Skip to content
  1. Oct 29, 2010
  2. Oct 26, 2010
  3. Oct 24, 2010
  4. Oct 23, 2010
  5. Oct 21, 2010
  6. Oct 20, 2010
  7. Oct 19, 2010
  8. Oct 18, 2010
  9. Oct 17, 2010
  10. Oct 15, 2010
  11. Oct 14, 2010
  12. Oct 12, 2010
  13. Oct 11, 2010
  14. Oct 08, 2010
  15. Oct 07, 2010
    • William A. Rowe Jr's avatar
      SECURITY: CVE-2010-1623 (cve.mitre.org) · 15109e4e
      William A. Rowe Jr authored
      Fix a denial of service attack against mod_reqtimeout.
      [Stefan Fritsch]
      
      mod_req-timeout/core: Backport bugfixes from trunk up to r935339:
          - Do not wrongly enforce timeouts for mod_proxy's backend
            connections and other protocol handlers (like mod_ftp).
          - Enforce the timeout for AP_MODE_GETLINE.
          - If there is a timeout, shorten the lingering close time from 30 to
            2 seconds (involves a change in the core).
      
      Backports: r921378, r921526, r922407, r923418, r923429, r925986, r928881
                 r933341, r933547, r935339, r983116, r984985&view=rev
      Submitted by: sf
      Reviewed by: wrowe, trawick
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1005669 13f79535-47bb-0310-9956-ffa450edef68
      15109e4e