Skip to content
Commit 40526674 authored by Jim Jagielski's avatar Jim Jagielski
Browse files

*) SECURITY: CVE-2012-0053 (cve.mitre.org) 

       Fix an issue in error responses that could expose "httpOnly" cookies
            when no custom ErrorDocument is specified for status code 400.
                 [Eric Covener]

                      r1234837 on 2.0.x:
                             http://people.apache.org/~trawick/2.0-CVE-2012-0053-r1234837.patch
                                  +1: trawick, rjung, jim



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1392050 13f79535-47bb-0310-9956-ffa450edef68
parent 612c71fa
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment