From: Joe Orton <jorton@apache.org>
Date: Tue, 30 Aug 2005 16:30:53 +0000 (+0000)
Subject: Propose CAN-2005-2700 fix.
X-Git-Tag: 2.0.55~63
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=324aaf7f580b514eb4bc0ad12b123e58ec6b008a;p=thirdparty%2Fapache%2Fhttpd.git

Propose CAN-2005-2700 fix.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@264807 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index a3d39e93c5d..09a5b44f02e 100644
--- a/STATUS
+++ b/STATUS
@@ -183,6 +183,7 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
                     mod_log_forensic), I think it's still worth it to backport
                     it as-is.  For the one or two platforms that don't like 
                     which, they can write their own version of the script.
+       (jorton agrees)
 
     *) Win32: Move call to mpm_service_install to the rewrite_args hook
        from the post_config hook.
@@ -213,6 +214,11 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
     identify exactly what the proposed changes are!  Add all new
     proposals to the end of this list. ]
 
+    *) Fix CAN-2005-2700, mod_ssl SSLVerifyClient bug
+         http://svn.apache.org/viewcvs?rev=264800&view=rev
+       test case: perl-framework/t/security/CAN-2005-2700.t
+       +1: jorton
+
     *) Fix CAN-2005-2491, integer overflow in pcre.
          http://svn.apache.org/viewcvs?rev=233493&view=rev
        rediff for 2.0: http://people.apache.org/~jorton/CAN-2005-2491.patch