[mod_security/el5] Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906)

[Athmane Madjoudj]

commit eff88774affd789c778236709f5d023bc959a909
Author: Athmane Madjoudj <athmane at fedoraproject.org>
Date:   Tue Apr 1 19:37:52 2014 +0100

    Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906)

 ...string_case_sensitive_issue-cve-2013-5705.patch |   25 ++++++++++++++++++++
 mod_security.spec                                  |    7 ++++-
 2 files changed, 31 insertions(+), 1 deletions(-)
---
diff --git a/mod_security-2.7.6-fix_chunked_string_case_sensitive_issue-cve-2013-5705.patch b/mod_security-2.7.6-fix_chunked_string_case_sensitive_issue-cve-2013-5705.patch
new file mode 100644
index 0000000..df829e5
--- /dev/null
+++ b/mod_security-2.7.6-fix_chunked_string_case_sensitive_issue-cve-2013-5705.patch
@@ -0,0 +1,25 @@
+From f8d441cd25172fdfe5b613442fedfc0da3cc333d Mon Sep 17 00:00:00 2001
+From: Breno Silva <breno.silva at gmail.com>
+Date: Wed, 4 Sep 2013 08:57:07 -0300
+Subject: [PATCH] Fix Chunked string case sensitive issue - CVE-2013-5705
+
+---
+ apache2/modsecurity.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c
+index 6b77132..b36775d 100644
+--- a/apache2/modsecurity.c
++++ b/apache2/modsecurity.c
+@@ -297,7 +297,7 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
+     if (msr->request_content_length == -1) {
+         /* There's no C-L, but is chunked encoding used? */
+         char *transfer_encoding = (char *)apr_table_get(msr->request_headers, "Transfer-Encoding");
+-        if ((transfer_encoding != NULL)&&(strstr(transfer_encoding, "chunked") != NULL)) {
++        if ((transfer_encoding != NULL)&&(m_strcasestr(transfer_encoding, "chunked") != NULL)) {
+             msr->reqbody_should_exist = 1;
+             msr->reqbody_chunked = 1;
+         }
+-- 
+1.9.1
+
diff --git a/mod_security.spec b/mod_security.spec
index 23db4ee..1e95448 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -8,7 +8,7 @@
 Summary: Security module for the Apache HTTP Server
 Name: mod_security 
 Version: 2.6.8
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: ASL 2.0
 URL: http://www.modsecurity.org/
 Group: System Environment/Daemons
@@ -17,6 +17,7 @@ Source1: mod_security.conf
 Patch0: mod_security-fix-cve-2012-4528.patch
 Patch1: mod_security-2.6.8-rhbz947842.patch
 Patch2: mod_security-2.6.8_fix_cve-2013-2765.patch
+Patch3: mod_security-2.7.6-fix_chunked_string_case_sensitive_issue-cve-2013-5705.patch
 Requires: httpd httpd-mmn = %{_httpd_mmn}
 BuildRequires: httpd-devel libxml2-devel pcre-devel curl-devel lua-devel
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -39,6 +40,7 @@ This package contains the ModSecurity Audit Log Collector.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 %configure --enable-pcre-match-limit=1000000 \
@@ -106,6 +108,9 @@ rm -rf %{buildroot}
 %attr(0755,root,root) %{_bindir}/mlogc-batch-load
 
 %changelog
+* Tue Apr 01 2014 Athmane Madjoudj <athmane at fedoraproject.org>  2.6.8-5
+- Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906)
+
 * Tue May 28 2013 Athmane Madjoudj <athmane at fedoraproject.org> 2.6.8-4
 - Fix NULL pointer dereference (DoS, crash) (CVE-2013-2765) (RHBZ #967615)