Skip to content
  1. Oct 07, 2011
    • Joe Orton's avatar
      Merge r1179239 from trunk: · 11070515
      Joe Orton authored
      SECURITY (CVE-2011-3368): Prevent unintended pattern expansion in some
      reverse proxy configurations by strictly validating the request-URI:
      
      * server/protocol.c (read_request_line): Send a 400 response if the
        request-URI does not match the grammar from RFC 2616.  This ensures
        the input string for RewriteRule et al really is an absolute path.
      
      Reviewed by: jim, rjung, jorton
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1180030 13f79535-47bb-0310-9956-ffa450edef68
      11070515
  2. Oct 05, 2011
  3. Oct 01, 2011
  4. Sep 29, 2011
  5. Sep 28, 2011
  6. Sep 27, 2011
  7. Sep 26, 2011
  8. Sep 14, 2011
  9. Sep 12, 2011
  10. Sep 09, 2011
  11. May 05, 2011
  12. May 03, 2011
  13. Apr 08, 2011
  14. Apr 05, 2011
  15. Mar 20, 2011
  16. Mar 02, 2011
  17. Jan 16, 2011
  18. Jan 03, 2011
  19. Dec 25, 2010
  20. Dec 21, 2010
  21. Dec 18, 2010
  22. Dec 11, 2010