httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: svn commit: r209723 - /httpd/httpd/trunk/CHANGES
Date Fri, 08 Jul 2005 09:48:06 GMT
On Fri, Jul 08, 2005 at 09:35:58AM -0000, Paul Querna wrote:
> Author: pquerna
> Date: Fri Jul  8 02:35:56 2005
> New Revision: 209723
> 
> URL: http://svn.apache.org/viewcvs?rev=209723&view=rev
> Log:
> The request smuggling issue did get assigned CAN-2005-2088.

Ah, I was just about to commit a different change to clear this up.

CAN-2005-2088 only refers to the fix for the specific *request* handling 
issue highlighted in the watchfire report.  No CVE name has been 
assigned for fix for response handling in the proxy since there is no 
real security issue there in httpd.  (nobody has demonstrated one, 
anyway; it would probably require a separate CVE name)

The changes in 2.1.5 did not actually fix CAN-2005-2088, however.  So we 
could move that CHANGES entry from the 2.1.5 section to the 2.1.6 
section to clarify this.

The security references should be removed from the "proxy HTTP: ..." 
entry completely, I think, certainly the CVE reference must be.

joe


> 
> Modified:
>     httpd/httpd/trunk/CHANGES
> 
> Modified: httpd/httpd/trunk/CHANGES
> URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=209723&r1=209722&r2=209723&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/CHANGES (original)
> +++ httpd/httpd/trunk/CHANGES Fri Jul  8 02:35:56 2005
> @@ -19,7 +19,7 @@
>    *) Fix htdbm password validation for records which included comments.
>       [Eric Covener <covener gmail.com>]
>  
> -  *) SECURITY: 
> +  *) SECURITY: CAN-2005-2088
>       proxy HTTP: If a response contains both Transfer-Encoding and a 
>       Content-Length, remove the Content-Length and don't reuse the
>       connection, stopping some HTTP Request smuggling attacks.
> @@ -30,7 +30,7 @@
>  
>  Changes with Apache 2.1.5
>  
> -  *) SECURITY: 
> +  *) SECURITY: CAN-2005-2088
>       core: If a request contains both Transfer-Encoding and a Content-Length,
>       remove the Content-Length, stopping some HTTP Request smuggling attacks.
>       [Paul Querna]
> 

Mime
View raw message