httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rpl...@apache.org
Subject svn commit: r609953 - /httpd/httpd/branches/2.2.x/CHANGES
Date Tue, 08 Jan 2008 12:28:43 GMT
Author: rpluem
Date: Tue Jan  8 04:28:41 2008
New Revision: 609953

URL: http://svn.apache.org/viewvc?rev=609953&view=rev
Log:
Merge r609394, r609538 from trunk:

* Fix cases with non blocking reads from the ap_http_filter input filter where
  chunk size lines or empty lines after a chunk are read incomplete. This can
  lead to a corruption inside the dechunking algorithm.
  This patch has an issue with larger chunk-extensions which need to get thrown
  away since we ignore them anyway.

PR: 19954, 41056
Tested by: niq


* Optimize solution from r609394 and remove chunk-extensions restriction that
  was in r609394.

Submitted by: rpluem
Reviewed by: ruediger

Modified:
    httpd/httpd/branches/2.2.x/CHANGES

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=609953&r1=609952&r2=609953&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Tue Jan  8 04:28:41 2008
@@ -32,7 +32,8 @@
      mod_imagemap: Fix a cross-site scripting issue.  Reported by JPCERT.
      [Joe Orton]
 
-  *) Introduce the ProxyFtpDirCharset directive, allowing the administrator
+  *) SECURITY: CVE-2008-0005 (cve.mitre.org)
+     Introduce the ProxyFtpDirCharset directive, allowing the administrator
      to identify a default, or specific servers or paths which list their
      contents in other-than ISO-8859-1 charset (e.g. utf-8). [Ruediger Pluem]
 



Mime
View raw message