From: Roy T. Fielding Date: Tue, 7 Mar 2023 17:37:10 +0000 (+0000) Subject: unmangle the example config for CVE-2023-2569 X-Git-Tag: 2.4.57-rc1-candidate~56 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8cdaf53e24bf05b7c81be45208b41acee15969b9;p=thirdparty%2Fapache%2Fhttpd.git unmangle the example config for CVE-2023-2569 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1908165 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index db8f0443eae..a4a26fdb443 100644 --- a/CHANGES +++ b/CHANGES @@ -17,18 +17,13 @@ Changes with Apache 2.4.56 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with - some form of RewriteRule - or ProxyPassMatch in which a non-specific pattern matches - some portion of the user-supplied request-target (URL) data and - is then - re-inserted into the proxied request-target using variable - substitution. For example, something like: - RewriteEngine on - RewriteRule "^/here/(.*)" " - http://example.com:8080/elsewhere?$1" - http://example.com:8080/elsewhere ; [P] - ProxyPassReverse /here/ http://example.com:8080/ - http://example.com:8080/ + some form of RewriteRule or ProxyPassMatch in which a non-specific + pattern matches some portion of the user-supplied request-target (URL) + data and is then re-inserted into the proxied request-target + using variable substitution. For example, something like: + RewriteEngine on + RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] + ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning.