diff options
| -rw-r--r-- | 2.2/patches/10_all_CVE-2008-2939.patch | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/2.2/patches/10_all_CVE-2008-2939.patch b/2.2/patches/10_all_CVE-2008-2939.patch new file mode 100644 index 0000000..7bf57c8 --- /dev/null +++ b/2.2/patches/10_all_CVE-2008-2939.patch @@ -0,0 +1,10 @@ +--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c 2008/08/05 19:00:05 682869 ++++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c 2008/08/05 19:01:50 682870 +@@ -383,6 +383,7 @@ + c->bucket_alloc)); + } + if (wildcard != NULL) { ++ wildcard = ap_escape_html(p, wildcard); + APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(wildcard, + strlen(wildcard), p, + c->bucket_alloc)); |