You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2015/03/05 03:34:42 UTC
svn commit: r1664207 - /httpd/httpd/branches/2.4.x/STATUS
Author: covener
Date: Thu Mar 5 02:34:42 2015
New Revision: 1664207
URL: http://svn.apache.org/r1664207
Log:
propose errordoc 400 CVE, switch another vote syntax
Modified:
httpd/httpd/branches/2.4.x/STATUS
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1664207&r1=1664206&r2=1664207&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Thu Mar 5 02:34:42 2015
@@ -255,8 +255,15 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
sized 664 byte array per merge to a hash table.
trunk patch: http://svn.apache.org/r1661448
2.4.x patch: http://people.apache.org/~minfrin/httpd-core-errordocument24-3.patch
- minfrin: +1
+ +1: minfrin
+ *) SECURITY: CVE-2015-0253 (cve.mitre.org)
+ core: Fix a crash introduced in with ErrorDocument 400 pointing
+ to a local URL-path with the INCLUDES filter active, introduced
+ in 2.4.11. PR 57531. [Yann Ylavic]
+ trunk patch: http://svn.apache.org/r1664205
+ 2.4.x patch: trunk works
+ +1 covener
OTHER PROPOSALS