rpms / httpd

Clone
Source Code
GIT

Blame SOURCES/httpd-2.4.6-CVE-2016-5387.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-2.4 c8-sig-artwork c8-stream-2.4 c8s-stream-2.4 c9 c9-beta
  1.   41a6c3a824d380ce78e8399941a46f328d876780
  2.   SOURCES
  3.   httpd-2.4.6-CVE-2016-5387.patch
Blob History Raw
41a6c3
41a6c3 
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5387
41a6c3
41a6c3 
--- httpd-2.4.6/server/util_script.c.cve5387
41a6c3 
+++ httpd-2.4.6/server/util_script.c
41a6c3 
@@ -190,6 +190,10 @@
41a6c3 
             continue;
41a6c3 
         }
41a6c3 
 #endif
41a6c3 
+        else if (!strcasecmp(hdrs[i].key, "Proxy")) {
41a6c3 
+            /* Don't pass through HTTP_PROXY */
41a6c3 
+            continue;
41a6c3 
+        }
41a6c3 
         else
41a6c3 
             add_unless_null(e, http2env(r, hdrs[i].key), hdrs[i].val);
41a6c3 
     }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation