You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2012/07/13 22:16:26 UTC
svn commit: r1361377 - in /httpd/httpd/branches/2.4.x: CHANGES STATUS
server/core.c
Author: covener
Date: Fri Jul 13 20:16:25 2012
New Revision: 1361377
URL: http://svn.apache.org/viewvc?rev=1361377&view=rev
Log:
Merge r1359881 from https://svn.apache.org/repos/asf/httpd/httpd/trunk/:
r1052419 changed the default value of Options to FollowSymlinks,
but inadvertently made "AllowOverride Options" behave like
"AllowOverride Options=FollowSymLinks".
PR53444
Modified:
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/server/core.c
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1361377&r1=1361376&r2=1361377&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Fri Jul 13 20:16:25 2012
@@ -8,6 +8,10 @@ Changes with Apache 2.4.3
possible XSS for a site where untrusted users can upload files to
a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]
+ *) core: Fix spurious "not allowed here" error returned when the Options
+ directive is used in .htaccess and "AllowOverride Options" (with no
+ specific options restricted) is configured. PR 53444. [Eric Covener]
+
*) mod_authz_core: Fix parsing of Require arguments in <AuthzProviderAlias>.
PR 53048. [Stefan Fritsch]
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1361377&r1=1361376&r2=1361377&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Fri Jul 13 20:16:25 2012
@@ -88,13 +88,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * core: "AllowOverride Options" inadvertently treated like
- "AllowOverride Options=FollowSymlinks" after r1052419
- PR53444
- trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1359976
- 2.4.x patch: trunk works (+ CHANGES)
- +1: covener, jim, humbedooh
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.4.x/server/core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?rev=1361377&r1=1361376&r2=1361377&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/server/core.c (original)
+++ httpd/httpd/branches/2.4.x/server/core.c Fri Jul 13 20:16:25 2012
@@ -1612,7 +1612,7 @@ static const char *set_override(cmd_parm
if (v)
set_allow_opts(cmd, &(d->override_opts), v);
else
- d->override_opts = OPT_SYM_LINKS;
+ d->override_opts = OPT_ALL;
}
else if (!strcasecmp(w, "FileInfo")) {
d->override |= OR_FILEINFO;