Changes with Apache 2.0.50
+ *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
+ against ServerRoot PR#26602 [Brad Nicholes]
+
*) SECURITY: CAN-2004-0488 (cve.mitre.org)
mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
(trusted) client certificate subject DN which exceeds 6K in length.
APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2004/06/11 15:48:48 $]
+Last modified at [$Date: 2004/06/11 16:15:42 $]
Release:
server/vhost.c r1.87
+1: trawick, stoddard, jim
- *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
- against ServerRoot PR#26602
- modules/experimental/util_ldap.c r1.31
- +1: bnicholes, minfrin, trawick, jim
-
*) mod_ssl: Remove some unused functions (after CAN-2004-0488 fix is applied)
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_util.c?r1=1.46&r2=1.47
+1: jorton, nd
"LDAP: SSL trusted certificate authority file - %s",
file);
- st->cert_auth_file = apr_pstrdup(cmd->pool, file);
+ st->cert_auth_file = ap_server_root_relative(cmd->pool, file);
return(NULL);
}
projects / thirdparty / apache / httpd.git / commitdiff
