From: Jeff Trawick Date: Tue, 28 Jun 2005 12:01:43 +0000 (+0000) Subject: a 2.0.x proxy patch to shut down some request smuggling X-Git-Tag: 2.0.55~141 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e45c203c7b63942ada095adfa561a859c459a30;p=thirdparty%2Fapache%2Fhttpd.git a 2.0.x proxy patch to shut down some request smuggling attempts is available several fixes have been merged from trunk git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@202162 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index dfedf10dfdb..34b0691fffb 100644 --- a/STATUS +++ b/STATUS @@ -111,6 +111,10 @@ RELEASE SHOWSTOPPERS: * Various fixes to T-E and C-L processing from trunk + + proxy HTTP - ignore C-L and disable keepalive to origin server + http://people.apache.org/~trawick/20.te-cl.txt + +1: trawick + * proxy_http.c accepts TRACE with a body, violating RFC2616 @@ -125,12 +129,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: +1: jim, pquerna, wrowe - *) Prevent hang writing to piped logger at graceful restart time. - PR: 26467 - http://svn.apache.org/viewcvs?rev=170281&view=rev - http://svn.apache.org/viewcvs.cgi?rev=171093&view=rev - +1: trawick, jorton, pquerna - *) Fix fd leak in piped logging code, fix error handling, and remove dead errno handling. http://svn.apache.org/viewcvs?rev=170441&view=rev @@ -205,16 +203,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: Votes from before the integration branch: +1: jerenkrantz, wrowe (trivial, would even be cool in 1.3) - *) fix z/OS annoyance with pathname on debug messages in error log - http://svn.apache.org/viewcvs?rev=178299&view=rev - +1: trawick, pquerna, wrowe - - *) Downgrade the log level of a worker MPM apr_proc_mutex_foo error - message when it occurs during restart (as we already do for a couple - of other calls). - http://svn.apache.org/viewcvs?rev=179317&view=rev - +1: trawick, jorton, pquerna - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ please place SVN revisions from trunk here, so it is easy to