SECURITY: CVE-2010-0434 (cve.mitre.org)
Ensure each subrequest has a shallow copy of headers_in so that the
parent request headers are not corrupted. Elimiates a problematic
optimization in the case of no request body.
PR: 48359
Submitted by: Jake Scott, William Rowe, Ruediger Pluem
Reviewed by: wrowe, trawick, rpluem
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921910
13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.0.64
+ *) SECURITY: CVE-2010-0434 (cve.mitre.org)
+ Ensure each subrequest has a shallow copy of headers_in so that the
+ parent request headers are not corrupted. Elimiates a problematic
+ optimization in the case of no request body. PR 48359
+ [Jake Scott, William Rowe, Ruediger Pluem]
+
*) SECURITY: CVE-2008-2364 (cve.mitre.org)
mod_proxy_http: Better handling of excessive interim responses
from origin server to prevent potential denial of service and high
RELEASE SHOWSTOPPERS:
- * Commit http://people.apache.org/~wrowe/CVE-2010-0434.patch
- SECURITY: CVE-2010-0434 (cve.mitre.org)
- note; simpler because we had not yet cleaned up input headers for subreq
- +1: wrowe, trawick, rpluem
- trawick: remember to post to apply_to_2.0.63 when approved
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
rnew->status = HTTP_OK;
- rnew->headers_in = r->headers_in;
+ rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
rnew->subprocess_env = apr_table_copy(rnew->pool, r->subprocess_env);
rnew->headers_out = apr_table_make(rnew->pool, 5);
rnew->err_headers_out = apr_table_make(rnew->pool, 5);
projects / thirdparty / apache / httpd.git / commitdiff
