Add LimitRequestBody configuration for Horizon
Since CVE-2022-29404 is fixed [1,2] the default value for the
LimitRequestBody directive in the Apache HTTP Server has been changed
from 0 (unlimited) to 1 GiB. This limits the size of images (for
example) uploaded in Horizon. This change add the ability to
configure the limit.
1. https://access.redhat.com/articles/6975397
2. https://ubuntu.com/security/CVE-2022-29404
Closes-Bug: #2012588
Change-Id: I4cd9dd088cbcf38ff6f8d188ebcc56be7d9ea1c9
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
(cherry picked from commit d907790fff
)
This commit is contained in:
parent
fe49ce32c6
commit
17fb405065
|
@ -48,6 +48,9 @@ TraceEnable off
|
|||
SSLCertificateFile /etc/horizon/certs/horizon-cert.pem
|
||||
SSLCertificateKeyFile /etc/horizon/certs/horizon-key.pem
|
||||
{% endif %}
|
||||
{% if horizon_httpd_limitrequestbody is defined %}
|
||||
LimitRequestBody {{ horizon_httpd_limitrequestbody }}
|
||||
{% endif %}
|
||||
</VirtualHost>
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
Since CVE-2022-29404 is fixed the default value for the LimitRequestBody
|
||||
directive in the Apache HTTP Server has been changed from 0 (unlimited) to
|
||||
1073741824 (1 GiB). This limits the size of images (for example) uploaded
|
||||
in Horizon. Now this limit can be configured via
|
||||
``horizon_httpd_limitrequestbody``.
|
||||
`LP#2012588 <https://bugs.launchpad.net/kolla-ansible/+bug/2012588>`__
|
Loading…
Reference in New Issue