diff options
author | Jeff Trawick <trawick@apache.org> | 2013-06-26 16:13:24 +0000 |
---|---|---|
committer | Jeff Trawick <trawick@apache.org> | 2013-06-26 16:13:24 +0000 |
commit | eb608f61c21894fe8796735c578a3c9c2f6de677 (patch) | |
tree | 7df6d844eb63e3d27eeceb219707db3024420d26 | |
parent | b0f63ef04a245161a7c57e716bf1f54d68a1e85a (diff) | |
download | httpd-eb608f61c21894fe8796735c578a3c9c2f6de677.tar.gz |
2v+p
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1496986 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | STATUS | 16 |
1 files changed, 9 insertions, 7 deletions
@@ -118,6 +118,12 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] + * mod_rewrite: (CVE-2013-1862 (cve.mitre.org)) Ensure that client data + written to the RewriteLog is escaped to prevent terminal escape sequences + from entering the log file. [Joe Orton] + http://svn.apache.org/viewvc?view=revision&revision=1482349 + 2.0.x: http://people.apache.org/~covener/patches/2.0.x-rewritelog.diff + +1: wrowe, covener, trawick PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ please place SVN revisions from trunk here, so it is easy to @@ -139,14 +145,10 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: template to a branch which people shouldn't be deploying in the first place. I'm +1 on the -SSLv2 change alone, e.g. http://people.apache.org/~wrowe/2.0-ssl-noV2.patch ] - - * mod_rewrite: (CVE-2013-1862 (cve.mitre.org)) Ensure that client data - written to the RewriteLog is escaped to prevent terminal escape sequences - from entering the log file. [Joe Orton] - http://svn.apache.org/viewvc?view=revision&revision=1482349 - 2.0.x: http://people.apache.org/~covener/patches/2.0.x-rewritelog.diff - +1: wrowe, covener + * Alternate: -SSLv2 change alone + http://people.apache.org/~wrowe/2.0-ssl-noV2.patch + +1: wrowe, trawick PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON: |