httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject svn commit: r548704 - /httpd/httpd/branches/2.0.x/STATUS
Date Tue, 19 Jun 2007 12:19:02 GMT
Author: mjc
Date: Tue Jun 19 05:19:01 2007
New Revision: 548704

URL: http://svn.apache.org/viewvc?view=rev&rev=548704
Log:
Propose for backport mod_cache issue

Modified:
    httpd/httpd/branches/2.0.x/STATUS

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/STATUS?view=diff&rev=548704&r1=548703&r2=548704
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Tue Jun 19 05:19:01 2007
@@ -301,6 +301,15 @@
              propogating POST or other non-GET types?  It seems that almost
              any subreq should be handled as a GET in 2.0.
 
+    *) SECURITY: CVE-2007-1863 (cve.mitre.org)
+      mod_cache: Prevent segfault from Cache-Control headers with no
+      values
+      Trunk version of patch:
+        http://svn.apache.org/viewvc?view=rev&rev=535617
+      2.0.x version of patch:
+        http://people.apache.org/~mjc/cve-2007-1863-2.0.patch
+      +1: mjc
+
 CURRENT VOTES:
 
     *) httpd-std.conf and friends;



Mime
View raw message