You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2007/12/29 10:31:12 UTC
svn commit: r607406 - /httpd/httpd/branches/2.2.x/STATUS
Author: rpluem
Date: Sat Dec 29 01:31:12 2007
New Revision: 607406
URL: http://svn.apache.org/viewvc?rev=607406&view=rev
Log:
* Promote
Modified:
httpd/httpd/branches/2.2.x/STATUS
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=607406&r1=607405&r2=607406&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sat Dec 29 01:31:12 2007
@@ -89,14 +89,6 @@
or all RFC conformant browsers, and additional customization can come
as a new feature in the future.
- * mod_status: Ensure refresh parameter is numeric to prevent a possible XSS
- attack caused by redirecting to other URLs.
- Trunk version of patch:
- http://svn.apache.org/viewvc?rev=607282&view=rev
- Backport version for 2.0.x of patch:
- http://awe.com/e8f6ad05238f8/CVE-2007-6388-httpd-2.x.patch
- +1: rpluem, wrowe, jorton
-
* mod_proxy_balancer: Prevent crash in balancer manager if invalid balancer
name is passed as parameter.
Trunk version of patch:
@@ -119,6 +111,14 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
+
+ * mod_status: Ensure refresh parameter is numeric to prevent a possible XSS
+ attack caused by redirecting to other URLs.
+ Trunk version of patch:
+ http://svn.apache.org/viewvc?rev=607282&view=rev
+ Backport version for 2.0.x of patch:
+ http://awe.com/e8f6ad05238f8/CVE-2007-6388-httpd-2.x.patch
+ +1: rpluem, wrowe, jorton
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]