*) SECURITY: CVE-2012-0053 (cve.mitre.org) (40526674) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Commit 40526674 authored Sep 30, 2012 by

Jim Jagielski

*) SECURITY: CVE-2012-0053 (cve.mitre.org)

       Fix an issue in error responses that could expose "httpOnly" cookies
            when no custom ErrorDocument is specified for status code 400.
                 [Eric Covener]

                      r1234837 on 2.0.x:
                             http://people.apache.org/~trawick/2.0-CVE-2012-0053-r1234837.patch
                                  +1: trawick, rjung, jim



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1392050 13f79535-47bb-0310-9956-ffa450edef68

parent 612c71fa

Hide whitespace changes

Inline Side-by-side

Please register or to comment