You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2014/07/26 17:21:16 UTC
svn commit: r1613655 - /httpd/httpd/branches/2.2.x/STATUS
Author: covener
Date: Sat Jul 26 15:21:16 2014
New Revision: 1613655
URL: http://svn.apache.org/r1613655
Log:
add a showstopper Jeff might have found on users@
Modified:
httpd/httpd/branches/2.2.x/STATUS
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1613655&r1=1613654&r2=1613655&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sat Jul 26 15:21:16 2014
@@ -95,6 +95,8 @@ CURRENT RELEASE NOTES:
RELEASE SHOWSTOPPERS:
+ * Something like CVE-2014-0118 (zipbomb) + PROXYREQ_REVERSE + LimitRequestBody looks
+ like it may be broken in 2.4.10.
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]