-*- coding: utf-8 -*-
Changes with Apache 2.0.65
+ *) SECURITY: CVE-2013-1862 (cve.mitre.org)
+ mod_rewrite: Ensure that client data written to the RewriteLog is
+ escaped to prevent terminal escape sequences from entering the
+ log file. [Joe Orton]
+
*) SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_rewrite: (CVE-2013-1862 (cve.mitre.org)) Ensure that client data
- written to the RewriteLog is escaped to prevent terminal escape sequences
- from entering the log file. [Joe Orton]
- http://svn.apache.org/viewvc?view=revision&revision=1482349
- 2.0.x: http://people.apache.org/~covener/patches/2.0.x-rewritelog.diff
- +1: wrowe, covener, trawick
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ please place SVN revisions from trunk here, so it is easy to
rhost = "UNKNOWN-HOST";
}
- str1 = apr_pstrcat(r->pool, rhost, " ",
- (conn->remote_logname != NULL ?
- conn->remote_logname : "-"), " ",
- ruser, NULL);
+ str1 = apr_pstrcat(r->pool, ap_escape_logitem(r->pool, rhost), " ",
+ (conn->remote_logname != NULL
+ ? ap_escape_logitem(r->pool, conn->remote_logname)
+ : "-"),
+ " ", ap_escape_logitem(r->pool, ruser), NULL);
apr_vsnprintf(str2, sizeof(str2), text, ap);
if (r->main == NULL) {
apr_snprintf(str3, sizeof(str3),
"%s %s [%s/sid#%lx][rid#%lx/%s%s] (%d) %s" APR_EOL_STR, str1,
- current_logtime(r), ap_get_server_name(r),
+ current_logtime(r),
+ ap_escape_logitem(r->pool, ap_get_server_name(r)),
(unsigned long)(r->server), (unsigned long)r,
- type, redir, level, str2);
+ type, redir, level, ap_escape_logitem(r->pool, str2));
rv = apr_global_mutex_lock(rewrite_log_lock);
if (rv != APR_SUCCESS) {
projects / thirdparty / apache / httpd.git / commitdiff
