Merge 1610491 from trunk:
SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this. * include/scoreboard.h: Add ap_copy_scoreboard_worker. * server/scoreboard.c (ap_copy_scoreboard_worker): New function. * modules/generators/mod_status.c (status_handler): Use it. Reviewed by: trawick, jorton, covener Submitted by: jorton, trawick, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610515 13f79535-47bb-0310-9956-ffa450edef68
parent
da2bf418
Please register or sign in to comment