upon first pass through ap_die().
PR: 36090
Backport: r354118
Submitted by: Chris Darroch
Reviewed by: covener, rjung, wrowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1005656 13f79535-47bb-0310-9956-
ffa450edef68
mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]
+ *) Fix recursive ErrorDocument handling. PR 36090 [Chris Darroch]
+
*) mod_ssl: Do not do overlapping memcpy. PR 45444 [Joe Orton]
*) Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass
RELEASE SHOWSTOPPERS:
- * Backport 354118: Fix recursive ErrorDocument handling [when r->status isn't
- HTTP_OK upon first pass through ap_die()]. PR #36090
- Trunk version of patch:
- http://svn.apache.org/viewvc?view=rev&revision=354118
- 2.2.x patch:
- http://svn.apache.org/viewvc?view=rev&revision=355454
- Backport version for 2.0.x of patch:
- (trunk version works)
- +1: covener, rjung, wrowe
+
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
ap_finalize_request_protocol(r);
}
else {
+ r->status = HTTP_OK;
ap_die(access_status, r);
}
projects / thirdparty / apache / httpd.git / commitdiff
