/[Apache-SVN]

Revision 1619884

Jump to revision:
Author:	wrowe
Date:	Fri Aug 22 18:18:08 2014 UTC (9 years, 8 months ago)
Changed paths:	12
Log Message:	SECURITY: CVE-2013-5704 (cve.mitre.org) core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior. Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener Backports: r1610814 Reviewed by: covener, wrowe, ylavic

Changed paths

Path	Details
httpd/httpd/branches/2.4.x/CHANGES	modified , text changed
httpd/httpd/branches/2.4.x/docs/manual/mod/core.xml	modified , text changed
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_log_config.xml	modified , text changed
httpd/httpd/branches/2.4.x/include/ap_mmn.h	modified , text changed
httpd/httpd/branches/2.4.x/include/http_core.h	modified , text changed
httpd/httpd/branches/2.4.x/include/httpd.h	modified , text changed
httpd/httpd/branches/2.4.x/modules/http/http_filters.c	modified , text changed
httpd/httpd/branches/2.4.x/modules/http/http_request.c	modified , text changed
httpd/httpd/branches/2.4.x/modules/loggers/mod_log_config.c	modified , text changed
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c	modified , text changed
httpd/httpd/branches/2.4.x/server/core.c	modified , text changed
httpd/httpd/branches/2.4.x/server/protocol.c	modified , text changed

infrastructure at apache.org	ViewVC Help
Powered by ViewVC 1.1.26