]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c02c1ef) | patch
*) SECURITY: CVE-2013-5704 (cve.mitre.org)
authorEric Covener <covener@apache.org>
Tue, 15 Jul 2014 19:11:02 +0000 (19:11 +0000)
committerEric Covener <covener@apache.org>
Tue, 15 Jul 2014 19:11:02 +0000 (19:11 +0000)
commitbd34b9d92894b7fc01810fc11a059fa30067e431
tree5b292decc6fc8f4f63a9c45144352dc370fd7888tree | snapshot
parentc02c1efb2643112ed4b7f4e664fa7d639e089a51commit | diff
  *) SECURITY: CVE-2013-5704 (cve.mitre.org)
     core: HTTP trailers could be used to replace HTTP headers
     late during request processing, potentially undoing or
     otherwise confusing modules that examined or modified
     request headers earlier.  Adds "MergeTrailers" directive to restore
     legacy behavior.

Submitted By: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Committed By: covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610814 13f79535-47bb-0310-9956-ffa450edef68
12 files changed:
CHANGES diff | blob | blame | history
docs/manual/mod/core.xml diff | blob | blame | history
docs/manual/mod/mod_log_config.xml diff | blob | blame | history
include/ap_mmn.h diff | blob | blame | history
include/http_core.h diff | blob | blame | history
include/httpd.h diff | blob | blame | history
modules/http/http_filters.c diff | blob | blame | history
modules/http/http_request.c diff | blob | blame | history
modules/loggers/mod_log_config.c diff | blob | blame | history
modules/proxy/mod_proxy_http.c diff | blob | blame | history
server/core.c diff | blob | blame | history
server/protocol.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git