Merge r1610501 from trunk:
*) SECURITY: CVE-2014-0118 (cve.mitre.org) mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of sevice via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue. Submitted By: ylavic, covener Reviewed By: jorton, covener, jim Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611426 13f79535-47bb-0310-9956-ffa450edef68
parent
d87b1719
Please register or sign in to comment