]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 48aefa2)
- add the appropriate patch to complete the fix for CAN-2005-2088
authorJoe Orton <jorton@apache.org>
Fri, 1 Jul 2005 11:03:23 +0000 (11:03 +0000)
committerJoe Orton <jorton@apache.org>
Fri, 1 Jul 2005 11:03:23 +0000 (11:03 +0000)
- random mod_proxy bugs are not showstoppers

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@208744 13f79535-47bb-0310-9956-ffa450edef68

STATUS patch | blob | blame | history

diff --git a/STATUS b/STATUS
index dc2d60a902e962cdd410fac6343e50add69b5e97..39fddff0851ad4addff11536acee3cadc77c8355 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -112,12 +112,13 @@ RELEASE SHOWSTOPPERS:
     * Various fixes to T-E and C-L processing from trunk
 
       + proxy HTTP - ignore C-L and disable keepalive to origin server
-        CAN-2005-2088
           http://people.apache.org/~trawick/20.te-cl.txt
-        +1: trawick
-
-    * proxy_http.c accepts TRACE with a body, violating RFC2616
+        +1: trawick, jorton
 
+      + core: strip C-L from any request with a T-E header
+          http://people.apache.org/~jorton/ap_tevscl.diff
+          (CVE CAN-2005-2088)
+        +1: jorton
 
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ please append new backports at the end of this list not the top. ]
Mirror of https://github.com/apache/httpd.git