]>
git.ipfire.org Git - thirdparty/apache/httpd.git/log
Jeff Trawick [Wed, 26 Jun 2013 16:13:24 +0000 (16:13 +0000)]
2v+p
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496986 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Wed, 26 Jun 2013 16:09:35 +0000 (16:09 +0000)]
The merge of AllowAnyURI to 2.0.x (r1489910) included the changes I
wanted, and 2.0.x-HEAD passes my 3368/4317 testcases with HTTP 0.9
and 1.0, so I have no remaining concerns. (Thanks rjung+covener.)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496984 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Wed, 26 Jun 2013 15:23:40 +0000 (15:23 +0000)]
Clarify what I would support
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496963 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Wed, 26 Jun 2013 15:13:24 +0000 (15:13 +0000)]
Shift down a proposal which appears to have zero traction.
Vote against modifying the default config to offer a less secure cipher stack,
since users shouldn't be using 2.0 branch for new deployments anyways.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496956 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 24 Jun 2013 18:28:05 +0000 (18:28 +0000)]
rewritelog vote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496150 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Mon, 24 Jun 2013 18:10:39 +0000 (18:10 +0000)]
Substitute Covener's patch for mine, catches the ap varargs as well as text
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496143 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 24 Jun 2013 17:59:42 +0000 (17:59 +0000)]
same thread launched on dev@
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496138 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Mon, 24 Jun 2013 15:42:38 +0000 (15:42 +0000)]
Propose one straighforward security patch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1496100 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Thu, 20 Jun 2013 21:38:06 +0000 (21:38 +0000)]
grab r1495198 from 2.4.x branch:
fix strange wording
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1495200 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 10 Jun 2013 00:52:34 +0000 (00:52 +0000)]
last showstopper may be superceded
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1491318 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 15:56:44 +0000 (15:56 +0000)]
Remove garbage line.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489936 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 15:55:09 +0000 (15:55 +0000)]
xforms.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489933 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 15:44:02 +0000 (15:44 +0000)]
Propose one.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489926 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 15:30:40 +0000 (15:30 +0000)]
core: Add MaxRanges directive to control the number of ranges permitted
before returning the entire resource, with a default limit of 200.
Set 'Accept-Ranges: none' in the case Ranges are being ignored with
MaxRanges none.
Backport of r1162584, r1162587, r1166282, r1166663 and r1166667 from
trunk resp. r1164894, r1164896, r1166612 and r1166772 from 2.2.x.
Proposed/Backported by: rjung
Reviewed by: wrowe, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489917 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 5 Jun 2013 15:19:10 +0000 (15:19 +0000)]
xforms for AllowAnyURI
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489912 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 5 Jun 2013 15:10:43 +0000 (15:10 +0000)]
Backport AllowAnyURI related revisions from 2.2.x to pave the way for CVE-2011-4317
http://svn.apache.org/viewvc?rev=
1375113 &view=rev
http://svn.apache.org/viewvc?rev=
1447508 &view=rev
Reviewed by:rjung, wrowe, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489910 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 15:08:04 +0000 (15:08 +0000)]
Fix patch version number (thanks to covener).
v2 has a format error in a hunk header.
v3 is the same patch buth with correct patch format.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489908 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 5 Jun 2013 15:05:36 +0000 (15:05 +0000)]
note for posterity the -v3 patch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489906 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 14:55:14 +0000 (14:55 +0000)]
xforms.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489900 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 5 Jun 2013 14:51:38 +0000 (14:51 +0000)]
vote/promote MaxRanges
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489898 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 5 Jun 2013 14:49:23 +0000 (14:49 +0000)]
sorry, missed that rjung fixed objection
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489896 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 14:47:30 +0000 (14:47 +0000)]
htdigest: Fix buffer overflow when reading digest
password file with very long lines.
PR 54893.
Backport of r1475878 from trunk resp.
r1476089 from 2.4.x resp. r1476242
from 2.2.x.
Proposed/Backported by: rjung
Reviewed by: minfrin, wrowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489893 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 14:44:02 +0000 (14:44 +0000)]
mod_ssl: Backport SSLHonorCipher
PR 28665.
Backport of r103832 and r103837 from trunk.
Proposed/Backported by: rjung
Reviewed by: humbedooh, wrowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489890 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Jun 2013 14:05:17 +0000 (14:05 +0000)]
Typos in config comments.
Backports of r290940, r713575 and r732816
from 2.4.x resp. r1489879 from 2.2.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489881 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Tue, 4 Jun 2013 22:01:26 +0000 (22:01 +0000)]
If we are holding a going-away party for 2.0, vote and promote a few patches
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1489652 13f79535 -47bb-0310-9956-
ffa450edef68
Guenter Knauf [Sat, 18 May 2013 20:30:30 +0000 (20:30 +0000)]
More NetWare build tweaks.
Make use of CFLAGS from environment.
Added default maxerrors value 1 so that the compiler breaks
after 1st error; can be overwritten with CC_MAX_ERRORS var.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1484176 13f79535 -47bb-0310-9956-
ffa450edef68
Guenter Knauf [Sat, 18 May 2013 03:21:50 +0000 (03:21 +0000)]
Use SVN revision for NetWare dev builds version info.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1484051 13f79535 -47bb-0310-9956-
ffa450edef68
Graham Leggett [Tue, 30 Apr 2013 15:07:51 +0000 (15:07 +0000)]
Vote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1477681 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 26 Apr 2013 15:07:11 +0000 (15:07 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1476248 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 19 Apr 2013 08:55:08 +0000 (08:55 +0000)]
Update proposal and include the needed other
one in the patch.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1469748 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 19 Apr 2013 07:42:51 +0000 (07:42 +0000)]
Remove non-issue checked by three people.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1469724 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 19 Apr 2013 07:35:22 +0000 (07:35 +0000)]
Prevent a case of SSI timefmt-smashing with filter chains including
multiple INCLUDES filters:
* modules/filters/mod_include.c (add_include_vars): Drop unused
timefmt argument.
(add_include_vars_lazy): Take timefmt argument.
(get_include_var, handle_printenv): Pass time format from context.
PR: 39369
Backport of r757376 from trunk resp. r773352 from 2.2.x.
Submitted by: jorton
Backported by: rjung
Reviewed by: wrowe, humbedooh
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1469722 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 19 Apr 2013 07:29:32 +0000 (07:29 +0000)]
mod_rewrite: When evaluating a proxy rule in directory context,
do escape the filename by default, since mod_proxy will not
escape in that case due to the (deliberate) fixup hook ordering.
PR 46428
Backport of r757427 from trunk resp. r773351 from 2.2.x.
Submitted by: jorton/rpluem
Backported by: rjung
Reviewed by: wrowe, humbedooh
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1469721 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 19 Apr 2013 07:18:08 +0000 (07:18 +0000)]
Improve platform detection for bundled PCRE by updating config.guess
and config.sub.
Submitted by: rjung
Reviewed by: wrowe, humbedooh
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1469717 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Fri, 19 Apr 2013 05:36:51 +0000 (05:36 +0000)]
vote + promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1469701 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 4 Apr 2013 11:43:34 +0000 (11:43 +0000)]
looks like 2.0 is n/a for proxy timeout.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1464473 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 4 Apr 2013 11:40:34 +0000 (11:40 +0000)]
this showstopper is accounted for in the normal backport in the same section
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1464467 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 5 Oct 2012 02:53:32 +0000 (02:53 +0000)]
regression in rewrite patch definitely doesn't fly in mature releases
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1394350 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 4 Oct 2012 01:57:19 +0000 (01:57 +0000)]
examples seem to not be an issue
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1393875 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 3 Oct 2012 18:15:20 +0000 (18:15 +0000)]
Comment, vote, propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1393644 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 3 Oct 2012 16:18:10 +0000 (16:18 +0000)]
Merge r1198940 from trunk resp. r1227280 from 2.2.x:
Fix integer overflow in ap_pregsub. This can be triggered e.g.
with mod_setenvif via a malicious .htaccess
CVE-2011-3607
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
Submitted by: sf
Reviewed/backported by: rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1393580 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 3 Oct 2012 16:13:16 +0000 (16:13 +0000)]
Revert commit r1392042.
It was voted as backport of r1227280 from 2.2.x,
instead applied was r1198940 from trunk, which
breaks compilation (wrong return type, non-existing
APR macro). The 2.2 revision has these fixed.
Will apply the 2.2 revision next, since the vote
was actually for that one.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1393578 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 1 Oct 2012 00:49:45 +0000 (00:49 +0000)]
AllowAnyURI
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392152 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:52:37 +0000 (15:52 +0000)]
votes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392052 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:50:21 +0000 (15:50 +0000)]
*) SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
r1234837 on 2.0.x:
http://people.apache.org/~trawick/2.0-CVE-2012-0053-r1234837.patch
+1: trawick, rjung, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392050 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:48:25 +0000 (15:48 +0000)]
initgroups
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392047 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:47:39 +0000 (15:47 +0000)]
protot
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392046 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:47:15 +0000 (15:47 +0000)]
Promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392045 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:46:35 +0000 (15:46 +0000)]
Vote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392044 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:44:46 +0000 (15:44 +0000)]
SECURITY: CVE-2012-0031 (cve.mitre.org)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392043 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:42:25 +0000 (15:42 +0000)]
Merge r1198940 from trunk:
Fix integer overflow in ap_pregsub. This can be triggered e.g.
with mod_setenvif via a malicious .htaccess
CVE-2011-3607
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
Submitted by: sf
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392042 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:37:05 +0000 (15:37 +0000)]
propose T&R
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392040 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Sun, 30 Sep 2012 15:36:25 +0000 (15:36 +0000)]
Already in
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1392039 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Tue, 11 Sep 2012 20:27:54 +0000 (20:27 +0000)]
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1383600 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sat, 11 Aug 2012 12:39:25 +0000 (12:39 +0000)]
bad header doxygen: ap_rflush does not return the number
of bytes flushed, it returns 0 on success, -1 on error.
Should be CTR.
Backport of r1368393 and r1368396 from trunk
resp. r1371930 from 2.4.x and r1371931 from 2.2.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1371934 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 29 Jul 2012 17:31:15 +0000 (17:31 +0000)]
Vote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1366878 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 14 Jul 2012 10:02:02 +0000 (10:02 +0000)]
xforms (let's start with the English versions)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361510 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 14 Jul 2012 09:55:31 +0000 (09:55 +0000)]
Let's try a test again
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361509 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 14 Jul 2012 09:54:20 +0000 (09:54 +0000)]
Change the wording a bit (thankee, adaptr)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361508 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 14 Jul 2012 09:50:11 +0000 (09:50 +0000)]
Test out a page with the notice on
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361505 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 14 Jul 2012 09:49:36 +0000 (09:49 +0000)]
- Add a notice to each page that this documentation is no longer maintained (though not at EoL), and that the reader should look at the 2.2 or 2.4 documentation instead.
- Add a link to the 2.2 version of each document, if such a doc exists.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361504 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Fri, 13 Jul 2012 19:41:27 +0000 (19:41 +0000)]
xforms
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361348 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Fri, 13 Jul 2012 19:35:30 +0000 (19:35 +0000)]
Add a canonical link to all pages, so search engines will prefer 2.2 over 2.0
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1361345 13f79535 -47bb-0310-9956-
ffa450edef68
Guenter Knauf [Thu, 3 May 2012 17:13:05 +0000 (17:13 +0000)]
NetWare build system: added vars for Linux build.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1333556 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Mon, 9 Apr 2012 21:42:41 +0000 (21:42 +0000)]
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1311473 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Ruggeri [Sat, 31 Mar 2012 02:31:24 +0000 (02:31 +0000)]
Correct SSLCipherSuite + documentation (move rather than add)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1307700 13f79535 -47bb-0310-9956-
ffa450edef68
Roy T. Fielding [Sat, 17 Mar 2012 09:10:36 +0000 (09:10 +0000)]
merge with trunk r1301894
Unregistered media types in common use, according to Wikipedia and MS.
New IANA media types as of 2012 Mar 16 18:55 PDT.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1301897 13f79535 -47bb-0310-9956-
ffa450edef68
Rich Bowen [Wed, 29 Feb 2012 03:00:34 +0000 (03:00 +0000)]
We no longer maintain a list of companies providing commercial httpd
support.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1294956 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Fri, 10 Feb 2012 22:03:53 +0000 (22:03 +0000)]
enter manpage section assignments
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1242955 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Fri, 10 Feb 2012 22:02:21 +0000 (22:02 +0000)]
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1242954 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 30 Jan 2012 16:51:06 +0000 (16:51 +0000)]
need a hint on a reference to jorton stuff
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237775 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 30 Jan 2012 15:50:29 +0000 (15:50 +0000)]
explain the HTTP 0.9 issue with the existing (committed) CVE-2011-3368
solution
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237730 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Mon, 30 Jan 2012 13:29:37 +0000 (13:29 +0000)]
CVE-2011-3348: nothing to fix, original problem
only applied to mod_proxy_ajp which does not
exist in 2.0.x.
CVE-2010-2068: added comment. I think nothing
to fix either, but mor eeyes welcome.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237644 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sun, 29 Jan 2012 18:20:06 +0000 (18:20 +0000)]
point to clean patch for CVE-2011-3368/CVE-2011-4317
I'm fine with proceeding with this in order to have a consistent
solution for 2.0/2.2/2.4, but I should figure out the HTTP 0.9
failure with just the original 3368 patch since we're not supposed
to require the 4317 fix on 2.0.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237406 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sun, 29 Jan 2012 00:11:09 +0000 (00:11 +0000)]
3368/4317 notes/proposal
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237185 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 28 Jan 2012 21:03:38 +0000 (21:03 +0000)]
vote, propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237165 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Sat, 28 Jan 2012 20:41:52 +0000 (20:41 +0000)]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237159 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 28 Jan 2012 20:12:32 +0000 (20:12 +0000)]
propose patch for CVE-2012-0031 on 2.0.x (older patch wouldn't quite apply)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1237152 13f79535 -47bb-0310-9956-
ffa450edef68
Greg Ames [Fri, 27 Jan 2012 21:48:39 +0000 (21:48 +0000)]
vote for the 2.2.x pregsub patch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1236900 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 27 Jan 2012 15:35:01 +0000 (15:35 +0000)]
Load up on SECURITY showstoppers to a final 2.0.65 tag; everything missing
from 2.0 CHANGES so far. Current 2.0 fixes may need further review as
already noted in STATUS
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1236717 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Tue, 17 Jan 2012 22:54:48 +0000 (22:54 +0000)]
Fix out of date info
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1232628 13f79535 -47bb-0310-9956-
ffa450edef68
Guenter Knauf [Thu, 15 Dec 2011 21:36:33 +0000 (21:36 +0000)]
Added backport proposal.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1214962 13f79535 -47bb-0310-9956-
ffa450edef68
Guenter Knauf [Thu, 15 Dec 2011 21:05:01 +0000 (21:05 +0000)]
Removed tabs, fixed C++ comments, added prototypes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1214957 13f79535 -47bb-0310-9956-
ffa450edef68
Guenter Knauf [Thu, 15 Dec 2011 17:41:18 +0000 (17:41 +0000)]
Removed tabs, fixed C++ comments, added prototypes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1214887 13f79535 -47bb-0310-9956-
ffa450edef68
Hiroaki Kawai [Mon, 28 Nov 2011 00:57:21 +0000 (00:57 +0000)]
fix typo.
Submitted by: OKANO Takayoshi <kano _at_ na.rim.or.jp>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1206951 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 11 Nov 2011 18:03:50 +0000 (18:03 +0000)]
Folks, this is becoming a problem with change and commit log messages,
this is not the only recent offender or offense.
* byterange: Range of '0-' returns 206.
Please convey sense of direction in the dimension of time? Was this
* byterange: Range of '0-' now returns 206.
or
* byterange: Correct erronious return values of 206 for Range '0-'.
kthxbye
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1201000 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 11 Nov 2011 16:47:44 +0000 (16:47 +0000)]
Remove oh-so-stale 'reservation'.
Need to determine if proposed patch is the same as Jeff's work
https://dist.apache.org/repos/dist/release/httpd/patches/apply_to_2.0.64/
or which subset/superset it covers, before I can vote it up.
Disappointing that this maintenance effort appears forked.
Add another showstopper to reflect that absolute uri fixes
aught to be added to any 2.0.x release.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1200942 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Mon, 17 Oct 2011 04:46:40 +0000 (04:46 +0000)]
Remove comment.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1184995 13f79535 -47bb-0310-9956-
ffa450edef68
Nilgun Belma Buguner [Sun, 9 Oct 2011 02:40:32 +0000 (02:40 +0000)]
update transformations.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1180526 13f79535 -47bb-0310-9956-
ffa450edef68
Nilgun Belma Buguner [Sun, 9 Oct 2011 02:40:02 +0000 (02:40 +0000)]
update for sync with English docs.
Translated by: Nilgün Belma Bugüner <nilgun belgeler.org>
Reviewed by: Orhan Berent <berent belgeler.org>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1180525 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Fri, 7 Oct 2011 13:16:01 +0000 (13:16 +0000)]
Backported.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1180031 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Fri, 7 Oct 2011 13:15:01 +0000 (13:15 +0000)]
Merge r1179239 from trunk:
SECURITY (CVE-2011-3368): Prevent unintended pattern expansion in some
reverse proxy configurations by strictly validating the request-URI:
* server/protocol.c (read_request_line): Send a 400 response if the
request-URI does not match the grammar from RFC 2616. This ensures
the input string for RewriteRule et al really is an absolute path.
Reviewed by: jim, rjung, jorton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1180030 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 5 Oct 2011 23:26:55 +0000 (23:26 +0000)]
Vote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1179473 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Wed, 5 Oct 2011 18:47:28 +0000 (18:47 +0000)]
note re: comment
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1179376 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Wed, 5 Oct 2011 18:42:28 +0000 (18:42 +0000)]
Add these as showstoppers...
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1179375 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sat, 1 Oct 2011 11:26:03 +0000 (11:26 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1177966 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Thu, 29 Sep 2011 09:31:38 +0000 (09:31 +0000)]
Add backport proposal for MaxRanges configuration
directive and ap_set_accept_ranges() utility function.
With that 2.0.x should be on par with 2.2.x w.r.t.
Ranges.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1177239 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 28 Sep 2011 15:49:02 +0000 (15:49 +0000)]
Vote, comment.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1176929 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 27 Sep 2011 14:46:57 +0000 (14:46 +0000)]
Update
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1176407 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Mon, 26 Sep 2011 19:08:45 +0000 (19:08 +0000)]
backport req
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@
1176001 13f79535 -47bb-0310-9956-
ffa450edef68
projects / thirdparty / apache / httpd.git / log
