Commit ca03adae authored by Greg Ames's avatar Greg Ames
Browse files

vote for the 2.2.x pregsub patch 


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1236900 13f79535-47bb-0310-9956-ffa450edef68
parent d6268ba2

STATUS

+1 −0
Original line number Diff line number Diff line
@@ -137,6 +137,7 @@ RELEASE SHOWSTOPPERS: 
     Fix integer overflow in ap_pregsub() which, when the mod_setenvif module

     is enabled, could allow local users to gain privileges via a .htaccess

     file. [Stefan Fritsch, Greg Ames]

       +1: gregames (r1227280 from 2.2.x)



  *) SECURITY: CVE-2011-4317 (cve.mitre.org)

     Resolve additional cases of URL rewriting with ProxyPassMatch or