You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2005/07/15 20:32:55 UTC

svn commit: r219231 - /httpd/httpd/trunk/CHANGES

Author: wrowe
Date: Fri Jul 15 11:32:54 2005
New Revision: 219231

URL: http://svn.apache.org/viewcvs?rev=219231&view=rev
Log:

  Backported a few already

Modified:
    httpd/httpd/trunk/CHANGES

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=219231&r1=219230&r2=219231&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES (original)
+++ httpd/httpd/trunk/CHANGES Fri Jul 15 11:32:54 2005
@@ -3,11 +3,10 @@
 
   *) SECURITY: CAN-2005-2088
      proxy: Correctly handle the Transfer-Encoding and Content-Length
-     headers, discard the request Content-Length whenever T-E: chunked
+     headers.  Discard the request Content-Length whenever T-E: chunked
      is used, always passing one of either C-L or T-E: chunked whenever 
-     the request includes a request body, and no longer upgrade HTTP/1.0 
-     requests to the origin server as HTTP/1.1.  Resolves an entire class
-     of proxy HTTP Request Splitting/Spoofing attacks.  [William Rowe]
+     the request includes a request body.  Resolves an entire class of
+     proxy HTTP Request Splitting/Spoofing attacks.  [William Rowe]
 
   *) Added TraceEnable [on|off|extended] per-server directive to alter
      the behavior of the TRACE method.  This addresses a flaw in proxy
@@ -34,19 +33,9 @@
 
 Changes with Apache 2.1.6
 
-  *) SECURITY: CAN-2005-2088
-     core: If a request contains both Transfer-Encoding and Content-Length
-     headers, remove the Content-Length, mitigating some HTTP Request 
-     Splitting/Spoofing attacks.  [Paul Querna]
-
   *) Fix htdbm password validation for records which included comments.
      [Eric Covener <covener gmail.com>]
 
-  *) proxy HTTP: If a response contains both Transfer-Encoding and a 
-     Content-Length, remove the Content-Length and don't reuse the
-     connection, mitigating some HTTP Response Splitting attacks.
-     [Jeff Trawick]
-
   *) mod_cgid: Fix buffer overflow processing ScriptSock directive.
      [Steve Kemp <steve steve.org.uk>]
 
@@ -772,6 +761,16 @@
    Apache 2.0.xx tree as documented, and except as noted, below.]
 
 Changes with Apache 2.0.55
+
+  *) SECURITY: CAN-2005-2088
+     core: If a request contains both Transfer-Encoding and Content-Length
+     headers, remove the Content-Length, mitigating some HTTP Request 
+     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]
+
+  *) proxy HTTP: If a response contains both Transfer-Encoding and a 
+     Content-Length, remove the Content-Length and don't reuse the
+     connection, mitigating some HTTP Response Splitting attacks.
+     [Jeff Trawick]
 
   *) SECURITY: CAN-2005-1268 (cve.mitre.org)
      mod_ssl: Fix off-by-one overflow whilst printing CRL information