SECURITY: CVE-2010-0408 (cve.mitre.org) mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent after request headers indicate a request body is incoming; this is not a case of HTTP_INTERNAL_SERVER_ERROR. Submitted by: Niku Toivola <niku.toivola sulake.com> Reviewed by: rpluem, jim, wrowe Backports: r917875
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c