From: William A. Rowe Jr Date: Fri, 22 Aug 2014 11:43:36 +0000 (+0000) Subject: Resequence CHANGES chronologically and by severity X-Git-Tag: 2.2.28~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc6820825bd335eeab949e1ede9e4c58a6619ead;p=thirdparty%2Fapache%2Fhttpd.git Resequence CHANGES chronologically and by severity git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1619755 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 46d9ad04cd8..ca221ad8de6 100644 --- a/CHANGES +++ b/CHANGES @@ -21,9 +21,6 @@ Changes with Apache 2.2.28 Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. [Joe Orton, Eric Covener, Jeff Trawick] - *) mod_deflate: Handle Zlib header and validation bytes received in multiple - chunks. PR 46146. [Yann Ylavic] - *) SECURITY: CVE-2013-5704 (cve.mitre.org) core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or @@ -31,6 +28,12 @@ Changes with Apache 2.2.28 request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener] + *) core: Detect incomplete request and response bodies, log an error and + forward it to the underlying filters. PR 55475. [Yann Ylavic] + + *) mod_deflate: Handle Zlib header and validation bytes received in multiple + chunks. PR 46146. [Yann Ylavic] + *) mod_proxy: Don't reuse a SSL backend connection whose requested SNI differs. PR 55782. [Yann Ylavic] @@ -50,9 +53,6 @@ Changes with Apache 2.2.28 and that coincides with the end of stream ("Zlib error flushing inflate buffer"). PR 56196. [Christoph Fausak ] - *) core: Detect incomplete request and response bodies, log an error and - forward it to the underlying filters. PR 55475. [Yann Ylavic] - *) mod_cache, mod_disk_cache: With CacheLock enabled, responses with a Vary header might not get the benefit of the thundering herd protection due to an incorrect internal cache key. PR 50317. diff --git a/STATUS b/STATUS index 573b937900f..376c53ddf6f 100644 --- a/STATUS +++ b/STATUS @@ -99,35 +99,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_deflate: Fix reentrance in output and input filters (buffering of - incomplete Zlib header or validation bytes). PR 46146. - trunk patch: https://svn.apache.org/r1572655 - https://svn.apache.org/r1572663 - https://svn.apache.org/r1572668 - https://svn.apache.org/r1572669 - https://svn.apache.org/r1572670 - https://svn.apache.org/r1572671 - https://svn.apache.org/r1573224 - https://svn.apache.org/r1586745 - https://svn.apache.org/r1587594 - https://svn.apache.org/r1587639 - https://svn.apache.org/r1590509 - https://svn.apache.org/r1603156 (partially, CHANGES update) - https://svn.apache.org/r1604353 - https://svn.apache.org/r1611725 - 2.4.x patch: https://svn.apache.org/r1604458 (2.4.10) - 2.2.x patch: http://people.apache.org/~ylavic/httpd-2.2.x-mod_deflate_reentrant_with_CHANGES_v4.patch - (modulo CHANGES) - +1: ylavic, wrowe, rpluem - ylavic: v4 is now merging correctly after http://svn.apache.org/r1611806 - - *) core: Detect incomplete request and response bodies, log an error and - forward it to the underlying filters. PR 55475 [Yann Ylavic] - trunk patch: http://svn.apache.org/r1538776 - 2.4.x patch: http://svn.apache.org/r1570324 (2.4.8) - 2.2.x patch: http://people.apache.org/~ylavic/2.2.x-http_filter_incomplete.patch - (modulo CHANGES) - +1: ylavic, wrowe, rpluem PATCHES PROPOSED TO BACKPORT FROM TRUNK: