You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by yl...@apache.org on 2017/07/17 10:42:23 UTC

svn propchange: r1799228 - svn:log

Author: ylavic
Revision: 1799228
Modified property: svn:log

Modified: svn:log at Mon Jul 17 10:42:23 2017
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Mon Jul 17 10:42:23 2017
@@ -1,7 +1,12 @@
-Merge r1796350 from trunk:
+SECURITY: CVE-2017-7668 (cve.mitre.org)
+The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a
+bug in token list parsing, which allows ap_find_token() to search past
+the end of its input string. By maliciously crafting a sequence of
+request headers, an attacker may be able to cause a segmentation fault,
+or to force ap_find_token() to return an incorrect value.
 
+Merge r1796350 from trunk:
 short-circuit on NULL
 
 Submitted By: jchampion
 Reviewed By: jchampion, wrowe, ylavic
-