mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org)
Fix a potential crash with response headers' size above 8K.
The code changes to mod_authnz_fcgi keep the handle_headers()
function in sync between the two modules. mod_authnz_fcgi
does not have this issue because it allocated a separate byte
for terminating '\0'.
|
httpd/httpd/trunk/CHANGES