marc 98/01/05 13:14:32
Modified: src Tag: APACHE_1_2_X CHANGES
Log:
Update CHANGES file for the just-committed security fixes.
Revision Changes Path
No revision
No revision
1.286.2.61 +45 -2 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.60
retrieving revision 1.286.2.61
diff -u -r1.286.2.60 -r1.286.2.61
--- CHANGES 1997/12/30 18:59:30 1.286.2.60
+++ CHANGES 1998/01/05 21:14:30 1.286.2.61
@@ -1,7 +1,50 @@
Changes with Apache 1.2.5
- *) no2slash() was O(n^2) in the length of the input. Make it O(n).
- [Dean Gaudet]
+ *) SECURITY: Fix a possible buffer overflow in logresolve. This is
+ only an issue on systems without a MAXDNAME define or where
+ the resolver returns domain names longer than MAXDNAME. [Marc Slemko]
+
+ *) Fix an improper length in an ap_snprintf call in proxy_date_canon().
+ [Marc Slemko]
+
+ *) Fix core dump in the ftp proxy when reading incorrectly formatted
+ directory listings. [Marc Slemko]
+
+ *) SECURITY: Fix possible minor buffer overflow in the proxy cache.
+ [Marc Slemko]
+
+ *) SECURITY: Eliminate possible buffer overflow in cfg_getline, which
+ is used to read various types of files such as htaccess and
+ htpasswd files. [Marc Slemko]
+
+ *) SECURITY: Ensure that the buffer returned by ht_time is always
+ properly null terminated. [Marc Slemko]
+
+ *) SECURITY: General mod_include cleanup, including fixing several
+ possible buffer overflows and a possible infinite loop. This cleanup
+ was done against 1.3 code and then backported to 1.2, the result
+ is a large difference (due to indentation cleanup in 1.3 code).
+ Users interested in seeing a smaller set of relevant differences
+ should consider comparing against src/modules/standard/mod_include.c
+ from the 1.3b3 release. Non-indentation changes to mod_include
+ between 1.2 and 1.3 were minimal. [Dean Gaudet, Marc Slemko]
+
+ *) SECURITY: Numerous changes to mod_imap in a general cleanup
+ including fixing a possible buffer overflow. This cleanup also
+ was done with 1.3 code as a basis, see the the previous note
+ about mod_include. [Dean Gaudet]
+
+ *) SECURITY: If a htaccess file can not be read due to bad
+ permissions, deny access to the directory with a HTTP_FORBIDDEN.
+ The previous behavior was to ignore the htaccess file if it could not
+ be read. This change may make some setups with unreadable
+ htaccess files stop working. PR#817 [Marc Slemko]
+
+ *) SECURITY: no2slash() was O(n^2) in the length of the input.
+ Make it O(n). This inefficiency could be used to mount a denial
+ of service attack against the Apache server. Thanks to
+ Michal Zalewski <[EMAIL PROTECTED]> for reporting
+ this. [Dean Gaudet]
*) mod_include used uninitialized data for some uses of && and ||.
[Brian Slesinsky <[EMAIL PROTECTED]>] PR#1139
