Commits · f35b5a6ff39a9de6f74e0519fa1c4e130fa378ca · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Mar 13, 2014

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577234 13f79535-47bb-0310-9956-ffa450edef68

f35b5a6f

xforms · 47b58b8d

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577232 13f79535-47bb-0310-9956-ffa450edef68

47b58b8d

Update · 04d5fb6c

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577231 13f79535-47bb-0310-9956-ffa450edef68

04d5fb6c

squeeze in a contributor · 3288c203

Daniel Gruno authored Mar 13, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577218 13f79535-47bb-0310-9956-ffa450edef68

3288c203

Add leading space :) · fb207202

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577157 13f79535-47bb-0310-9956-ffa450edef68

fb207202

Note PCRE issue · 247430f6

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577146 13f79535-47bb-0310-9956-ffa450edef68

247430f6

mod_lua: Add a fixups hook that checks if the original request is intended · d55aabe6

Daniel Gruno authored Mar 13, 2014

for LuaMapHandler. This fixes a bug where FallbackResource invalidates the
LuaMapHandler directive in certain cases by changing the URI before the map
handler code executes [Daniel Gruno].

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577145 13f79535-47bb-0310-9956-ffa450edef68

d55aabe6

Note changes · 19f6ba49

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577139 13f79535-47bb-0310-9956-ffa450edef68

19f6ba49

Merge r1576741 from trunk: · fa229b9f

Jim Jagielski authored Mar 13, 2014

A bug in some older versions of OpenSSL will cause a crash
in SSL_get_certificate for servers where the certificate hasn't
been sent.

Workaround by setting the ssl structure to client mode which
bypasses the faulty code in OpenSSL. Normally setting a server
ssl structure to client mode would cause problems later on:
but we are freeing the structure immediately without attempting
to use it.

Submitted by: drh
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577137 13f79535-47bb-0310-9956-ffa450edef68

fa229b9f

* Vote · 5a3d718a

Ruediger Pluem authored Mar 13, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577122 13f79535-47bb-0310-9956-ffa450edef68

5a3d718a

* We track the mergeinfo only at the root · 9bb599e2

Ruediger Pluem authored Mar 13, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577120 13f79535-47bb-0310-9956-ffa450edef68

9bb599e2

2.4.8 is not gonna be released · 140557da

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577116 13f79535-47bb-0310-9956-ffa450edef68

140557da

vote · 7f097d87

Jim Jagielski authored Mar 13, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1577115 13f79535-47bb-0310-9956-ffa450edef68

7f097d87

Mar 12, 2014

Rebuild · 9093c54d

Richard Bowen authored Mar 12, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576898 13f79535-47bb-0310-9956-ffa450edef68

9093c54d

Replace FilesMatch with Files where appropriate · 19bed1c5

Richard Bowen authored Mar 12, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576896 13f79535-47bb-0310-9956-ffa450edef68

19bed1c5

Looks correct. Not applicable to 2.2.x, so far as I can tell? · 1b3f19b2
William A. Rowe Jr authored Mar 12, 2014
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576876 13f79535-47bb-0310-9956-ffa450edef68
```
1b3f19b2

Propose fix for ssl crash... · 6007368a

Jim Jagielski authored Mar 12, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576798 13f79535-47bb-0310-9956-ffa450edef68

6007368a

Propose r1576233 to backport. · 9f61e155

Jan Kaluža authored Mar 12, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576725 13f79535-47bb-0310-9956-ffa450edef68

9f61e155

Mar 11, 2014

Fix 2.4.8 release year. · 46f85cd3

Yann Ylavic authored Mar 11, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576504 13f79535-47bb-0310-9956-ffa450edef68

46f85cd3

* Add proposal · eaa59f77

Ruediger Pluem authored Mar 11, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576499 13f79535-47bb-0310-9956-ffa450edef68

eaa59f77

* Vote · f879f6bf

Ruediger Pluem authored Mar 11, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576498 13f79535-47bb-0310-9956-ffa450edef68

f879f6bf

fix spelling error in CVE-2014-0098 entry · 70262b74

Jeff Trawick authored Mar 11, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576466 13f79535-47bb-0310-9956-ffa450edef68

70262b74

Rebuild · 6f29ea0f

Richard Bowen authored Mar 11, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576419 13f79535-47bb-0310-9956-ffa450edef68

6f29ea0f

Ensure that .lua.foo files aren't affected · 10dbd756

Richard Bowen authored Mar 11, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576416 13f79535-47bb-0310-9956-ffa450edef68

10dbd756

And we are 2.4.9-dev · 97d8a536

Jim Jagielski authored Mar 11, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576408 13f79535-47bb-0310-9956-ffa450edef68

97d8a536

Get ready to tag 2.4.8 · 03789a8c

Jim Jagielski authored Mar 11, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576406 13f79535-47bb-0310-9956-ffa450edef68

03789a8c

Log CVE for change · e0a20049

Jim Jagielski authored Mar 11, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576403 13f79535-47bb-0310-9956-ffa450edef68

e0a20049

Mar 10, 2014

Typo in comment (was r1575958) · 88edc424

Christophe Jaillet authored Mar 10, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576050 13f79535-47bb-0310-9956-ffa450edef68

88edc424

xforms · 3f77230d

Jim Jagielski authored Mar 10, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575935 13f79535-47bb-0310-9956-ffa450edef68

3f77230d

Merge r1524192, r1524770, r1527925, r1541270, r1541368 from trunk: · 62a2d0d3

Jim Jagielski authored Mar 10, 2014

Update rationale


draft-ietf-httpbis-p1-messaging-23 fixes regarding interactions
between TE and content-length in the same req/resp.

PR 55616 (add missing APLOGNO), part 1

Wrap at 80 still, here at httpd project

Use a distinguishing APLOGNO for unk t-e with read-until-close behavior
Submitted by: jim, kbrand, wrowe, wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575934 13f79535-47bb-0310-9956-ffa450edef68

62a2d0d3

* Vote and promote · 70cbe4da

Ruediger Pluem authored Mar 10, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575926 13f79535-47bb-0310-9956-ffa450edef68

70cbe4da

Merge r1423933 from trunk: · b1784ae2

Jim Jagielski authored Mar 10, 2014

On NetWare skip these unsupported function prototypes.

Submitted by: fuankg
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575914 13f79535-47bb-0310-9956-ffa450edef68

b1784ae2

promote · 7b709af5

Jim Jagielski authored Mar 10, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575913 13f79535-47bb-0310-9956-ffa450edef68

7b709af5

just in case · 46ed1411

Jim Jagielski authored Mar 10, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575912 13f79535-47bb-0310-9956-ffa450edef68

46ed1411

niche-platform-specific build fix: does it even need a vote? · ae3f0b1c

Jeff Trawick authored Mar 10, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575911 13f79535-47bb-0310-9956-ffa450edef68

ae3f0b1c

Merge r1575400 from trunk: · 83f5a290

Jim Jagielski authored Mar 10, 2014

CVE-2014-0098 (reported by Rainer Canavan <rainer-apache 7val com>)
Segfaults w/ truncated cookie logging.

Clean up the cookie logging parser to recognize only the cookie=value pairs,
not valueless cookies.  This refactors multiple passes over the same string
buffer into a single pass parser.

Submitted by: wrowe
Reviewed by: rpluem, jim 


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575904 13f79535-47bb-0310-9956-ffa450edef68

83f5a290

Vote and promote r1575400. · 67296559

Yann Ylavic authored Mar 10, 2014

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575900 13f79535-47bb-0310-9956-ffa450edef68

67296559

ivote · 1185a087

Jim Jagielski authored Mar 10, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575898 13f79535-47bb-0310-9956-ffa450edef68

1185a087

Added proposal. · e9d727f3

Guenter Knauf authored Mar 10, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575790 13f79535-47bb-0310-9956-ffa450edef68

e9d727f3

Fixed mod_lua NetWare build. · 58f851af

Guenter Knauf authored Mar 10, 2014


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575784 13f79535-47bb-0310-9956-ffa450edef68

58f851af