From: Stefan Fritsch <sf@apache.org>
Date: Tue, 5 Oct 2010 20:36:21 +0000 (+0000)
Subject: Add fix for CVE-2010-1623 to mod_reqtimeout proposal
X-Git-Tag: 2.2.17~26
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3805c80c552b193d50e0670346f8404cbf4d3dee;p=thirdparty%2Fapache%2Fhttpd.git

Add fix for CVE-2010-1623 to mod_reqtimeout proposal


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1004807 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index 334d83a4262..cddc942769f 100644
--- a/STATUS
+++ b/STATUS
@@ -178,6 +178,12 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
         compatibility.
     +1: sf, wrowe
 
+    Additionally backport fix for CVE-2010-1623:
+    Trunk patch: http://svn.apache.org/viewvc?rev=1003626&view=rev
+    2.2.x patch: trunk patch works on top of mod_reqtimeout_up_to_r983116.diff
+    combined 2.2.x patch: http://people.apache.org/~sf/mod_reqtimeout-2.2.x-v3.diff
+    +1: sf
+
   * prefork MPM: Run cleanups for final request when process exits gracefully.
     PR: 43857
     Trunk patch: http://svn.apache.org/viewvc?rev=943650&view=rev