httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <>
Subject CVE (Was: DoS with mod_deflate & range requests)
Date Wed, 24 Aug 2011 08:28:49 GMT

Have we done (or who is doing a CVE) on this ? So we get immediate 'fixes' out like a tiny
patch to count the comma's, a caveated LimitRequestFieldSize 100 or a clever Regex on %{HTTP_Range}.

Or am I totally asleep and missed the CVE (as my google foo only nets me CVE-2005-2728 right
now - which is from 2005!).

View raw message