httpd

Checkout Tools
  • last updated 18 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1772677 is being indexed.

promote

votes

2.15 cycle
  1. … 3 more files in changeset.
2.14 release started
    • ?
    /apreq/branches/v2.14/include/apreq_version.h
release branch for 2.14
adding title to last cve
added CVE-2016-8740 description
vote for strict http patch

update after mod_http2 backport
Merge of r771160,1772576 from trunk:

SECURITY: CVE-2016-8740

mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory.

Reported by: Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State University

mod_http2: wseaking cleanup assertion on streams that have never been scheduled

removing unnecessary calls requiring newer nghttp2 versions
additional testing for frame sceanrios using golang's http2 framer
    • ?
    /test/mod_h2/trunk/test/go/in-headers-many.fuzz
    • ?
    /test/mod_h2/trunk/test/go/test_fuzz.sh
    • ?
    /test/mod_h2/trunk/test/go/in-get.fuzz
    • ?
    /test/mod_h2/trunk/test/go/in-footer.fuzz
    • ?
    /test/mod_h2/trunk/test/go/h2fuzz.go
    • ?
    /test/mod_h2/trunk/test/go/in-headers-endless.fuzz
    • ?
    /test/mod_h2/trunk/test/go/in-footer-endless.fuzz
SECURITY: CVE-2016-8740

mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory.

Reported by: Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State University

Changes done by Daniel, reviewed by me, adding the html files and meta file to the repo.
    • ?
    /httpd/trunk/docs/manual/howto/htaccess.xml.es
rebuild
Undocumented query string.

mpm-event's doc rebuild
Added some notes in mpm-event's doc page
Propose + 1 minor comment
Missing CHNAGES for r1772489
Fix some style issue.
The default value of 'inherit' should be AP_LUA_INHERIT_UNSET.

With this value, the behavior is the same as 'parent-first' in the 'LuaInherit' directive

If not explicitelly initialized, its value is 0 because of the 'apr_calloc 'in 'create_dir_config'. 0 means 'AP_LUA_INHERIT_NONE'

PR 60419

Remove some spaces to synch with 2.4
update transformation

update transformation

update transformation

Updated Markdown code to the dev guidelines page - part 3
Updated Markdown code to the dev guidelines page - part 2
Updated Markdown code to the dev guidelines page
Merge r1772418 from trunk:

loop in checking response headers

w/ HTTPProtocolOptions Unsafe