NONBLOCK_WHEN_MULTI_LISTEN if needed for your platform and not
already defined. [Jeff Trawick, Brad Nicholes, Joe Orton]
- *) SECURITY: CAN-2003-0993 (cve.mitre.org)
+ *) SECURITY: CVE-2003-0993 (cve.mitre.org)
Fix parsing of Allow/Deny rules using IP addresses without a
netmask; issue is only known to affect big-endian 64-bit
platforms; on affected platforms such rules would never produce
*) Forensic logging module added (mod_log_forensic).
[Ben Laurie]
- *) SECURITY: CAN-2003-0020 (cve.mitre.org)
+ *) SECURITY: CVE-2003-0020 (cve.mitre.org)
Escape arbitrary data before writing into the errorlog. Unescaped
errorlogs are still possible using the compile time switch
"-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo]
Changes with Apache 1.3.27
- *) SECURITY: CAN-2002-0840 (cve.mitre.org)
+ *) SECURITY: CVE-2002-0840 (cve.mitre.org)
Prevent a cross-site scripting vulnerability in the default
error page. The issue could only be exploited if the directive
UseCanonicalName is set to Off and a server is being run at
run-time configurable using the ExtendedStatus directive.
[Jim Jagielski]
- *) SECURITY: CAN-1999-1199 (cve.mitre.org)
+ *) SECURITY: CVE-1999-1199 (cve.mitre.org)
Eliminate O(n^2) space DoS attacks (and other O(n^2)
cpu time attacks) in header parsing. Add ap_overlap_tables(),
a function which can be used to perform bulk update operations
projects / thirdparty / apache / httpd.git / commitdiff
