From: William A. Rowe Jr <wrowe@apache.org>
Date: Mon, 22 Aug 2016 20:45:05 +0000 (+0000)
Subject: The first of several 2.2 backports I'll offer to get protocol logic on 2.2
X-Git-Tag: 2.2.32~97
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=48edc02614c9ae3827916393edc3be9be356a01a;p=thirdparty%2Fapache%2Fhttpd.git

The first of several 2.2 backports I'll offer to get protocol logic on 2.2
in sync with 2.4, allowing us to consider much more similar backport proposals
to both.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1757269 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index c50bc3919fa..3329294cf76 100644
--- a/STATUS
+++ b/STATUS
@@ -157,6 +157,16 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
 	 http://home.apache.org/~ylavic/patches/httpd-2.2.x-r1753592.patch
       +1: ylavic
 
+  *) core: Reject requests containing (invalid) NULL characters in request line
+     or request headers. (Including embedded %00 in URL).
+     (Use APR_STATUS_IS_... in some more cases.)
+     Trunk version of patch
+         http://svn.apache.org/r892678
+         http://svn.apache.org/r1100511
+         http://svn.apache.org/r1102124
+     Submitted by niq, status legibility fixes by covener, sf
+     PR: 43039
+     +1 wrowe
 
 PATCHES/ISSUES THAT ARE STALLED