From: Joe Orton Date: Mon, 11 Oct 2004 16:11:37 +0000 (+0000) Subject: A couple of mod_ssl bugs. X-Git-Tag: 2.0.53~233 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ee08a9cc8ccf4bbc541ffa84f66a909eb95e382;p=thirdparty%2Fapache%2Fhttpd.git A couple of mod_ssl bugs. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@105404 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 850409a5b4a..aad5a9988a5 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2004/10/10 22:06:40 $] +Last modified at [$Date: 2004/10/11 16:11:37 $] Release: @@ -75,6 +75,20 @@ PATCHES TO BACKPORT FROM 2.1 [ please place file names and revisions from HEAD here, so it is easy to identify exactly what the proposed changes are! ] + *) mod_ssl: Fix and prevent an SSLCipherSuite bypass by resuming a + session during a renegotiation. + http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_kernel.c?r1=1.110&r2=1.111 + http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_init.c?r1=1.128&r2=1.129 + PR: 31505 + +1: jorton + + *) mod_ssl: Fail to configure when an SSL proxy is configured with + incomplete client cert keypair, rather than segfaulting at + runtime. + http://cvs.apache.org/viewcvs/httpd-2.0/modules/ssl/ssl_engine_init.c.diff?r1=1.118&r2=1.119 + PR: 24030 + +1: jorton + *) Allow for the use of --with-module=foo:bar where the ./modules/foo directory is a local addition to the ./modules directory. Assumes, of course, that the required files are in ./modules/foo, @@ -110,6 +124,7 @@ PATCHES TO BACKPORT FROM 2.1 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/util_filter.c?r1=1.100&r2=1.101 PR: 31247 jerenkrantz comments: This needs the final patch posted to dev@httpd? + jorton replies: it does indeed, hang on... +1: jorton *) Correctly store cache content type. PR 30278