Skip to content
  1. Jan 22, 2015
  2. Jan 19, 2015
  3. Jan 15, 2015
  4. Jan 14, 2015
  5. Jan 12, 2015
  6. Jan 09, 2015
  7. Dec 17, 2014
  8. Dec 16, 2014
    • Jim Jagielski's avatar
      Merge r1641077, r1641095 from trunk: · 610b4763
      Jim Jagielski authored
      mod_ssl: Fix recognition of OCSP stapling responses that are encoded
               improperly or too large.
      
      The one byte "ok" flag stored with the response was accounted for in
      the wrong condition.
      
      
      follow up to r1641077: 
      
      one bug was traded for another in r1641077; track the response
      length and the cached object length separately to avoid such
      confusion
      
      Submitted by: trawick
      Reviewed/backported by: jim
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1645935 13f79535-47bb-0310-9956-ffa450edef68
      610b4763
  9. Dec 14, 2014
  10. Dec 05, 2014
  11. Dec 02, 2014
  12. Nov 29, 2014
  13. Nov 25, 2014
    • Joe Orton's avatar
      Merge r1640036, r1640331 from trunk: · 55ad7eb6
      Joe Orton authored
      mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org)
      Fix a potential crash with response headers' size above 8K.
      
      The code changes to mod_authnz_fcgi keep the handle_headers()
      function in sync between the two modules.  mod_authnz_fcgi
      does not have this issue because it allocated a separate byte
      for terminating '\0'.
      
      Submitted by: ylavic, trawick
      Reviewed by: ylavic, trawick, mrumph
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641551 13f79535-47bb-0310-9956-ffa450edef68
      55ad7eb6
  14. Nov 11, 2014