connection */
--- a/ceph.spec
+++ b/ceph.spec
@ -113,6 +113,7 @@ URL:		http://ceph.com/
 Source0:	%{?_remote_tarball_prefix}ceph-14.0.1.tar.bz2
 Patch001:	0001-f30-python3-execs.patch
 Patch002:	0002-f30-gcc9.patch
+Patch003:	0003-cve-2019-3821.patch
 ExcludeArch:	i686 armv7hl
 #################################################################################
 # dependencies that apply across all distro families