You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2011/09/09 16:41:06 UTC
svn commit: r391 - /dev/httpd/
Author: wrowe
Date: Fri Sep 9 14:41:01 2011
New Revision: 391
Log:
Add .21 candidate. Drop .20 candidate; svn mv doesn't leave these stale bits
Added:
dev/httpd/CHANGES_2.2.21
dev/httpd/httpd-2.2.21.tar.bz2 (with props)
dev/httpd/httpd-2.2.21.tar.bz2.asc
dev/httpd/httpd-2.2.21.tar.bz2.md5
dev/httpd/httpd-2.2.21.tar.bz2.sha1
dev/httpd/httpd-2.2.21.tar.gz (with props)
dev/httpd/httpd-2.2.21.tar.gz.asc
dev/httpd/httpd-2.2.21.tar.gz.md5
dev/httpd/httpd-2.2.21.tar.gz.sha1
Removed:
dev/httpd/CHANGES_2.2.20
dev/httpd/httpd-2.2.20.tar.bz2
dev/httpd/httpd-2.2.20.tar.bz2.asc
dev/httpd/httpd-2.2.20.tar.bz2.md5
dev/httpd/httpd-2.2.20.tar.bz2.sha1
dev/httpd/httpd-2.2.20.tar.gz
dev/httpd/httpd-2.2.20.tar.gz.asc
dev/httpd/httpd-2.2.20.tar.gz.md5
dev/httpd/httpd-2.2.20.tar.gz.sha1
Modified:
dev/httpd/CHANGES_2.2
Modified: dev/httpd/CHANGES_2.2
==============================================================================
--- dev/httpd/CHANGES_2.2 (original)
+++ dev/httpd/CHANGES_2.2 Fri Sep 9 14:41:01 2011
@@ -1,4 +1,38 @@
- -*- coding: utf-8 -*-
+ -*- coding: utf-8 -*-
+Changes with Apache 2.2.21
+
+ *) SECURITY: CVE-2011-3348 (cve.mitre.org)
+ mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not
+ recognized. [Jean-Frederic Clere]
+
+ *) Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
+ PR 51748. [<lowprio20 gmail.com>]
+
+ *) mod_filter: Instead of dropping the Accept-Ranges header when a filter
+ registered with AP_FILTER_PROTO_NO_BYTERANGE is present,
+ set the header value to "none". [Eric Covener, Ruediger Pluem]
+
+ *) mod_proxy_ajp: Ignore flushing if headers have not been sent.
+ PR 51608 [Ruediger Pluem]
+
+ *) mod_dav_fs: Fix segfault if apr DBM driver cannot be loaded. PR 51751.
+ [Stefan Fritsch]
+
+ *) mod_alias: Adjust log severity of "incomplete redirection target"
+ message. PR 44020.
+
+ *) mod_rewrite: Check validity of each internal (int:) RewriteMap even if the
+ RewriteEngine is disabled in server context, avoiding a crash while
+ referencing the invalid int: map at runtime. PR 50994.
+ [Ben Noordhuis <info noordhuis nl>]
+
+ *) core: Allow MaxRanges none|unlimited|default and set 'Accept-Ranges: none'
+ in the case Ranges are being ignored with MaxRanges none.
+ [Eric Covener]
+
+ *) mod_proxy_ajp: Respect "reuse" flag in END_REPONSE packets.
+ [Rainer Jung]
+
Changes with Apache 2.2.20
*) SECURITY: CVE-2011-3192 (cve.mitre.org)
Added: dev/httpd/CHANGES_2.2.21
==============================================================================
--- dev/httpd/CHANGES_2.2.21 (added)
+++ dev/httpd/CHANGES_2.2.21 Fri Sep 9 14:41:01 2011
@@ -0,0 +1,35 @@
+ -*- coding: utf-8 -*-
+Changes with Apache 2.2.21
+
+ *) SECURITY: CVE-2011-3348 (cve.mitre.org)
+ mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not
+ recognized. [Jean-Frederic Clere]
+
+ *) Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
+ PR 51748. [<lowprio20 gmail.com>]
+
+ *) mod_filter: Instead of dropping the Accept-Ranges header when a filter
+ registered with AP_FILTER_PROTO_NO_BYTERANGE is present,
+ set the header value to "none". [Eric Covener, Ruediger Pluem]
+
+ *) mod_proxy_ajp: Ignore flushing if headers have not been sent.
+ PR 51608 [Ruediger Pluem]
+
+ *) mod_dav_fs: Fix segfault if apr DBM driver cannot be loaded. PR 51751.
+ [Stefan Fritsch]
+
+ *) mod_alias: Adjust log severity of "incomplete redirection target"
+ message. PR 44020.
+
+ *) mod_rewrite: Check validity of each internal (int:) RewriteMap even if the
+ RewriteEngine is disabled in server context, avoiding a crash while
+ referencing the invalid int: map at runtime. PR 50994.
+ [Ben Noordhuis <info noordhuis nl>]
+
+ *) core: Allow MaxRanges none|unlimited|default and set 'Accept-Ranges: none'
+ in the case Ranges are being ignored with MaxRanges none.
+ [Eric Covener]
+
+ *) mod_proxy_ajp: Respect "reuse" flag in END_REPONSE packets.
+ [Rainer Jung]
+
Added: dev/httpd/httpd-2.2.21.tar.bz2
==============================================================================
Binary file - no diff available.
Propchange: dev/httpd/httpd-2.2.21.tar.bz2
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: dev/httpd/httpd-2.2.21.tar.bz2.asc
==============================================================================
--- dev/httpd/httpd-2.2.21.tar.bz2.asc (added)
+++ dev/httpd/httpd-2.2.21.tar.bz2.asc Fri Sep 9 14:41:01 2011
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+iQIcBAABAgAGBQJOaiQfAAoJEFWTvKlgxUQtWu4P/j/xCzXtpb2h1H4gNQtakXjp
+KFhfccvzlOGFpkUjauQ0so5Jj+wVVAgiElr7L0+YvmtXoUyNjCgToqqJTqT/3fwG
+uxKDFfqB5ujbCstKbJ4yKhMy92aDjX1+uWWr8J/1WX//SOWY/uUl/GhJnhEFAB6p
+YExuqqrQfrZcAfC6ME35Gbam6+I8OfHVIeT0m6hLOw6UaHaPXdoRj0CAKNy4NFEf
+ckyw2ddlz83ivek9naGxVFg4v/jN8CoSw3zVfto1QaQ7P+FMA5CrYoCPiEI0A6KA
+534L8xcXf02mN6Y2lgl3C6PYQYcGO198Zmd9xU3RCXsfaFgaOrV4D/fD9TVq1hLK
+OSHPU3AOf7IdFiq99qo7EsXNYrxS0xurv67HaodKXvNNRg8D8TBxDNWO1NpbGp3A
+/zDLm3wxpV2qSOSaZbIbyH8PhX2i4UurSo6y2AVrLENUmV4/bD51qJlitCL23YOo
+5vnK99CnPsWHe36p/GyMMJW2d2fn2tUroLTo/ebCdICZlQJhhWYI7+GHNQNkhqMt
+hp5m8so9Goabs+cKtdxiyARR6+AsyLh+2aRc35dgHpa95Tn3SkuAJ1KTM3ecbzgj
+BxJbA0M3snO9RmNo2h88HELzaA5WaB0Z1kVgYW6gjYELnWRpu+iGMJxFpgXQ6guQ
+CUiByAFuIQukRlpIU/qx
+=AWI2
+-----END PGP SIGNATURE-----
Added: dev/httpd/httpd-2.2.21.tar.bz2.md5
==============================================================================
--- dev/httpd/httpd-2.2.21.tar.bz2.md5 (added)
+++ dev/httpd/httpd-2.2.21.tar.bz2.md5 Fri Sep 9 14:41:01 2011
@@ -0,0 +1 @@
+1696ae62cd879ab1d4dd9ff021a470f2 *httpd-2.2.21.tar.bz2
Added: dev/httpd/httpd-2.2.21.tar.bz2.sha1
==============================================================================
--- dev/httpd/httpd-2.2.21.tar.bz2.sha1 (added)
+++ dev/httpd/httpd-2.2.21.tar.bz2.sha1 Fri Sep 9 14:41:01 2011
@@ -0,0 +1 @@
+c02f9b05da9a7e316ff37d9053dc76a57ba51cb4 *httpd-2.2.21.tar.bz2
Added: dev/httpd/httpd-2.2.21.tar.gz
==============================================================================
Binary file - no diff available.
Propchange: dev/httpd/httpd-2.2.21.tar.gz
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: dev/httpd/httpd-2.2.21.tar.gz.asc
==============================================================================
--- dev/httpd/httpd-2.2.21.tar.gz.asc (added)
+++ dev/httpd/httpd-2.2.21.tar.gz.asc Fri Sep 9 14:41:01 2011
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+iQIcBAABAgAGBQJOaiQJAAoJEFWTvKlgxUQt1gIP/jaReaHLEBUIkBAYwaCi36XB
+AHWp7k/vjlzHYfqLyaTKC9Wp2LAHPpuuh+dRSGTa1G/4qHZpyyVjYrsenVOK6ESt
++GJ5Kt0XdFuSiVbrUvwrpxqnu/ZrWBpwo8tSN6vzxZyx+epJUeYyqw8q7N1sg1J3
+0biP6pHRFLxzKno+6LQTwd3AcULzVkky7D7iQpQNEUkHiqVbpIizkh0aSnaXaj+o
+9OGOtEkdIHlkIFRZsL2F5BaRGgef4UdheZaQCm3c0NLAweGdTCODpQf/B/iPJU8E
+/fXPKVuIM7LzuBF5wtkBGs25GmzpZAvOIMo5gjrlRV3zF+KhSDQVLO30Crqe6sNw
+aWyyJTtvV00sqHdu0Z9jxh2oCRoWilq2g3pbeKoFzaDKnotxT8uqY9HHo0bNW8vX
+8yr6EESTVMgvrgfR5TFjYDXQvKe0d4D4ENmOTkM63HXoYR/JVzzvBbnsD0YDL5Iz
+2HziDLwvvdTO++pFB8RPEgp77lHL8aR8SQzBn5cvdn7XyrpPR8okJB5HwfmjA2D8
+UY6uZBQbG6FzDjy92I+tTjx8ptrZuL2E/cWvu1cylVa4BWJb+qMrMZBzfaiu9RJP
+YSb1hGqNv+Eck47IjH8dHOx1ZxPcLjaTdNwzZScxYNOVoZ9x1TerFTC0pY9/E7oE
+j2jzsd4JLDTTOHlRvuZl
+=Lka/
+-----END PGP SIGNATURE-----
Added: dev/httpd/httpd-2.2.21.tar.gz.md5
==============================================================================
--- dev/httpd/httpd-2.2.21.tar.gz.md5 (added)
+++ dev/httpd/httpd-2.2.21.tar.gz.md5 Fri Sep 9 14:41:01 2011
@@ -0,0 +1 @@
+b24ca6db942a4f8e57c357e5e3058d31 *httpd-2.2.21.tar.gz
Added: dev/httpd/httpd-2.2.21.tar.gz.sha1
==============================================================================
--- dev/httpd/httpd-2.2.21.tar.gz.sha1 (added)
+++ dev/httpd/httpd-2.2.21.tar.gz.sha1 Fri Sep 9 14:41:01 2011
@@ -0,0 +1 @@
+8fb9e6763269ae7cba85f02668c3c32041bf00ed *httpd-2.2.21.tar.gz