----- Original Message -----
> On 22.11.2011 16:27, Igor Galić wrote:
> > ----- Original Message -----
> >> On 22.11.2011 12:19, Aleksandar Lazic wrote:
> >> > Dear List members,
> >> >
> >> > Setup:
> >> >
> >> > Apache 2.2.20
> >
> > First off, 2.2.21 fixes CVE-2011-3192 - might want to check that.
>
> Yep, we are on the way :-) to update
>
> >>
> >> http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c
> >>
> >> http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_http.c
> >>
> >> I have not seen a similar line in the mod_proxy_ajp.c
>
> Correct myself.
> Such a line is in
> http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/modules/proxy/ajp_header.c
>
> ###
> ...
> static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
> request_rec *r,
> proxy_dir_conf *dconf)
> {...
> r->status = status;
> ...}
> ...
> ###
>
> > I'm not entirely sure, but I believe to have seen this fixed
> > in 2.4/trunk.
>
> Will a back port for 2.2.x be available?
Doesn't look like anybody has raised that particular issue yet:
http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
I'll propose it for 2.2.x
> Aleks
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.galic@xxxxxxxxxxxxxx
URL: http://brainsware.org/
GPG: 6880 4155 74BD FD7C B515 2EA5 4B1D 9E08 A097 C9AE
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|