Merge r1198940 from trunk resp. r1227280 from 2.2.x: (287abea8) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Commit 287abea8 authored Oct 03, 2012 by

Rainer Jung

Merge r1198940 from trunk resp. r1227280 from 2.2.x:

Fix integer overflow in ap_pregsub. This can be triggered e.g.
with mod_setenvif via a malicious .htaccess

CVE-2011-3607
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

Submitted by: sf
Reviewed/backported by: rjung


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1393580 13f79535-47bb-0310-9956-ffa450edef68

parent ce7bd9ec

Hide whitespace changes

Inline Side-by-side

Please register or to comment