httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stri...@apache.org
Subject cvs commit: httpd-2.0/modules/proxy proxy_ftp.c
Date Wed, 09 Jul 2003 12:19:01 GMT
striker     2003/07/09 05:19:01

  Modified:    .        CHANGES
               modules/proxy proxy_ftp.c
  Log:
  Forward port security patch for CAN-2003-0254 from 2.0.
  
  SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
  of service when target host is IPv6 but proxy server can't create
  IPv6 socket.  Fixed by the reporter.  [Yoshioka Tsuneo
  <tsuneo.yoshioka@f-secure.com>]
  
  Revision  Changes    Path
  1.1214    +5 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1213
  retrieving revision 1.1214
  diff -u -r1.1213 -r1.1214
  --- CHANGES	9 Jul 2003 12:15:42 -0000	1.1213
  +++ CHANGES	9 Jul 2003 12:19:01 -0000	1.1214
  @@ -169,6 +169,11 @@
   
   Changes with Apache 2.0.47
   
  +  *) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
  +     of service when target host is IPv6 but proxy server can't create
  +     IPv6 socket.  Fixed by the reporter.  [Yoshioka Tsuneo
  +     <tsuneo.yoshioka@f-secure.com>]
  +
     *) SECURITY [VU#379828] Prevent the server from crashing when entering
        infinite loops. The new LimitInternalRecursion directive configures
        limits of subsequent internal redirects and nested subrequests, after
  
  
  
  1.132     +2 -0      httpd-2.0/modules/proxy/proxy_ftp.c
  
  Index: proxy_ftp.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/proxy/proxy_ftp.c,v
  retrieving revision 1.131
  retrieving revision 1.132
  diff -u -r1.131 -r1.132
  --- proxy_ftp.c	3 Feb 2003 17:53:10 -0000	1.131
  +++ proxy_ftp.c	9 Jul 2003 12:19:01 -0000	1.132
  @@ -957,6 +957,7 @@
   	    if ((rv = apr_socket_create(&sock, connect_addr->family, SOCK_STREAM, r->pool))
!= APR_SUCCESS) {
   		ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
   			      "proxy: FTP: error creating socket");
  +                connect_addr = connect_addr->next;
   		continue;
   	    }
   
  @@ -974,6 +975,7 @@
   #ifndef _OSD_POSIX              /* BS2000 has this option "always on" */
   		ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
   			      "proxy: FTP: error setting reuseaddr option: apr_socket_opt_set(APR_SO_REUSEADDR)");
  +                connect_addr = connect_addr->next;
   		continue;
   #endif                          /* _OSD_POSIX */
   	    }
  
  
  

Mime
View raw message