pool/apache2
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 265358 from home:kstreitova:branches:Apache

Browse Source 
- added httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_\
  requests.patch to fix flaw in the way mod_headers handled chunked
  requests. Adds "MergeTrailers" directive to restore legacy
  behavior [bnc#871310], [CVE-2013-5704].

- added httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_\
  Require_line.patch that fixes handling of the Require line when
  a LuaAuthzProvider is  used in multiple Require directives with
  different arguments [bnc#909715], [CVE-2014-8109].

OBS-URL: https://build.opensuse.org/request/show/265358
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=424
This commit is contained in:
Cristian Rodríguez
2014-12-19 01:04:03 +00:00
committed by Git OBS Bridge
parent 07869f95a0
commit ba24c8b5d8
4 changed files with 504 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
apache2.changes
View File

@@ -1,3 +1,19 @@
-------------------------------------------------------------------
Mon Dec 15 17:29:28 UTC 2014 - kstreitova@suse.com
- added httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_\
requests.patch to fix flaw in the way mod_headers handled chunked
requests. Adds "MergeTrailers" directive to restore legacy
behavior [bnc#871310], [CVE-2013-5704].
-------------------------------------------------------------------
Fri Dec 12 15:46:29 UTC 2014 - kstreitova@suse.com
- added httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_\
Require_line.patch that fixes handling of the Require line when
a LuaAuthzProvider is used in multiple Require directives with
different arguments [bnc#909715], [CVE-2014-8109].
-------------------------------------------------------------------
Fri Dec 5 20:10:28 UTC 2014 - pgajdos@suse.com