httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject svn commit: r1610737 - in /httpd/httpd/branches/2.4.x: CHANGES modules/proxy/proxy_util.c
Date Tue, 15 Jul 2014 16:11:04 GMT
Author: jim
Date: Tue Jul 15 16:11:04 2014
New Revision: 1610737

URL: http://svn.apache.org/r1610737
Log:
mod_proxy Connection handling crasher, CVE-2014-0117

Modified:
    httpd/httpd/branches/2.4.x/CHANGES
    httpd/httpd/branches/2.4.x/modules/proxy/proxy_util.c

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1610737&r1=1610736&r2=1610737&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Jul 15 16:11:04 2014
@@ -2,9 +2,12 @@
 
 Changes with Apache 2.4.10
 
-  *) SECURITY (CVE-2014-3523): Fix a memory consumption denial of
-     service in the WinNT MPM (used in all Windows installations).
-     Workaround: AcceptFilter <protocol> {none|connect}
+  *) SECURITY: CVE-2014-0117 (cve.mitre.org)
+     Fix crashing with mod_proxy Connection handling.
+
+  *) SECURITY: CVE-2014-3523 (cve.mitre.org)
+     Fix a memory consumption denial of service in the WinNT MPM (used in all Windows
+     installations). Workaround: AcceptFilter <protocol> {none|connect}
      [Jeff Trawick]
 
   *) SECURITY: CVE-2014-0226 (cve.mitre.org)

Modified: httpd/httpd/branches/2.4.x/modules/proxy/proxy_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/proxy_util.c?rev=1610737&r1=1610736&r2=1610737&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/proxy_util.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/proxy_util.c Tue Jul 15 16:11:04 2014
@@ -3132,7 +3132,7 @@ static int find_conn_headers(void *data,
     const char *name;
 
     do {
-        while (*val == ',') {
+        while (*val == ',' || *val == ';') {
             val++;
         }
         name = ap_get_token(x->pool, &val, 0);



Mime
View raw message