Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 37DA0200B71 for ; Wed, 31 Aug 2016 21:28:44 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 3618E160AB4; Wed, 31 Aug 2016 19:28:44 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 800B0160AA7 for ; Wed, 31 Aug 2016 21:28:43 +0200 (CEST) Received: (qmail 44314 invoked by uid 500); 31 Aug 2016 19:28:42 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 44305 invoked by uid 99); 31 Aug 2016 19:28:42 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 31 Aug 2016 19:28:42 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 2AE37187920 for ; Wed, 31 Aug 2016 19:28:42 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.426 X-Spam-Level: X-Spam-Status: No, score=-0.426 tagged_above=-999 required=6.31 tests=[KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-1.426] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id HMxk-9TLTZQ6 for ; Wed, 31 Aug 2016 19:28:39 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 47E2B5F306 for ; Wed, 31 Aug 2016 19:28:39 +0000 (UTC) Received: from svn01-us-west.apache.org (svn.apache.org [10.41.0.6]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 56AC9E00B8 for ; Wed, 31 Aug 2016 19:28:38 +0000 (UTC) Received: from svn01-us-west.apache.org (localhost [127.0.0.1]) by svn01-us-west.apache.org (ASF Mail Server at svn01-us-west.apache.org) with ESMTP id B621D3A0D27 for ; Wed, 31 Aug 2016 19:28:37 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1758667 - /httpd/httpd/branches/2.2.x/STATUS Date: Wed, 31 Aug 2016 19:28:36 -0000 To: cvs@httpd.apache.org From: ylavic@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20160831192837.B621D3A0D27@svn01-us-west.apache.org> archived-at: Wed, 31 Aug 2016 19:28:44 -0000 Author: ylavic Date: Wed Aug 31 19:28:36 2016 New Revision: 1758667 URL: http://svn.apache.org/viewvc?rev=1758667&view=rev Log: Vote, promote, but the second proposal does not apply cleanly... Modified: httpd/httpd/branches/2.2.x/STATUS Modified: httpd/httpd/branches/2.2.x/STATUS URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1758667&r1=1758666&r2=1758667&view=diff ============================================================================== --- httpd/httpd/branches/2.2.x/STATUS (original) +++ httpd/httpd/branches/2.2.x/STATUS Wed Aug 31 19:28:36 2016 @@ -103,6 +103,19 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] + *) core: Reject requests containing (invalid) NULL characters in request line + or request headers. (Including embedded %00 in URL). + (Use APR_STATUS_IS_... in some more cases.) + Trunk version of patch + http://svn.apache.org/r892678 + http://svn.apache.org/r1100511 + http://svn.apache.org/r1102124 + Backport: (trunk works as well) + https://raw.githubusercontent.com/wrowe/patches/master/backport-2.2.x-r892678.patch + Submitted by niq, status legibility fixes by covener, sf + PR: 43039 + +1: wrowe, covener, ylavic + PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] @@ -154,22 +167,9 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: Backport version for 2.4.x of patch: http://svn.apache.org/r1756562 Backport version for 2.2.x of patch: - http://home.apache.org/~ylavic/patches/httpd-2.2.x-r1753592.patch + http://home.apache.org/~ylavic/patches/httpd-2.2.x-r1753592.patch +1: ylavic - *) core: Reject requests containing (invalid) NULL characters in request line - or request headers. (Including embedded %00 in URL). - (Use APR_STATUS_IS_... in some more cases.) - Trunk version of patch - http://svn.apache.org/r892678 - http://svn.apache.org/r1100511 - http://svn.apache.org/r1102124 - Backport: (trunk works as well) - https://raw.githubusercontent.com/wrowe/patches/master/backport-2.2.x-r892678.patch - Submitted by niq, status legibility fixes by covener, sf - PR: 43039 - +1: wrowe, covener - *) Enforce LimitRequestFieldSize after multiple headers with the same name have been merged, Ensure LimitRequestFieldSize is always logged. Downgrade some more log messages indicating client errors from level error @@ -192,6 +192,8 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: Backport: (Adjustments dodging 2.4'isms such as APLOGNO's) https://raw.githubusercontent.com/wrowe/patches/master/backport-2.2.x-r951900-r1178566-r1185385-r1188745-r1352911-r1433613.patch +1: wrowe, covener + ylavic: the patch does not apply cleanly? (I tried both w/ and w/o + backport-2.2.x-r892678.patch first, conflicts in protocol.c) *) core: ErrorDocument now works for requests without a Host header. Support custom ErrorDocuments for HTTP 501 and 414 status codes.