You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2012/09/30 17:44:46 UTC
svn commit: r1392043 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS
server/scoreboard.c
Author: jim
Date: Sun Sep 30 15:44:46 2012
New Revision: 1392043
URL: http://svn.apache.org/viewvc?rev=1392043&view=rev
Log:
SECURITY: CVE-2012-0031 (cve.mitre.org)
Modified:
httpd/httpd/branches/2.0.x/CHANGES
httpd/httpd/branches/2.0.x/STATUS
httpd/httpd/branches/2.0.x/server/scoreboard.c
Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?rev=1392043&r1=1392042&r2=1392043&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Sun Sep 30 15:44:46 2012
@@ -1,6 +1,11 @@
-*- coding: utf-8 -*-
Changes with Apache 2.0.65
+ *) SECURITY: CVE-2012-0031 (cve.mitre.org)
+ Fix scoreboard issue which could allow an unprivileged child process
+ could cause the parent to crash at shutdown rather than terminate
+ cleanly. [Joe Orton]
+
*) SECURITY: CVE-2011-3607 (cve.mitre.org)
core: Fix integer overflow in ap_pregsub. This can be triggered e.g.
with mod_setenvif via a malicious .htaccess. [Stefan Fritsch]
Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/STATUS?rev=1392043&r1=1392042&r2=1392043&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Sun Sep 30 15:44:46 2012
@@ -171,15 +171,6 @@ RELEASE SHOWSTOPPERS:
http://people.apache.org/~trawick/2.0-CVE-2011-4317-r1235443.patch
+1: trawick
- *) SECURITY: CVE-2012-0031 (cve.mitre.org)
- Fix scoreboard issue which could allow an unprivileged child process
- could cause the parent to crash at shutdown rather than terminate
- cleanly. [Joe Orton]
-
- r1231058 on 2.0.x:
- http://people.apache.org/~trawick/2.0-CVE-2012-0031-r1231058.patch
- +1: trawick, wrowe, rjung
-
*) SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
Modified: httpd/httpd/branches/2.0.x/server/scoreboard.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/server/scoreboard.c?rev=1392043&r1=1392042&r2=1392043&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/server/scoreboard.c (original)
+++ httpd/httpd/branches/2.0.x/server/scoreboard.c Sun Sep 30 15:44:46 2012
@@ -41,6 +41,8 @@ AP_DECLARE_DATA scoreboard *ap_scoreboar
AP_DECLARE_DATA const char *ap_scoreboard_fname = NULL;
AP_DECLARE_DATA int ap_extended_status = 0;
+static ap_scoreboard_e scoreboard_type;
+
#if APR_HAS_SHARED_MEMORY
#include "apr_shm.h"
@@ -230,7 +232,7 @@ apr_status_t ap_cleanup_scoreboard(void
if (ap_scoreboard_image == NULL) {
return APR_SUCCESS;
}
- if (ap_scoreboard_image->global->sb_type == SB_SHARED) {
+ if (scoreboard_type == SB_SHARED) {
ap_cleanup_shared_mem(NULL);
}
else {
@@ -289,7 +291,7 @@ int ap_create_scoreboard(apr_pool_t *p,
ap_init_scoreboard(sb_mem);
}
- ap_scoreboard_image->global->sb_type = sb_type;
+ ap_scoreboard_image->global->sb_type = scoreboard_type = sb_type;
ap_scoreboard_image->global->running_generation = running_gen;
ap_scoreboard_image->global->restart_time = apr_time_now();