Offer a showstopper for 2.2.30 requiring one more reviewer/vote

author William A. Rowe Jr <wrowe@apache.org>

Tue, 9 Jun 2015 20:25:53 +0000 (20:25 +0000)

committer William A. Rowe Jr <wrowe@apache.org>

Tue, 9 Jun 2015 20:25:53 +0000 (20:25 +0000)
author William A. Rowe Jr <wrowe@apache.org>
Tue, 9 Jun 2015 20:25:53 +0000 (20:25 +0000)
committer William A. Rowe Jr <wrowe@apache.org>
Tue, 9 Jun 2015 20:25:53 +0000 (20:25 +0000)
diff --git a/STATUS b/STATUS

index a4432516328dbf04261f176600999d5a7a78a5bf..f31e894768b2e33d0e5803b2498b0340cc1220a9 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -97,6 +97,26 @@ CURRENT RELEASE NOTES:
  
  RELEASE SHOWSTOPPERS:
  
+  *) SECURITY: CVE-2015-3183 (cve.mitre.org)
+     core: Fix chunk header parsing defect.
+     Remove apr_brigade_flatten(), buffering and duplicated code from
+     the HTTP_IN filter, parse chunks in a single pass with zero copy.
+     Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext
+     authorized characters.  [Graham Leggett, Yann Ylavic]
+  Submitted by: graham, ylavic
+  Reviewed by: ylavic, wrowe, jim
+  Backports: 1484852, 1684513
+  Reported by: Régis Leroy
+
+  trunk
+    https://svn.apache.org/r1484852
+    https://svn.apache.org/r1684513
+  2.4.x branch
+    https://svn.apache.org/r1684515
+  2.2.x branch
+    https://svn.apache.org/repos/private/pmc/httpd/SECURITY/http_filter_chunked/httpd-2.2.x-ap_http_filter-chunked-v5.patch
+  +1: ylavic, wrowe
+  jim notes: test framework errors due to 413->400 error change [test adjusted]
  
  PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
    [ start all new proposals below, under PATCHES PROPOSED. ]
author	William A. Rowe Jr <wrowe@apache.org>
	Tue, 9 Jun 2015 20:25:53 +0000 (20:25 +0000)
committer	William A. Rowe Jr <wrowe@apache.org>
	Tue, 9 Jun 2015 20:25:53 +0000 (20:25 +0000)