Commits · d239e98144d468928fbd2d3f519bd9265d162932 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

06 Oct, 2011 1 commit

Joe Orton authored Oct 06, 2011

SECURITY (CVE-2011-3368): Prevent unintended pattern expansion in some
reverse proxy configurations by strictly validating the request-URI:

* server/protocol.c (read_request_line): Send a 400 response if the
  request-URI does not match the grammar from RFC 2616.  This ensures
  the input string for RewriteRule et al really is an absolute path.

Reviewed by: jim, covener, rjung


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179525 13f79535-47bb-0310-9956-ffa450edef68

d239e981

05 Oct, 2011 7 commits

And then there were three ... · 12e5e42f

Rainer Jung authored Oct 05, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179476 13f79535-47bb-0310-9956-ffa450edef68

12e5e42f

vote · 8bef3efd

Eric Covener authored Oct 05, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179378 13f79535-47bb-0310-9956-ffa450edef68

8bef3efd

yeppers · ffaf8b63

Jim Jagielski authored Oct 05, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179377 13f79535-47bb-0310-9956-ffa450edef68

ffaf8b63

Add patch... both backport and showstopper. · b1a9caa4

Jim Jagielski authored Oct 05, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179373 13f79535-47bb-0310-9956-ffa450edef68

b1a9caa4

Merge r1179272, r1179266 from trunk: · 82d0d0ca

Joe Orton authored Oct 05, 2011

* docs/manual: add note here in light of CVE-2011-3368

- add a security warning, and tweak the example, in light of CVE-2011-3368



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179283 13f79535-47bb-0310-9956-ffa450edef68

82d0d0ca

Fix link to Frield's book. (refs https://issues.apache.org/bugzilla/show_bug.cgi?id=51959) · 85198b11
Richard Bowen authored Oct 05, 2011
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179187 13f79535-47bb-0310-9956-ffa450edef68
```
85198b11
Fix link to Friedl's book. (refs https://issues.apache.org/bugzilla/show_bug.cgi?id=51959) · abb77f8e
Richard Bowen authored Oct 05, 2011
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1179182 13f79535-47bb-0310-9956-ffa450edef68
```
abb77f8e

04 Oct, 2011 1 commit

update vote · 0959a533

Kaspar Brand authored Oct 04, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1178693 13f79535-47bb-0310-9956-ffa450edef68

0959a533

01 Oct, 2011 4 commits

Committed in r1178053. · b5d06bde

Rainer Jung authored Oct 01, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1178068 13f79535-47bb-0310-9956-ffa450edef68

b5d06bde

Fix buffer overrun in mod_substitute. · b79fe51a

Rainer Jung authored Oct 01, 2011

No need to fix trunk, the code is no
longer present there.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1178053 13f79535-47bb-0310-9956-ffa450edef68

b79fe51a

vote, promote · d70f4e4d

Stefan Fritsch authored Oct 01, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1178036 13f79535-47bb-0310-9956-ffa450edef68

d70f4e4d

Propose. · a5d0a96e

Rainer Jung authored Oct 01, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177967 13f79535-47bb-0310-9956-ffa450edef68

a5d0a96e

29 Sep, 2011 6 commits

* Vote · ade3dbde

Ruediger Pluem authored Sep 29, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177326 13f79535-47bb-0310-9956-ffa450edef68

ade3dbde

Propose. · 192a6acb

Rainer Jung authored Sep 29, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177286 13f79535-47bb-0310-9956-ffa450edef68

192a6acb

Fix indentation. · 954c839e

Rainer Jung authored Sep 29, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177258 13f79535-47bb-0310-9956-ffa450edef68

954c839e

Add entry for r1177211. · 2833e040

Rainer Jung authored Sep 29, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177257 13f79535-47bb-0310-9956-ffa450edef68

2833e040

Followpup to r1166612: reflect changed · 4a28405d

Rainer Jung authored Sep 29, 2011

"MaxRanges 0" semantics and new MaxRanges
string options in default configuration snippet.

Hope that's CTR because the setting is commented
out by default.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177211 13f79535-47bb-0310-9956-ffa450edef68

4a28405d

Clarify CHNAGES item. · 73c09625

Rainer Jung authored Sep 29, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177181 13f79535-47bb-0310-9956-ffa450edef68

73c09625

28 Sep, 2011 6 commits

Backport r1175980, r1175992: · 5a89a088

Stefan Fritsch authored Sep 28, 2011

    byterange: Range of '0-' returns 206

Submitted by: Jim Jagielski
Reviewed by: jim, rpluem, rjung, sf


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177080 13f79535-47bb-0310-9956-ffa450edef68

5a89a088

vote, promote, comment · aca36fbd

Stefan Fritsch authored Sep 28, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1177079 13f79535-47bb-0310-9956-ffa450edef68

aca36fbd

Vote, correct wrong revision number, improve proposal. · 3fc802a3

Rainer Jung authored Sep 28, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176928 13f79535-47bb-0310-9956-ffa450edef68

3fc802a3

vote/comment · 53589bb4

Kaspar Brand authored Sep 28, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176749 13f79535-47bb-0310-9956-ffa450edef68

53589bb4

* Vote · 3c6940b6

Ruediger Pluem authored Sep 28, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176741 13f79535-47bb-0310-9956-ffa450edef68

3c6940b6

Some NetWare ssl module build tweaks. · 3a27ba77

Guenter Knauf authored Sep 28, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176670 13f79535-47bb-0310-9956-ffa450edef68

3a27ba77

27 Sep, 2011 4 commits

Update patch · d13626a9

Jim Jagielski authored Sep 27, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176406 13f79535-47bb-0310-9956-ffa450edef68

d13626a9

* Add comment and half vote · 23f8f511

Ruediger Pluem authored Sep 27, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176351 13f79535-47bb-0310-9956-ffa450edef68

23f8f511

typo in patch fixed · 3715ecf4

Jim Jagielski authored Sep 27, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176321 13f79535-47bb-0310-9956-ffa450edef68

3715ecf4

* Add comment · ef9b31ef

Ruediger Pluem authored Sep 27, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1176254 13f79535-47bb-0310-9956-ffa450edef68

ef9b31ef

26 Sep, 2011 2 commits

Byterange 0- handling patch · 10c47564

Jim Jagielski authored Sep 26, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1175998 13f79535-47bb-0310-9956-ffa450edef68

10c47564

Update STATUS for SSLProxyMachineCertificateChainFile · 5980d31b

Daniel Ruggeri authored Sep 26, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1175949 13f79535-47bb-0310-9956-ffa450edef68

5980d31b

23 Sep, 2011 1 commit

update docco xforms · a3c012fb

Jim Jagielski authored Sep 23, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1174724 13f79535-47bb-0310-9956-ffa450edef68

a3c012fb

17 Sep, 2011 1 commit

Add trunk patch location for SSLProxyMachineCertificateChainFile · 88204997

Daniel Ruggeri authored Sep 17, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1172012 13f79535-47bb-0310-9956-ffa450edef68

88204997

14 Sep, 2011 3 commits

Moved proposal for AllowOverrideList to stalled section for further thought · e34ec1c1
Daniel Ruggeri authored Sep 14, 2011
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1170837 13f79535-47bb-0310-9956-ffa450edef68
```
e34ec1c1

Update proposal for SSLProxyMachineCertificateChainFile · 4d1e8169

Daniel Ruggeri authored Sep 14, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1170835 13f79535-47bb-0310-9956-ffa450edef68

4d1e8169

Update STATUS · 2bf83964

William A. Rowe Jr authored Sep 14, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1170445 13f79535-47bb-0310-9956-ffa450edef68

2bf83964

13 Sep, 2011 1 commit

Vote · e324a5ad

Gregg Lewis Smith authored Sep 13, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1170387 13f79535-47bb-0310-9956-ffa450edef68

e324a5ad

12 Sep, 2011 1 commit

RM warning text · bcf65385

William A. Rowe Jr authored Sep 12, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1169595 13f79535-47bb-0310-9956-ffa450edef68

bcf65385

11 Sep, 2011 1 commit

Updates. · a0bb4e74

Lucien Gentis authored Sep 11, 2011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1169497 13f79535-47bb-0310-9956-ffa450edef68

a0bb4e74

10 Sep, 2011 1 commit

* Update xforms · 5247da94

Ruediger Pluem authored Sep 10, 2011

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1167601 13f79535-47bb-0310-9956-ffa450edef68

5247da94