httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r1642500 - /httpd/httpd/branches/2.4.x/STATUS
Date Sun, 30 Nov 2014 01:43:53 GMT
Author: covener
Date: Sun Nov 30 01:43:52 2014
New Revision: 1642500

URL: http://svn.apache.org/r1642500
Log:
propose mild mod_lua CVE

Modified:
    httpd/httpd/branches/2.4.x/STATUS

Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1642500&r1=1642499&r2=1642500&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Sun Nov 30 01:43:52 2014
@@ -109,6 +109,14 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]
 
+  *) SECURITY: CVE-2014-8109 (cve.mitre.org)
+     mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
+              used in multiple Require directives with different arguments.
+              PR57204. 
+     trunk patch: http://svn.apache.org/r1642499
+     2.4.x patch: trunk works:
+     +1 covener
+       
    * mod_proxy: Preserve original request headers even if they differ
                 from the ones to be forwarded to the backend. PR 45387.
      trunk patch: http://svn.apache.org/r1588527



Mime
View raw message