You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2014/08/22 13:43:36 UTC

svn commit: r1619755 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS

Author: wrowe
Date: Fri Aug 22 11:43:36 2014
New Revision: 1619755

URL: http://svn.apache.org/r1619755
Log:
Resequence CHANGES chronologically and by severity

Modified:
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1619755&r1=1619754&r2=1619755&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Fri Aug 22 11:43:36 2014
@@ -21,9 +21,6 @@ Changes with Apache 2.2.28
      Fix a race condition in scoreboard handling, which could lead to
      a heap buffer overflow.  [Joe Orton, Eric Covener, Jeff Trawick]
  
-  *) mod_deflate: Handle Zlib header and validation bytes received in multiple
-     chunks. PR 46146. [Yann Ylavic]
-
   *) SECURITY: CVE-2013-5704 (cve.mitre.org)
      core: HTTP trailers could be used to replace HTTP headers
      late during request processing, potentially undoing or
@@ -31,6 +28,12 @@ Changes with Apache 2.2.28
      request headers earlier.  Adds "MergeTrailers" directive to restore
      legacy behavior.  [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
 
+  *) core: Detect incomplete request and response bodies, log an error and
+     forward it to the underlying filters. PR 55475.  [Yann Ylavic]
+
+  *) mod_deflate: Handle Zlib header and validation bytes received in multiple
+     chunks. PR 46146. [Yann Ylavic]
+
   *) mod_proxy: Don't reuse a SSL backend connection whose requested SNI
      differs. PR 55782.  [Yann Ylavic]
  
@@ -50,9 +53,6 @@ Changes with Apache 2.2.28
      and that coincides with the end of stream ("Zlib error flushing inflate
      buffer"). PR 56196. [Christoph Fausak <christoph fausak glueckkanja.com>]
 
-  *) core: Detect incomplete request and response bodies, log an error and
-     forward it to the underlying filters. PR 55475.  [Yann Ylavic]
-
   *) mod_cache, mod_disk_cache: With CacheLock enabled, responses with a Vary 
      header might not get the benefit of the thundering herd protection due to 
      an incorrect internal cache key.  PR 50317. 

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1619755&r1=1619754&r2=1619755&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Fri Aug 22 11:43:36 2014
@@ -99,35 +99,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * mod_deflate: Fix reentrance in output and input filters (buffering of
-                  incomplete Zlib header or validation bytes). PR 46146.
-     trunk patch: https://svn.apache.org/r1572655
-                  https://svn.apache.org/r1572663
-                  https://svn.apache.org/r1572668
-                  https://svn.apache.org/r1572669
-                  https://svn.apache.org/r1572670
-                  https://svn.apache.org/r1572671
-                  https://svn.apache.org/r1573224
-                  https://svn.apache.org/r1586745
-                  https://svn.apache.org/r1587594
-                  https://svn.apache.org/r1587639
-                  https://svn.apache.org/r1590509
-                  https://svn.apache.org/r1603156 (partially, CHANGES update)
-                  https://svn.apache.org/r1604353
-                  https://svn.apache.org/r1611725
-     2.4.x patch: https://svn.apache.org/r1604458 (2.4.10)
-     2.2.x patch: http://people.apache.org/~ylavic/httpd-2.2.x-mod_deflate_reentrant_with_CHANGES_v4.patch
-                  (modulo CHANGES)
-     +1: ylavic, wrowe, rpluem
-     ylavic: v4 is now merging correctly after http://svn.apache.org/r1611806
-
-   *) core: Detect incomplete request and response bodies, log an error and
-            forward it to the underlying filters. PR 55475 [Yann Ylavic]
-     trunk patch: http://svn.apache.org/r1538776
-     2.4.x patch: http://svn.apache.org/r1570324 (2.4.8)
-     2.2.x patch: http://people.apache.org/~ylavic/2.2.x-http_filter_incomplete.patch
-                  (modulo CHANGES)
-     +1: ylavic, wrowe, rpluem
 
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK: