]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f3d438a) | patch
Fix for additional cases of URL rewriting with ProxyPassMatch or
authorJoe Orton <jorton@apache.org>
Fri, 2 Dec 2011 12:04:20 +0000 (12:04 +0000)
committerJoe Orton <jorton@apache.org>
Fri, 2 Dec 2011 12:04:20 +0000 (12:04 +0000)
commit318b86756de2049f652561e1a66420b4a92d4a7e
tree298b2295619de0d1562e9ef10fa39b093e51a7d1tree
parentf3d438afd9a500bd96d4090121657bf5d4219b34commit | diff
Fix for additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations. (CVE-2011-4317)

Thanks to Prutha Parikh from Qualys for reporting this issue.

* modules/proxy/mod_proxy.c (proxy_trans): Decline to handle the "*"
  request-URI.  Fail for cases where r->uri does not begin with a "/".

* modules/mappers/mod_rewrite.c (hook_uri2file): Likewise.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1209432 13f79535-47bb-0310-9956-ffa450edef68
modules/mappers/mod_rewrite.c diff | blob | blame | history
modules/proxy/mod_proxy.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git