Skip to content
  • Joe Orton's avatar
    Merge r1640036, r1640331 from trunk: · 55ad7eb6
    Joe Orton authored
    mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org)
    Fix a potential crash with response headers' size above 8K.
    
    The code changes to mod_authnz_fcgi keep the handle_headers()
    function in sync between the two modules.  mod_authnz_fcgi
    does not have this issue because it allocated a separate byte
    for terminating '\0'.
    
    Submitted by: ylavic, trawick
    Reviewed by: ylavic, trawick, mrumph
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641551 13f79535-47bb-0310-9956-ffa450edef68
    55ad7eb6
To find the state of this project's repository at the time of any of these versions, check out the tags.