Skip to content
  1. Jan 12, 2015
  2. Jan 09, 2015
  3. Dec 17, 2014
  4. Dec 16, 2014
    • Jim Jagielski's avatar
      Merge r1641077, r1641095 from trunk: · 610b4763
      Jim Jagielski authored
      mod_ssl: Fix recognition of OCSP stapling responses that are encoded
               improperly or too large.
      
      The one byte "ok" flag stored with the response was accounted for in
      the wrong condition.
      
      
      follow up to r1641077: 
      
      one bug was traded for another in r1641077; track the response
      length and the cached object length separately to avoid such
      confusion
      
      Submitted by: trawick
      Reviewed/backported by: jim
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1645935 13f79535-47bb-0310-9956-ffa450edef68
      610b4763
  5. Dec 14, 2014
  6. Dec 05, 2014
  7. Dec 02, 2014
  8. Nov 29, 2014
  9. Nov 25, 2014
    • Joe Orton's avatar
      Merge r1640036, r1640331 from trunk: · 55ad7eb6
      Joe Orton authored
      mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org)
      Fix a potential crash with response headers' size above 8K.
      
      The code changes to mod_authnz_fcgi keep the handle_headers()
      function in sync between the two modules.  mod_authnz_fcgi
      does not have this issue because it allocated a separate byte
      for terminating '\0'.
      
      Submitted by: ylavic, trawick
      Reviewed by: ylavic, trawick, mrumph
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641551 13f79535-47bb-0310-9956-ffa450edef68
      55ad7eb6
  10. Nov 11, 2014
  11. Nov 01, 2014
  12. Oct 29, 2014
  13. Oct 27, 2014
  14. Oct 18, 2014
  15. Oct 16, 2014
  16. Oct 14, 2014
  17. Oct 11, 2014