*) SECURITY: CVE-2015-0253 (cve.mitre.org)
core: Fix a crash introduced in with ErrorDocument 400 pointing
to a local URL-path with the INCLUDES filter active, introduced
in 2.4.11. PR 57531. [Yann Ylavic]
Submitted By: ylavic
Committed By: covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1668879 13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.4.13
+ *) SECURITY: CVE-2015-0253 (cve.mitre.org)
+ core: Fix a crash introduced in with ErrorDocument 400 pointing
+ to a local URL-path with the INCLUDES filter active, introduced
+ in 2.4.11. PR 57531. [Yann Ylavic]
+
*) SECURITY: CVE-2015-0228 (cve.mitre.org)
mod_lua: A maliciously crafted websockets PING after a script
calls r:wsupgrade() can cause a child process crash.
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) SECURITY: CVE-2015-0253 (cve.mitre.org)
- core: Fix a crash introduced in with ErrorDocument 400 pointing
- to a local URL-path with the INCLUDES filter active, introduced
- in 2.4.11. PR 57531. [Yann Ylavic]
- trunk patch: http://svn.apache.org/r1664205
- 2.4.x patch: trunk works
- +1 covener, jim, ylavic
-
-
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
*/
if (APR_STATUS_IS_ENOSPC(rv)) {
r->status = HTTP_REQUEST_URI_TOO_LARGE;
- r->proto_num = HTTP_VERSION(1,0);
- r->protocol = apr_pstrdup(r->pool, "HTTP/1.0");
}
else if (APR_STATUS_IS_TIMEUP(rv)) {
r->status = HTTP_REQUEST_TIME_OUT;
else if (APR_STATUS_IS_EINVAL(rv)) {
r->status = HTTP_BAD_REQUEST;
}
+ r->proto_num = HTTP_VERSION(1,0);
+ r->protocol = apr_pstrdup(r->pool, "HTTP/1.0");
return 0;
}
} while ((len <= 0) && (++num_blank_lines < max_blank_lines));
projects / thirdparty / apache / httpd.git / commitdiff
