/[Apache-SVN]

Revision 1610499

Jump to revision:
Author:	jorton
Date:	Mon Jul 14 19:55:04 2014 UTC (9 years, 9 months ago)
Changed paths:	7
Log Message:	Merge 1610491 from trunk: SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this. * include/scoreboard.h: Add ap_copy_scoreboard_worker. * server/scoreboard.c (ap_copy_scoreboard_worker): New function. * modules/generators/mod_status.c (status_handler): Use it. * modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise. Reviewed by: trawick, jorton, covener, jim Submitted by: jorton, covener

Changed paths

Path	Details
httpd/httpd/branches/2.4.x/	modified , props changed
httpd/httpd/branches/2.4.x/CHANGES	modified , text changed
httpd/httpd/branches/2.4.x/include/ap_mmn.h	modified , text changed
httpd/httpd/branches/2.4.x/include/scoreboard.h	modified , text changed
httpd/httpd/branches/2.4.x/modules/generators/mod_status.c	modified , text changed
httpd/httpd/branches/2.4.x/modules/lua/lua_request.c	modified , text changed
httpd/httpd/branches/2.4.x/server/scoreboard.c	modified , text changed

infrastructure at apache.org	ViewVC Help
Powered by ViewVC 1.1.26