Overview
Request 150193 accepted
- ignore case when checking against SNI server names. [bnc#798733]
httpd-2.2.x-bnc798733-SNI_ignorecase.diff
- better cleanup of busy count after recovering from failure
[bnc#789828] httpd-2.2.x-bnc789828-mod_balancer.diff
- httpd-2.2.x-bnc788121-CVE-2012-4557-mod_proxy_ajp_timeout.diff:
backend timeouts should not affect the entire worker. [bnc#788121]
- httpd-2.2.x-envvars.diff obsoletes httpd-2.0.54-envvars.dif:
Fix for low profile bug CVE-2012-0883 about improper LD_LIBRARY_PATH
handling. [bnc#757710]
- httpd-2.2.x-bnc777260-CVE-2012-2687-mod_negotiation_filename_xss.diff
Escape filename for the case that uploads are allowed with untrusted
user's control over filenames and mod_negotiation enabled on the
same directory. CVE-2012-2687 [bnc#777260]
- httpd-2.2.x-CVE-2011-3368_CVE-2011-4317-bnc722545.diff reworked to
reflect the upstream changes. This will prevent the "Invalid URI in
request OPTIONS *" messages in the error log. [bnc#722545]
Request History
draht created request
- ignore case when checking against SNI server names. [bnc#798733]
httpd-2.2.x-bnc798733-SNI_ignorecase.diff
- better cleanup of busy count after recovering from failure
[bnc#789828] httpd-2.2.x-bnc789828-mod_balancer.diff
- httpd-2.2.x-bnc788121-CVE-2012-4557-mod_proxy_ajp_timeout.diff:
backend timeouts should not affect the entire worker. [bnc#788121]
- httpd-2.2.x-envvars.diff obsoletes httpd-2.0.54-envvars.dif:
Fix for low profile bug CVE-2012-0883 about improper LD_LIBRARY_PATH
handling. [bnc#757710]
- httpd-2.2.x-bnc777260-CVE-2012-2687-mod_negotiation_filename_xss.diff
Escape filename for the case that uploads are allowed with untrusted
user's control over filenames and mod_negotiation enabled on the
same directory. CVE-2012-2687 [bnc#777260]
- httpd-2.2.x-CVE-2011-3368_CVE-2011-4317-bnc722545.diff reworked to
reflect the upstream changes. This will prevent the "Invalid URI in
request OPTIONS *" messages in the error log. [bnc#722545]
krahmer accepted request
ok
