diff options
Diffstat (limited to 'main/apache2/CVE-2011-4317.patch')
-rw-r--r-- | main/apache2/CVE-2011-4317.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/main/apache2/CVE-2011-4317.patch b/main/apache2/CVE-2011-4317.patch deleted file mode 100644 index 698b2eb7ab..0000000000 --- a/main/apache2/CVE-2011-4317.patch +++ /dev/null @@ -1,36 +0,0 @@ -Index: modules/proxy/mod_proxy.c -=================================================================== ---- httpd-2.2.21/modules/proxy/mod_proxy.c (revision 1179633) -+++ httpd-2.2.21/modules/proxy/mod_proxy.c (working copy) -@@ -566,6 +566,13 @@ - return OK; - } - -+ /* Check that the URI is valid. */ -+ if (!r->uri || r->uri[0] != '/') { -+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, -+ "Invalid URI in request %s", r->the_request); -+ return HTTP_BAD_REQUEST; -+ } -+ - /* XXX: since r->uri has been manipulated already we're not really - * compliant with RFC1945 at this point. But this probably isn't - * an issue because this is a hybrid proxy/origin server. -Index: modules/mappers/mod_rewrite.c -=================================================================== ---- httpd-2.2.21/modules/mappers/mod_rewrite.c (revision 1179633) -+++ httpd-2.2.21/modules/mappers/mod_rewrite.c (working copy) -@@ -4266,6 +4266,13 @@ - return DECLINED; - } - -+ /* Check that the URI is valid. */ -+ if (!r->uri || r->uri[0] != '/') { -+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, -+ "Invalid URI in request %s", r->the_request); -+ return HTTP_BAD_REQUEST; -+ } -+ - /* - * add the SCRIPT_URL variable to the env. this is a bit complicated - * due to the fact that apache uses subrequests and internal redirects |